I have an ECS cluster with multiple nodes (task defs) fronted by an application load balancer. Does it make sense to configure a health check at the load balancer and at the container level (within the task definition)?
The load balancer runs the configured health check against every registered target so it can unregister failing nodes. Setting the health check at the container level accomplishes the same thing: ECS will unregister any container that fails the health check (according to your configuration). ECS will always instantiate more instances of your task def to satisfy your desired count.
To me it sounds like if your task definition only has a single container, then only setting the health check at the load balancer (since it's required) is enough. Am I missing anything?
Unregistering means different things in case of a load balancer and in case of ECS. In case of a load balancer unregistering means that there is no further traffic sent to the container. In case of an ECS service, unrigestering means that the container is killed and the ECS service will attempt to replace it with a healthy one.
Even if you have just a single container, in case of a failure the load balancer will stop sending traffic to it, but it is not the load balancer's job to restart the container. Replacing the container with a healthy one should be done by an ECS service scheduler.