- Newest
- Most votes
- Most comments
Hello, I had done just that in the past, haven't used much of AppMesh for a little while, and really wish I had documented it !
But in a nutshell, you can do it in at least 2 ways:
the service(s) that is behind the ALB, have the Listener Rules send the traffic to the containers, regardless of whether they use AppMesh or not. Then for the rest of the traffic between the services, it will work of its own accord, following the Mesh rules (services, routers etc.) that are defined.
Second option could be to use an AppMesh gateway, have the LB send all the traffic to that service, and then again, AppMesh will take over for the rest of the traffic to follow.
I will try to dig out the examples I had. I did all that using x-appmesh
in ECS Compose-X but due to very little use-cases / need coming the AppMesh way, I haven't given it much love for a little while.
Just get the traffic from your ALB to your containers, it will work just fine (says he not touching it in a year).
Hello again @Vasyl,
I just reworked/re-enabled x-appmesh this weekend and updated my demo apps to test/showcase.
python3 -m venv venv source venv/bin/activate pip install pip -U; pip install "ecs-composex>=0.22.0" git clone https://github.com/compose-x/composex-testing-apps cd composex-testing-apps # Optionally use image specific tag #export IMAGE_TAG=2022-06-13 # Render the templates ecs-compose-x render -d templates --format yaml -f docker-compose.yaml -f x-appmesh.yaml -n demo-appmesh # Deploy to AWS # will create VPC/DNS/CloudMap/IAM/Services - basically everything it needs ecs-compose-x up -d templates --format yaml -f docker-compose.yaml -f x-appmesh.yaml -n demo-appmesh
The ingress from the "internet" is done via the ALB that will send the traffic to app01
which is our ingress service.
Hope this helps in your ECS + AppMesh journey.
Relevant content
- asked 3 months ago
- asked 10 months ago
- asked 3 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 7 months ago
Hello John. Thanks for the answer!
way 1) You say "have the Listener Rules send the traffic to the containers". That is easy via TG as IP address. But after service redeploys in AppMesh the IP will change, the TG won't be updated with the new IP, so the traffic won't go any more. Or I didn't understand what you mean.
way 2) I looked up "AppMesh gateway" and found nothing in the internet. What do you mean exactly? NGINX or something?
Hey @Vasyl So, here is what I meant by gateways: https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html And for your first comment, I am not too sure to follow. Sure your TG will update the target to send traffic to the container, if you configured your ECS service to automatically use a target group, ECS will take care of updating the TG Targets IP as they go.
Thank you John! We're digging further both your recommendations.
I did some digging John. Basically, it was never implemented for AppMesh: https://github.com/aws/aws-cdk/issues/19842