ApplicationLoadBalancedFargateService with listener on one port and health check on another fails health check

Question

Hi, I have an ApplicationLoadBalancedFargateService that exposes a service on one port, but the health check runs on another.  Unfortunately, the target fails health check and terminates the task.  Here's a snippet of my code

```
    const hostPort = 5701;
    const healthCheckPort = 8080;

taskDefinition.addContainer(stackPrefix + 'Container', {
      image: ecs.ContainerImage.fromRegistry('hazelcast/hazelcast:3.12.6'),
      environment : {
        'JAVA_OPTS': `-Dhazelcast.local.publicAddress=localhost:${hostPort} -Dhazelcast.rest.enabled=true`, 
        'LOGGING_LEVEL':'DEBUG',
        'PROMETHEUS_PORT': `${healthCheckPort}`},
        portMappings: [{containerPort : hostPort, hostPort: hostPort},{containerPort : healthCheckPort, hostPort: healthCheckPort}],
        logging: ecs.LogDriver.awsLogs({streamPrefix: stackPrefix, logRetention: logs.RetentionDays.ONE_DAY}),
    });

const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, stackPrefix + 'Service', {
      cluster,
      publicLoadBalancer : false,
      desiredCount: 1,
      listenerPort: hostPort,
      taskDefinition: taskDefinition,
      securityGroups : [fargateServiceSecurityGroup],
      domainName : env.getPrefixedRoute53(stackName),
      domainZone : env.getDomainZone(),
    });

loadBalancedFargateService.targetGroup.configureHealthCheck({
      path: "/metrics", 
      port: healthCheckPort.toString(),
      timeout: cdk.Duration.seconds(15),  
      interval: cdk.Duration.seconds(30),
      healthyThresholdCount: 2,
      unhealthyThresholdCount: 5,
      healthyHttpCodes: '200-299'
    });

```
Any suggestions on how I can get this to work?  thanks

Answer

Hello there,

Looking into your code, a few things I noticed:

1. For Fagete Service, there is no need to define host port, since the host port and the container port should be the same.

2. You should use `taskImageOptions` tp define container port

Here is an example code snippet:

```
    const service = new EcsPatterns.ApplicationLoadBalancedFargateService(this, 'demoService', {
      cluster: cluster,
      publicLoadBalancer: true,
      certificate,
      memoryLimitMiB: 2048,
      cpu: 512,
      desiredCount: 2,
      serviceName: 'demoService',
      taskImageOptions: {
        containerName: 'web',
        containerPort: 8080,   // Your container or app port
        executionRole,
        taskRole,
        environment: {
          ...
        },
        image: ecs.ContainerImage.fromEcrRepository(repository),
        logDriver: new ecs.AwsLogDriver({
          logGroup,
          streamPrefix: props.serviceName,
        }),
      },
    })

service.targetGroup.configureHealthCheck({
      path: '/v1/healthcheck',
    })

```

With above example, `ApplicationLoadBalancedFargateService` configures health check against container port 8080, but with a different path `/v1/healthcheck` as per overriding.

ApplicationLoadBalancedFargateService with listener on one port and health check on another fails health check

Contenus pertinents