diff --git a/preview-programs/zz_archive/ecs-multipletg-service/README.md b/preview-programs/zz_archive/ecs-multipletg-service/README.md deleted file mode 100644 index d3ad7f2..0000000 --- a/preview-programs/zz_archive/ecs-multipletg-service/README.md +++ /dev/null @@ -1,168 +0,0 @@ -# Multiple target groups for ECS services preview! - -This feature is now generally available learn more here: https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-ecs-services-now-support-multiple-load-balancer-target-groups/ - - - -Hello, - -Thank you for participating in the early access preview for multiple target group support for ECS services. This document is meant to serve as an explanation of the feature and be a guide for getting on-boarded prior to having official documentation. Please send an email to akshram@amazon.com with your AWS account ID(s) and AWS Region(s) to set up to testing of this feature. - -We have heard from customers of two use cases 1) A task running as a part of an ECS service to serve traffic from internal and external facing load balancers 2) A task running as a part of an ECS service that exposes multiple ports for use cases such as an application port and an administrative port. With this preview feature, customers should be able to attach multiple target groups per ECS service, allowing for multiple load balancers or multiple load balanced ports attached to an ECS service. - -Console support will be available when this feature is generally available. During the early access period, there will be API and AWS CloudFormation support. - -Before you get started please note that this feature is in preview and the intention is to ensure it meets your requirements and give us any feedback on your use case. **Please do not run production workloads till we announce the general availability of this feature. Using the instructions and assets in this repository folder is governed as a preview program under the [AWS Service Terms](https://aws.amazon.com/service-terms/).** - -The rest of this document has instructions to run a sample application to test this feature. - -**Supported regions for the preview:** - -- US East (N. Virginia) us-east-1 -- US East (Ohio) us-east-2 -- US West (N. California) us-west-1 -- US West (Oregon) us-west-2 -- Asia Pacific (Mumbai) ap-south-1 -- Asia Pacific (Singapore) ap-southeast-1 -- Asia Pacific (Sydney) ap-southeast-2 -- Asia Pacific (Tokyo) ap-northeast-1 -- Asia Pacific (Seoul) ap-northeast-2 -- EU (Frankfurt) eu-central-1 -- EU (Ireland) eu-west-1 -- EU (London) eu-west-2 -- EU (Paris) eu-west-3 - -# Setup Instructions - -For customers who are well versed with the ECS API, the following snippet shows an ECS service definition with two load balancer configurations as an example for you to get started. - - "cluster": "multiple-tg-service-cluster", - "serviceName": "multiple-tg-service", - "taskDefinition": "multiple-tg-task-definition", - "desiredCount": 1, - "loadBalancers": [ - { - "targetGroupArn": "", - "containerName": "simple-app", - "containerPort": - }, - { - "targetGroupArn": "", - "containerName": "admin-app", - "containerPort": - } - ] - -A detailed step by step demo application follows. We introduce CloudFormation stacks with two use cases across Fargate and EC2 launch types: - -### Use Case 1 : An ECS/Fargate Service that serves traffic from internal and external Application Load Balancer (ALB) . The CloudFormation stack creates an ECS task definition with one NGNIX container exposing a single port 80. Then it creates an ECS service with one external ALB and one internal ALB attached to the service. Finally, the example hits the two different ALB DNS to validate the setup. - -**Create Cloud formation stack to create multiple target groups Fargate launch type service** - -If you use the console to create CFN stack, go to CloudFormation: - -- Go to the CloudFormation console -- Click 'Create stack' -- Choose the file cloud_formation_template_fargate.json from this repository folder -- Enter stack name. -- Select VPC, and subnet (Please only select public subnets and a minimum of 2 is required) -- Click 'Next' and create the CFN stack -- Wait until the cloud formation stack is successfully created - -- If your cloud formation takes more than 10 minutes to complete, you need to check your VPC settings. Ensure only use public subnets and it can access ECS endpoint. - -If you know your VPC and subnet, below is the CLI command to create the stack - - aws cloudformation --region us-west-2 create-stack \ - --stack-name mtg-bugbash \ - --template-url https://aws-ecs-multiple-target-groups.s3-us-west-2.amazonaws.com/cloud_formation_template_fargate.json \ - --parameters ParameterKey=KeyName,ParameterValue= ParameterKey=VpcId,ParameterValue= ParameterKey=SubnetId,ParameterValue=\",,\" - -**Grab stack output (Go to “Outputs” of the CloudFormation Stack)** - -- External ELB DNS -- Internal ELB DNS - -**Verifying** - -**1. Verify ECS service start task and become steady state from ECS console.** - -**2. Check you can access the target behind a load balancer** - -- `http:// - Should be accessible from the browser` -- `http:// - Should be accessible from only from within the VPC. You can check this by curling the URL through an EC2 instance in your VPC` - -**3. Check the target are registered in both target groups** - -**4. Scale down the service and verify that targets are correctly deregistered from the target groups.** - - aws ecs --region - update-service --service --cluster --desired-count 0 - -**5. Delete the CloudFormation stack to cleanup** - -### Use Case 2 : An ECS/EC2 service that exposes multiple ports eg. application and admin ports. The CloudFormation stack creates an ECS task definition with two NGNIX containers both exposing the port 80 as an example. Then it creates an ECS service with two ALB targets attached to the service. Finally, the example hits the two different ALB DNS to validate the setup. - -**Create Cloud formation stack **to create multiple target groups EC2 launch type service**** - -If you use console to create CFN stack, go to CloudFormation: - -- Go to the CloudFormation console -- Click 'Create stack' -- Choose the file cloud_formation_template_ec2.json from this repository folder -- Enter stack name. -- Select Key pair name -- Select VPC, and subnet (Please only select public subnets and a minimum of 2 is required) -- Click 'Next' and create the CFN stack -- Wait until the cloud formation stack is successfully created - -- If your cloud formation takes more than 10 minutes to complete, you need to check your VPC settings. Ensure only use public subnets and it can access ECS endpoint. - - -If you know your VPC and subnet, key name, below is the CLI command to create the stack - - - aws cloudformation --region us-west-2 create-stack \ - --stack-name mtg-bugbash \ - --template-url https://aws-ecs-multiple-target-groups.s3-us-west-2.amazonaws.com/cloud_formation_template_ec2.json \ - --parameters ParameterKey=KeyName,ParameterValue= ParameterKey=VpcId,ParameterValue= ParameterKey=SubnetId,ParameterValue=\",,\" \ - --capabilities CAPABILITY_IAM - - - -**Grab stack output (Go to “Outputs” of the CloudFormation Stack)** - -- ELB 1 DNS -- ELB 2 DNS - -**Verifying** - -**1. Verify ECS service start task and become steady state from ECS console.** - -**2. Check you can access the both customer application and admin application. You can get the DNSs from from the CloudFormation Outputs.** - -- `http:// - Should be accessible from your browser and be served by the first container ` -- `http:// - Should also be accessible from your browser and be served by the second container ` - - -**3. Check the target are registered in both target groups** - -**4. Scale down the service and verify that targets are correctly deregistered from the target groups.** - - aws ecs --region - update-service --service --cluster --desired-count 0 - -**5. Delete the CloudFormation stack to cleanup** - - -# FAQ - -**I am getting an error of “load balancers can have at most 1 items” when I deploy the CloudFormation stack. Why?** -This can happen if either your account is not set up by reaching out to akshram@amazon.com or your are testing in a region that the preview is currently not supported. - -**How can I leave Feedback for the AWS Container Services team?** -We would love to hear your feedback. Please add a comment on the Github [feature page](https://github.com/aws/containers-roadmap/issues/104) with a detailed description of the issue/feedback being faced. - -**Will this work on Fargate?** -Yes. This feature should work with ECS Services created on both the EC2 and Fargate launch type. - diff --git a/preview-programs/zz_archive/ecs-multipletg-service/cloud_formation_template_ec2.json b/preview-programs/zz_archive/ecs-multipletg-service/cloud_formation_template_ec2.json deleted file mode 100644 index 1525a8f..0000000 --- a/preview-programs/zz_archive/ecs-multipletg-service/cloud_formation_template_ec2.json +++ /dev/null @@ -1,569 +0,0 @@ -{ - "AWSTemplateFormatVersion":"2010-09-09", - "Parameters":{ - "KeyName":{ - "Type":"AWS::EC2::KeyPair::KeyName", - "Description":"Name of an existing EC2 KeyPair to enable SSH access to the ECS instances." - }, - "VpcId":{ - "Type":"AWS::EC2::VPC::Id", - "Description":"Select a VPC that allows instances to access the Internet." - }, - "SubnetId":{ - "Type":"List", - "Description":"Select at two subnets in your selected VPC." - }, - "DesiredCapacity":{ - "Type":"Number", - "Default":"1", - "Description":"Number of instances to launch in your ECS cluster." - }, - "MaxSize":{ - "Type":"Number", - "Default":"1", - "Description":"Maximum number of instances that can be launched in your ECS cluster." - }, - "InstanceType":{ - "Description":"EC2 instance type", - "Type":"String", - "Default":"t2.large", - "AllowedValues":[ - "t2.medium", - "t2.large", - "m3.medium", - "m3.large", - "m3.xlarge", - "m3.2xlarge", - "m4.large", - "m4.xlarge", - "m4.2xlarge" - ], - "ConstraintDescription":"Please choose a valid instance type." - }, - "ECSAMI": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id" - } - }, - "Resources":{ - "ECSCluster":{ - "Type":"AWS::ECS::Cluster" - }, - "EcsSecurityGroup":{ - "Type":"AWS::EC2::SecurityGroup", - "Properties":{ - "GroupDescription":"ECS Security Group", - "VpcId":{ - "Ref":"VpcId" - } - } - }, - "EcsSecurityGroupHTTPinbound":{ - "Type":"AWS::EC2::SecurityGroupIngress", - "Properties":{ - "GroupId":{ - "Ref":"EcsSecurityGroup" - }, - "IpProtocol":"tcp", - "FromPort":"80", - "ToPort":"80", - "CidrIp":"0.0.0.0/0" - } - }, - "EcsSecurityGroupSSHinbound":{ - "Type":"AWS::EC2::SecurityGroupIngress", - "Properties":{ - "GroupId":{ - "Ref":"EcsSecurityGroup" - }, - "IpProtocol":"tcp", - "FromPort":"22", - "ToPort":"22", - "CidrIp":"0.0.0.0/0" - } - }, - "EcsSecurityGroupALBports":{ - "Type":"AWS::EC2::SecurityGroupIngress", - "Properties":{ - "GroupId":{ - "Ref":"EcsSecurityGroup" - }, - "IpProtocol":"tcp", - "FromPort":"31000", - "ToPort":"61000", - "SourceSecurityGroupId":{ - "Ref":"EcsSecurityGroup" - } - } - }, - "taskdefinition":{ - "Type":"AWS::ECS::TaskDefinition", - "Properties":{ - "Family":{ - "Fn::Join":[ - "", - [ - { - "Ref":"AWS::StackName" - }, - "-ecs-mtg-app" - ] - ] - }, - "ContainerDefinitions":[ - { - "Name":"simple-app", - "Cpu":"10", - "Essential":"true", - "Image":"httpd:2.4", - "Memory":"300", - "MountPoints":[ - { - "ContainerPath":"/usr/local/apache2/htdocs", - "SourceVolume":"my-vol" - } - ], - "PortMappings":[ - { - "ContainerPort":80 - } - ] - }, - { - "Name":"admin-app", - "Cpu":"10", - "Essential":"true", - "Image":"nginx:latest", - "Memory":"300", - "MountPoints":[ - { - "ContainerPath":"/usr/share/nginx/html", - "SourceVolume":"nginx-vol" - } - ], - "PortMappings":[ - { - "ContainerPort":80 - } - ] - }, - { - "Name":"busybox", - "Cpu":10, - "Command":[ - "/bin/sh -c \"while true; do echo ' Amazon ECS Sample App

Amazon ECS Sample App

Congratulations!

Your application is now running on a container in Amazon ECS.

' > top; /bin/date > date ; echo '
' > bottom; cat top date bottom > /usr/local/apache2/htdocs/index.html ;echo 'Amazon ECS Sample App Admin

Amin App for AWS ECS Sample App

Site updated at ' > admin; echo '

' > admin_bottom; cat admin date admin_bottom > /usr/share/nginx/html/index.html; sleep 1; done\"" - ], - "EntryPoint":[ - "sh", - "-c" - ], - "Essential":false, - "Image":"busybox", - "Memory":200, - "VolumesFrom":[ - { - "SourceContainer":"simple-app" - }, - { - "SourceContainer":"admin-app" - } - ] - } - ], - "Volumes":[ - { - "Name":"my-vol" - }, - { - "Name":"nginx-vol" - } - ] - } - }, - "ECSALB":{ - "Type":"AWS::ElasticLoadBalancingV2::LoadBalancer", - "Properties":{ - "Scheme":"internet-facing", - "LoadBalancerAttributes":[ - { - "Key":"idle_timeout.timeout_seconds", - "Value":"30" - } - ], - "Subnets":{ - "Ref":"SubnetId" - }, - "SecurityGroups":[ - { - "Ref":"EcsSecurityGroup" - } - ] - } - }, - "ECSALBAdmin":{ - "Type":"AWS::ElasticLoadBalancingV2::LoadBalancer", - "Properties":{ - "Scheme":"internet-facing", - "LoadBalancerAttributes":[ - { - "Key":"idle_timeout.timeout_seconds", - "Value":"30" - } - ], - "Subnets":{ - "Ref":"SubnetId" - }, - "SecurityGroups":[ - { - "Ref":"EcsSecurityGroup" - } - ] - } - }, - "ALBListener":{ - "Type":"AWS::ElasticLoadBalancingV2::Listener", - "Properties":{ - "DefaultActions":[ - { - "Type":"forward", - "TargetGroupArn":{ - "Ref":"ECSTG" - } - } - ], - "LoadBalancerArn":{ - "Ref":"ECSALB" - }, - "Port":"80", - "Protocol":"HTTP" - } - }, - "ALBListenerAdmin":{ - "Type":"AWS::ElasticLoadBalancingV2::Listener", - "Properties":{ - "DefaultActions":[ - { - "Type":"forward", - "TargetGroupArn":{ - "Ref":"ECSTGAdmin" - } - } - ], - "LoadBalancerArn":{ - "Ref":"ECSALBAdmin" - }, - "Port":"80", - "Protocol":"HTTP" - } - }, - "ECSALBListenerRule":{ - "Type":"AWS::ElasticLoadBalancingV2::ListenerRule", - "DependsOn":"ALBListener", - "Properties":{ - "Actions":[ - { - "Type":"forward", - "TargetGroupArn":{ - "Ref":"ECSTG" - } - } - ], - "Conditions":[ - { - "Field":"path-pattern", - "Values":[ - "/" - ] - } - ], - "ListenerArn":{ - "Ref":"ALBListener" - }, - "Priority":1 - } - }, - "ECSALBListenerRuleAdmin":{ - "Type":"AWS::ElasticLoadBalancingV2::ListenerRule", - "DependsOn":"ALBListenerAdmin", - "Properties":{ - "Actions":[ - { - "Type":"forward", - "TargetGroupArn":{ - "Ref":"ECSTGAdmin" - } - } - ], - "Conditions":[ - { - "Field":"path-pattern", - "Values":[ - "/" - ] - } - ], - "ListenerArn":{ - "Ref":"ALBListenerAdmin" - }, - "Priority":1 - } - }, - "ECSTG":{ - "Type":"AWS::ElasticLoadBalancingV2::TargetGroup", - "DependsOn":"ECSALB", - "Properties":{ - "HealthCheckIntervalSeconds":10, - "HealthCheckPath":"/", - "HealthCheckProtocol":"HTTP", - "HealthCheckTimeoutSeconds":5, - "HealthyThresholdCount":2, - "Port":80, - "Protocol":"HTTP", - "UnhealthyThresholdCount":2, - "VpcId":{ - "Ref":"VpcId" - } - } - }, - "ECSTGAdmin":{ - "Type":"AWS::ElasticLoadBalancingV2::TargetGroup", - "DependsOn":"ECSALBAdmin", - "Properties":{ - "HealthCheckIntervalSeconds":10, - "HealthCheckPath":"/", - "HealthCheckProtocol":"HTTP", - "HealthCheckTimeoutSeconds":5, - "HealthyThresholdCount":2, - "Port":80, - "Protocol":"HTTP", - "UnhealthyThresholdCount":2, - "VpcId":{ - "Ref":"VpcId" - } - } - }, - "ECSAutoScalingGroup":{ - "Type":"AWS::AutoScaling::AutoScalingGroup", - "Properties":{ - "VPCZoneIdentifier":{ - "Ref":"SubnetId" - }, - "LaunchConfigurationName":{ - "Ref":"ContainerInstances" - }, - "MinSize":"1", - "MaxSize":{ - "Ref":"MaxSize" - }, - "DesiredCapacity":{ - "Ref":"DesiredCapacity" - } - }, - "CreationPolicy":{ - "ResourceSignal":{ - "Timeout":"PT15M" - } - }, - "UpdatePolicy":{ - "AutoScalingReplacingUpdate":{ - "WillReplace":"true" - } - } - }, - "ContainerInstances":{ - "Type":"AWS::AutoScaling::LaunchConfiguration", - "Properties":{ - "ImageId": { - "Ref": "ECSAMI" - }, - "SecurityGroups":[ - { - "Ref":"EcsSecurityGroup" - } - ], - "InstanceType":{ - "Ref":"InstanceType" - }, - "IamInstanceProfile":{ - "Ref":"EC2InstanceProfile" - }, - "KeyName":{ - "Ref":"KeyName" - }, - "UserData":{ - "Fn::Base64":{ - "Fn::Join":[ - "", - [ - "#!/bin/bash -xe\n", - "echo ECS_CLUSTER=", - { - "Ref":"ECSCluster" - }, - " >> /etc/ecs/ecs.config\n", - "yum install -y aws-cfn-bootstrap\n", - "/opt/aws/bin/cfn-signal -e $? ", - " --stack ", - { - "Ref":"AWS::StackName" - }, - " --resource ECSAutoScalingGroup ", - " --region ", - { - "Ref":"AWS::Region" - }, - "\n" - ] - ] - } - } - } - }, - "service":{ - "Type":"AWS::ECS::Service", - "DependsOn":"ALBListener", - "Properties":{ - "Cluster":{ - "Ref":"ECSCluster" - }, - "DesiredCount":"1", - "LoadBalancers":[ - { - "ContainerName":"simple-app", - "ContainerPort":"80", - "TargetGroupArn":{ - "Ref":"ECSTG" - } - }, - { - "ContainerName":"admin-app", - "ContainerPort":"80", - "TargetGroupArn":{ - "Ref":"ECSTGAdmin" - } - } - ], - "TaskDefinition":{ - "Ref":"taskdefinition" - } - } - }, - "EC2Role":{ - "Type":"AWS::IAM::Role", - "Properties":{ - "AssumeRolePolicyDocument":{ - "Statement":[ - { - "Effect":"Allow", - "Principal":{ - "Service":[ - "ec2.amazonaws.com" - ] - }, - "Action":[ - "sts:AssumeRole" - ] - } - ] - }, - "Path":"/", - "Policies":[ - { - "PolicyName":"ecs-service", - "PolicyDocument":{ - "Statement":[ - { - "Effect":"Allow", - "Action":[ - "ecs:CreateCluster", - "ecs:DeregisterContainerInstance", - "ecs:DiscoverPollEndpoint", - "ecs:Poll", - "ecs:RegisterContainerInstance", - "ecs:StartTelemetrySession", - "ecs:Submit*", - "logs:CreateLogStream", - "logs:PutLogEvents" - ], - "Resource":"*" - } - ] - } - } - ] - } - }, - "EC2InstanceProfile":{ - "Type":"AWS::IAM::InstanceProfile", - "Properties":{ - "Path":"/", - "Roles":[ - { - "Ref":"EC2Role" - } - ] - } - } - }, - "Outputs":{ - "ecscluster":{ - "Value":{ - "Ref":"ECSCluster" - } - }, - "taskdef":{ - "Value":{ - "Ref":"taskdefinition" - } - }, - "ecsservice":{ - "Value":{ - "Ref":"service" - } - }, - "ECSALB":{ - "Description":"Your ALB DNS URL", - "Value":{ - "Fn::Join":[ - "", - [ - { - "Fn::GetAtt":[ - "ECSALB", - "DNSName" - ] - } - ] - ] - } - }, - "ECSALBAdmin":{ - "Description":"Your Admin ALB DNS URL", - "Value":{ - "Fn::Join":[ - "", - [ - { - "Fn::GetAtt":[ - "ECSALBAdmin", - "DNSName" - ] - } - ] - ] - } - }, - "ECSTargetGroup1":{ - "Description":"Use app target group", - "Value":{ - "Ref": "ECSTG" - } - }, - "ECSTargetGroup2":{ - "Description":"Admin app target group", - "Value":{ - "Ref": "ECSTGAdmin" - } - } - } -} diff --git a/preview-programs/zz_archive/ecs-multipletg-service/cloud_formation_template_fargate.json b/preview-programs/zz_archive/ecs-multipletg-service/cloud_formation_template_fargate.json deleted file mode 100644 index 8f38a3e..0000000 --- a/preview-programs/zz_archive/ecs-multipletg-service/cloud_formation_template_fargate.json +++ /dev/null @@ -1,384 +0,0 @@ -{ - "AWSTemplateFormatVersion":"2010-09-09", - "Description": "Demo of multiple target groups per ECS service. Note: 1.Must enable Auto-assign public IPv4 address for public subnets provided for it; 2. If error says elb load balancer at most 1 item, ensure account whitelisted.", - "Parameters":{ - "VpcId":{ - "Type":"AWS::EC2::VPC::Id", - "Description":"Select a VPC that allows instances to access the Internet." - }, - "SubnetId":{ - "Type":"List", - "Description":"Select at two subnets in your selected VPC." - } - }, - "Resources":{ - "ECSCluster":{ - "Type":"AWS::ECS::Cluster" - }, - "EcsSecurityGroup":{ - "Type":"AWS::EC2::SecurityGroup", - "Properties":{ - "GroupDescription":"ECS Security Group", - "VpcId":{ - "Ref":"VpcId" - } - } - }, - "EcsSecurityGroupHTTPinbound":{ - "Type":"AWS::EC2::SecurityGroupIngress", - "Properties":{ - "GroupId":{ - "Ref":"EcsSecurityGroup" - }, - "IpProtocol":"tcp", - "FromPort":"80", - "ToPort":"80", - "CidrIp":"0.0.0.0/0" - } - }, - "EcsSecurityGroupALBports":{ - "Type":"AWS::EC2::SecurityGroupIngress", - "Properties":{ - "GroupId":{ - "Ref":"EcsSecurityGroup" - }, - "IpProtocol":"tcp", - "FromPort":"31000", - "ToPort":"61000", - "SourceSecurityGroupId":{ - "Ref":"EcsSecurityGroup" - } - } - }, - "taskdefinition":{ - "Type":"AWS::ECS::TaskDefinition", - "Properties":{ - "Family":{ - "Fn::Join":[ - "", - [ - { - "Ref":"AWS::StackName" - }, - "-ecs-mtg-fargate" - ] - ] - }, - "Cpu": 256, - "Memory": 512, - "NetworkMode": "awsvpc", - "RequiresCompatibilities": [ - "FARGATE" - ], - "ContainerDefinitions":[ - { - "Name":"simple-app", - "Essential":"true", - "Image":"httpd:2.4", - "MountPoints":[ - { - "ContainerPath":"/usr/local/apache2/htdocs", - "SourceVolume":"my-vol" - } - ], - "PortMappings":[ - { - "ContainerPort":80 - } - ] - }, - { - "Name":"busybox", - "Command":[ - "/bin/sh -c \"while true; do echo ' Amazon ECS Sample App

Amazon ECS Sample App

Congratulations!

Your application is now running on a container in Amazon ECS.

' > top; /bin/date > date ; echo '
' > bottom; cat top date bottom > /usr/local/apache2/htdocs/index.html; sleep 1; done\"" - ], - "EntryPoint":[ - "sh", - "-c" - ], - "Essential":false, - "Image":"busybox", - "VolumesFrom":[ - { - "SourceContainer":"simple-app" - } - ] - } - ], - "Volumes":[ - { - "Name":"my-vol" - } - ] - } - }, - "ECSALBExternal":{ - "Type":"AWS::ElasticLoadBalancingV2::LoadBalancer", - "Properties":{ - "Scheme":"internet-facing", - "LoadBalancerAttributes":[ - { - "Key":"idle_timeout.timeout_seconds", - "Value":"30" - } - ], - "Subnets":{ - "Ref":"SubnetId" - }, - "SecurityGroups":[ - { - "Ref":"EcsSecurityGroup" - } - ] - } - }, - "ECSALBInternal":{ - "Type":"AWS::ElasticLoadBalancingV2::LoadBalancer", - "Properties":{ - "Scheme": "internal", - "LoadBalancerAttributes":[ - { - "Key":"idle_timeout.timeout_seconds", - "Value":"30" - } - ], - "Subnets":{ - "Ref":"SubnetId" - }, - "SecurityGroups":[ - { - "Ref":"EcsSecurityGroup" - } - ] - } - }, - "ALBListenerExternal":{ - "Type":"AWS::ElasticLoadBalancingV2::Listener", - "Properties":{ - "DefaultActions":[ - { - "Type":"forward", - "TargetGroupArn":{ - "Ref":"ECSTGExternal" - } - } - ], - "LoadBalancerArn":{ - "Ref":"ECSALBExternal" - }, - "Port":"80", - "Protocol":"HTTP" - } - }, - "ALBListenerInternal":{ - "Type":"AWS::ElasticLoadBalancingV2::Listener", - "Properties":{ - "DefaultActions":[ - { - "Type":"forward", - "TargetGroupArn":{ - "Ref":"ECSTGInternal" - } - } - ], - "LoadBalancerArn":{ - "Ref":"ECSALBInternal" - }, - "Port":"80", - "Protocol":"HTTP" - } - }, - "ECSALBListenerRuleExternal":{ - "Type":"AWS::ElasticLoadBalancingV2::ListenerRule", - "DependsOn":"ALBListenerExternal", - "Properties":{ - "Actions":[ - { - "Type":"forward", - "TargetGroupArn":{ - "Ref":"ECSTGExternal" - } - } - ], - "Conditions":[ - { - "Field":"path-pattern", - "Values":[ - "/" - ] - } - ], - "ListenerArn":{ - "Ref":"ALBListenerExternal" - }, - "Priority":1 - } - }, - "ECSALBListenerRuleInternal":{ - "Type":"AWS::ElasticLoadBalancingV2::ListenerRule", - "DependsOn":"ALBListenerInternal", - "Properties":{ - "Actions":[ - { - "Type":"forward", - "TargetGroupArn":{ - "Ref":"ECSTGInternal" - } - } - ], - "Conditions":[ - { - "Field":"path-pattern", - "Values":[ - "/" - ] - } - ], - "ListenerArn":{ - "Ref":"ALBListenerInternal" - }, - "Priority":1 - } - }, - "ECSTGExternal":{ - "Type":"AWS::ElasticLoadBalancingV2::TargetGroup", - "DependsOn":"ECSALBExternal", - "Properties":{ - "TargetType": "ip", - "HealthCheckIntervalSeconds":10, - "HealthCheckPath":"/", - "HealthCheckProtocol":"HTTP", - "HealthCheckTimeoutSeconds":5, - "HealthyThresholdCount":2, - "Port":80, - "Protocol":"HTTP", - "UnhealthyThresholdCount":2, - "VpcId":{ - "Ref":"VpcId" - } - } - }, - "ECSTGInternal":{ - "Type":"AWS::ElasticLoadBalancingV2::TargetGroup", - "DependsOn":"ECSALBInternal", - "Properties":{ - "TargetType": "ip", - "HealthCheckIntervalSeconds":10, - "HealthCheckPath":"/", - "HealthCheckProtocol":"HTTP", - "HealthCheckTimeoutSeconds":5, - "HealthyThresholdCount":2, - "Port":80, - "Protocol":"HTTP", - "UnhealthyThresholdCount":2, - "VpcId":{ - "Ref":"VpcId" - } - } - }, - "service":{ - "Type":"AWS::ECS::Service", - "DependsOn":"ALBListenerInternal", - "Properties":{ - "Cluster":{ - "Ref":"ECSCluster" - }, - "DesiredCount":"1", - "LaunchType": "FARGATE", - "NetworkConfiguration": { - "AwsvpcConfiguration": { - "AssignPublicIp": "ENABLED", - "SecurityGroups": [ - { - "Ref": "EcsSecurityGroup" - } - ], - "Subnets":{ - "Ref":"SubnetId" - } - } - }, - "LoadBalancers":[ - { - "ContainerName":"simple-app", - "ContainerPort":"80", - "TargetGroupArn":{ - "Ref":"ECSTGInternal" - } - }, - { - "ContainerName":"simple-app", - "ContainerPort":"80", - "TargetGroupArn":{ - "Ref":"ECSTGExternal" - } - } - ], - "TaskDefinition":{ - "Ref":"taskdefinition" - } - } - } - }, - "Outputs":{ - "ecscluster":{ - "Value":{ - "Ref":"ECSCluster" - } - }, - "taskdef":{ - "Value":{ - "Ref":"taskdefinition" - } - }, - "ecsservice":{ - "Value":{ - "Ref":"service" - } - }, - "ECSALBExternal":{ - "Description":"Your external ALB DNS URL", - "Value":{ - "Fn::Join":[ - "", - [ - { - "Fn::GetAtt":[ - "ECSALBExternal", - "DNSName" - ] - } - ] - ] - } - }, - "ECSALBInternal":{ - "Description":"Your internal ALB DNS URL", - "Value":{ - "Fn::Join":[ - "", - [ - { - "Fn::GetAtt":[ - "ECSALBInternal", - "DNSName" - ] - } - ] - ] - } - }, - "ECSTargetGroup1":{ - "Description":"Internal target group", - "Value":{ - "Ref": "ECSTGExternal" - } - }, - "ECSTargetGroup2":{ - "Description":"External target group", - "Value":{ - "Ref": "ECSTGInternal" - } - } - } -}