patterndockerMinor
Accessing a AWS docker instance via localhost only?
Viewed 0 times
localhostdockerinstanceviaawsonlyaccessing
Problem
Suppose I have two apps launched via the AWS ECS cluster (using Docker containers).
I want to expose one app to the world via a public IP (and I do it via the AWS load balancer) but the other one I want to be able to access only internally, so that it would not have any public IPs and would only be accessible internally.
Is this possible to do that at all? I suppose it should be easier via docker containers because I could possibly make them communicate to each other by exposing a localhost via
But that would work if I run the two apps on the same EC2 instance.
What if I run them on separate instances but they are using the same load balancer or — separate instances but in the same AWS zone?
What setting would I use in ECS to expose this app only via the localhost?
I want to expose one app to the world via a public IP (and I do it via the AWS load balancer) but the other one I want to be able to access only internally, so that it would not have any public IPs and would only be accessible internally.
Is this possible to do that at all? I suppose it should be easier via docker containers because I could possibly make them communicate to each other by exposing a localhost via
--network="host" in docker runBut that would work if I run the two apps on the same EC2 instance.
What if I run them on separate instances but they are using the same load balancer or — separate instances but in the same AWS zone?
What setting would I use in ECS to expose this app only via the localhost?
Solution
Have you tried using
You can follow this tutorial - https://docs.aws.amazon.com/AmazonECS/latest/userguide/create-public-private-vpc.html
You need a VPC, with at least two subnets, one private and one public. After that the sky is the limit ...
If you need internet access from the private subnet, create a NAT Gateway in the public subnet, and route traffic from the private subnet to 0.0.0.0, via the NAT Gateway - https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario2.html
P.S - I never use network mode
awsvpc mode? https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.htmlYou can follow this tutorial - https://docs.aws.amazon.com/AmazonECS/latest/userguide/create-public-private-vpc.html
You need a VPC, with at least two subnets, one private and one public. After that the sky is the limit ...
If you need internet access from the private subnet, create a NAT Gateway in the public subnet, and route traffic from the private subnet to 0.0.0.0, via the NAT Gateway - https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Scenario2.html
P.S - I never use network mode
host with ECS, you should read more about it here - https://docs.docker.com/network/host/ I didn't find a strong use case for using it, except for testing purposesContext
StackExchange DevOps Q#11973, answer score: 3
Revisions (0)
No revisions yet.