search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.59k stars 3.89k forks source link

ECS CloudMap - ServiceConnect : after update, ECS doesn't support having both CLoudMap and ServiceConnect #26524

Open ETisREAL opened 1 year ago

ETisREAL commented 1 year ago

Describe the bug

Hi, hope to find you well :)

After one of the recent updates, I am not able anymore to apply this kind of configuration

const qmmRedisService = new ecs.FargateService(this, `${props.STAGE}qmmRedisService`, {
            serviceName: `${props.STAGE}qmmRedisService`,
            cluster: qlashMainCluster,
            desiredCount: 1,
            securityGroups: [qmmRedisServiceSecurityGroup],
            taskDefinition: qmmRedisTaskDefinition,
            enableExecuteCommand: true,
            vpcSubnets: { subnetGroupName: props.qmmRedisSubnetGroupName },
            cloudMapOptions: {
                container: qmmRedisContainer,
                name: `${props.STAGE.toLowerCase()}_qmm_redis`,
                containerPort: 6379
            },
            serviceConnectConfiguration: {
                services: [{ portMappingName: `${props.STAGE.toLowerCase()}_qmm_redis` }]
            }
        })

Expected Behavior

This used to allow me to make use of the service connect monitoring, as well as resolving the DNS in a Peered VPC

Current Behavior

Now I can choose either a cloudmap configuration or a service connect one. With the first I have to sacrifice DNS resolution outside of the cluster, with the second I give up on extra monitoring

Reproduction Steps

NA

Possible Solution

Restoring this old functionality?

Additional Information/Context

No response

CDK CLI Version

2.88

Framework Version

No response

Node.js Version

v18.16

OS

Linux - Ubuntu

Language

Typescript

Language Version

No response

Other information

No response

pahud commented 1 year ago

cloudMapOptions creates CDK-managed cloudmap service which was the default behavior before service connect was introduced.

https://github.com/aws/aws-cdk/blob/4103e79914f578e3dbc7037d51440161d12b4bfd/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts#L1107

I think we should create a check, if serviceConnectConfiguration is provided, cloudMapOptions should be undefined.

ETisREAL commented 1 year ago

@pahud the issue of only having serviceConnect however is that it doesn't create the A record for the container, allowing other services to make use of cloudmap