My ECS Task is running, but does not work when I try to visit it via ALB or public IP
ECS Settings
Network Config
- The Dockerfile ports to 443
- The container has ports 443 mapped to 443 and 8080 to 8080
- The ALB is listening on 443
- The target group is on 443 and 8080
The issue is that the service and task are running the container, however I can't access it via the public IP or the load balancer dns.
They are healthy instances on Fargate, and show no sign of failure or rebooting constantly. The health check is 600 seconds, and min health is 50% max 200%.
I would like to know if there is anything that sounds out of the ordinary with the information I provided as I have thoroughly checked my configuration however everyone makes mistakes.
Thank you for reading.
Not sure if this may help, as you are using fargate, each task as an ENI with a security group. In your explaination, you show only one security group (the ALB one ?), you need to check if the sg for the task as well. More details here. You should consider dynamic port mapping for your task with the SG allowing connections only from the ALB's SG on ephemeral port range (32768 to 61000 for Amazon ECS-optimized AMI) FYI.