Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save ozbillwang/2d25e3c3d8faf74dd8680bd915280ba0 to your computer and use it in GitHub Desktop.
Save ozbillwang/2d25e3c3d8faf74dd8680bd915280ba0 to your computer and use it in GitHub Desktop.

Unfortunately as of writing this (Oct 18, 2017) there is no built in integration for multiple target groups per AWS ECS service. Here are a few things you can try:

  1. If your application just serves port 80 (HTTP) & port 443 (HTTPS) then you should consider using the application load balancer and terminating SSL at the load balancer. This will allow your application to function using just port 80.

  2. If your application serves different ports that are backed by different components, perhaps speaking different protocols then you should consider splitting the application into multiple ECS services. This has the benefit of allowing the different components to independently scale in addition to allowing each of them to have their own ports.

  3. You can still use the Classic load balancer with ECS. This load balancer functions at the instance level, and can have multiple listener ports per instance, so when a service is put on an instance ECS will register the instance in the classic load balancer, and the classic load balancer will have multiple listeners directing traffic to multiple ports. This has the downside of not supporting dynamic ports though, only static port numbers. This means you will only be able to run a single task per instance, because only one task will be able to bind to the static port.

  4. You can build your own target group functionality for your application's ancillary ports using the CloudWatch Event Stream for your service's task state change events. You can subscribe to the task state change events for your service, and link the subscription to a Lambda function. When the event for a task start happens you can register your tasks ancillary ports in any ancillary target groups, and when the task stop event happens you can deregister these ancillary ports. Obviouslly this is a very complex, and difficult solution to implement however, so I'd only use it as a method of last resort.

  5. You can use Weaveworks, or LinkerD to implement a mesh network that runs alongside ECS. This can allow you to build a "gateway" that sends traffic to your ECS services on multiple ports without using the built in target group functionality.

  6. Recommended by AWS Support to use service discovery (aws config map) which will cost you a little bit to use the service ( I am still working on this solution).

Below are the related discussion I collected:


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment