1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
Hello,
Here are some questions/things to consider:
- Assuming your ECS cluster is in a private subnet behind an ALB, do you have a NAT Gateway configured in a public subnet with security groups allowing the default traffic to the NAT?
- Is you Route 53 zone setup correctly? As in are you using the appropriate Alias/CNAME records? Is your hosted zone in route 53 public?
- Are your security groups configured to allow the traffic or are there any firewalls or NACLs blocking traffic?
- Have you enabled FlowLogs and checked to see if you see the incoming traffic to your ECS cluster or not?
- If using an ALB, do you have logging enabled for that as well?
답변함 일 년 전
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
i don't use ALB as i wanted actually to use service discovery feature instead.
the public hosted zone is the public domain name we already use for our platform, there i should create a subdomain mapped to the ecs service discovery record created in the private hosted zone, after enabling service discovery, cloud map service creates a private hosted zone with 4 record, i should acutally map the public sub-domain to the SRV record in the private hosted zone.
ec2 security group and subnets NACL are open to most of traffic.
i did not have enabled flow logs but i can access the service through the service discovery endpoint in local vpc
i don't use ALB