how to add an ALB

[blair-anson]

How can I add an ALB for a long running ECS task?

[eddmann]

Hey, just wondering what your use-case for this is? Is it a web request delivery? i.e. to host Nginx or something?

[blair-anson]

Yeah it's is for a flask based web app. Typically in ECS a web app is added to a Target Group and an ALB is configure to route requests to that Target Group

[eddmann]

Sorry for the delayed reply, I'm unsure if we currently want to expand the scope of this plugin to handle ALB integration, this can be achieved using custom CloudFormation resources within the Serverless Resources section.

At this time this plugin is only targeting the usec=ase that you wish to run long running background processes along side your Lambda workloads. In the case of the web-app you mentioned this possibly be achieved instead by using the Lambda enviornment?

[QAnders]

Closed and fairly old, but if anyone else find their way here and need the solution...

Create a new Target Group in AWS Console and set the Type to IP Address, set your VPC details, protocol and port (this shall match your container, so e.g. HTTP:8080) and then click Next. In the next step you shall not create any target mapping, just leave everything empty and hit "create".

Next create a new ALB and set it to the same VPC (and same VPC you've set for your ECS service/task) and set the Target group as the Default Action. Choose HTTPS and your certificate here if you want to expose the service using HTTPS.

Once you have the ALB and the Target Group, copy your ARN for the Target Group.

Now it's time to edit the Serverless.yml and I assume you have set up everything according the the ReadMe here in the repo...

Stuff in brackets [...] is stuff you need to change ( ... indicates stuff you should get from the ReadMe):

fargate:
  ...
  ...
  ...
  tasks:
    [task/container-name]:
      name: [task/container-name]
      image: [image name]
      executionRoleArn: [arn:aws:iam::...../role]
      vpc:
        securityGroupIds:
          - [Your security group]
        subnetIds:
        - [Your subnets] # The subnets here must be in the same VPC you set for the ALB!
        - [Your subnets]
        assignPublicIp: true
      service:
        ...
        ...
        ...
      cloudFormationResource:
        container:
          PortMappings:
            - ContainerPort: 8080 # Exposed container port (from DockerFile)
        service:
          LoadBalancers:
            - ContainerName: [your container name, as defined under tasks:]
              ContainerPort: '8080' # This must be a String for some reason and should match your container port
              TargetGroupArn: arn:aws:elasticloadbalancing:eu-west-1:[your AWS account]:targetgroup/[target group name]/[unique target group identifer]