Support multiple ports

[felix-weizman-deel]

Hello, I love your project, and it's really made my life so much easier :)

I couldn't find a way to expose multiple ports from my web service, something similar to Kubernetes: ports:

• containerPort: 50051
• containerPort: 3000

Thanks!

[efekarakus]

Hi @felix-zg !

Unfortunately, we don't have a way yet to expose more than one port for a container. Can you tell me a little bit more about what's a usecase for opening up multiple ports? So that we make sure to build the right thing.

Are you deploying a "Load Balanced Web Service" where "/pathA" routes to port 50051 and "/pathB" routes to 3000? i.e. each port is associated with a path.

To mitigate the issue in the mean time, I wonder if it's possible to deploy two Load Balanced Web Services one that routes to 3000 and another one to 50051.

[felix-weizman-deel]

Hey @efekarakus, Thank you for your quick response.

I can solve this issue using part routing to designate ports with Nginx for example. I'm trying to operate YataiService, you can read about it here: https://docs.bentoml.org/en/latest/deployment/aws_lambda.html#deploy-and-manage-aws-lambda-deployments-with-remote-yataiservice

[eriklztiqqe]

Hello,

I have a use case with an MQTT gateway container that runs in an ECS cluster today and that has been set up manually. It uses ports 8883 and 1883. We would like to set this up with infrastructure partially set up with copilot (will re-use an existing VPC) and get the image from an existing ECR registry. The pipeline should be set up with copilot as well.

[guyschlider]

Hey, How does one should expose both 80 and 443 from a container running nginx?

[iamhopaul123]

Hello @guyschlider right now we don't support exposing multiple ports either for app container or the sidecars. Could you provide more details about the use case when you are trying to expose both 80 and 443 from nginx?

[guyschlider]

Honestly, I guess the right thing is to expose 80 and take care of HTTPS behind ALB, but is that the case while using copilot?

[iamhopaul123]

When you provide a domain to copilot, we'll provision an ACM cert, assign it to your loadbalancer, and terminate TLS at the load balancer level. That way your service doesn't have to do any TLS termination.

[guyschlider]

I had to do it manually, but good to know that's an option (when DNS is being managed @ Route53)

Great tool!

[h5aaimtron]

@efekarakus @iamhopaul123 I have a use-case where I'm deploying an SFU (Selective Forwarding Unit) for WebRTC communication. I'd like to support websocket connectivity as well as UDP ports for the SFU.

[seiichi1101]

This issue seems to be resolved already.

https://aws.github.io/copilot-cli/docs/developing/taskdef-overrides/

[efekarakus]

Hi @seiichi1101 ! The solution you suggest with https://aws.github.io/copilot-cli/docs/developing/taskdef-overrides/ would work for Backend Services, but for a Load Balanced Web Service if you want the LB to forward requests to more than one more taskdef overrides it won't work I think.

[seiichi1101]

Ahh, I see! Thanks @efekarakus.

[ivan4idps]

hey guys, same here - it would be good to be able to expose ws & http endpoints from the same app, hence a need to expose 2 ports to LB.

[cdunn]

my usecase for multiple ports would be an FTP service (port 21) with PASV ports (30000-30009) along side it

[charles-salmon]

This issue seems to be resolved already.

https://aws.github.io/copilot-cli/docs/developing/taskdef-overrides/

I attempted to use the example in this documentation, and ran into the following error:

ValidationError: Template error: Fn::If requires a list argument with three elements

Observing the CloudFormation output, I noticed an If conditional:

PortMappings: !If [ExposePort, [{ContainerPort: !Ref ContainerPort}], !Ref "AWS::NoValue", {ContainerPort: 43782}]

was being appended to.

I managed to work past this and expose two ports with the following override:

taskdef_overrides:
  - path: "ContainerDefinitions[0].PortMappings"
    value:
      - ContainerPort: !Ref ContainerPort
      - ContainerPort: 43782

[buddhike]

+1 to this feature request. I have a scenario where my container uses two ports to segregate two type of users. e.g. Port A is used by consumers to access a UI and port B is used by producers publishing data for consumers (data is held in-memory in the same container process).

[paragbhingre]

Hello everyone,

The proposal to support multiple ports is out, and we would love to get your feedback 🙏

https://github.com/aws/copilot-cli/issues/4170

[dannyrandall]

Hey all! We recently released support for multiple ports in v1.27.0. Here's our blog post about it: https://aws.github.io/copilot-cli/blogs/release-v127/#enable-multiple-listeners-and-listener-rules-for-load-balancers.

Thank you all for sharing your use cases. Let us know if you have any questions!

[h5aaimtron]

@dannyrandall I know I'm late to respond, but the additional listeners port option should be changed to a range. Especially for deployments using UDP (voice/video/etc apps) that will utilize ranges.

[dannyrandall]

Hey @h5aaimtron! That use case totally makes sense.😊 Are you using Copilot with an NLB and UDP ports currently? I think supporting UDP is another feature request for Copilot to support as well, though I'm curious if you are using some workaround right now?

[h5aaimtron]

@dannyrandall not currently via copilot. I've deployed my SFU manually which is definitely not my preferred approach.

[dannyrandall]

Thanks for the info @h5aaimtron! I opened a new feature request (#4767) for this - feel free to give it a 👍 and add any context over there!