I have ECS
which uses EC2
and EC2
has a contianer
.
From EC2 node
I can access the outside with this command.
[ec2-user@ip-172-31-23-50 ~]$ curl google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
Then I login container running on this node, docker exec -it container-name /bin/bash
root@ip-172-31-24-234:/# curl google.com
I can't access(nothing appears).
So, I check the security group of ECS Service
.
However all outbound connection is allowed
Test
on EC2 node I try to run another container (Becasue I wanted to test the container which is not managed by ECS service).
`docker run -it ubuntu`
then install curl
and try curl
in the this ubuntu
containaer,I can connect to the outside from the container.
So the problem happens only in ECS managed container,
My task difinition is made by CDK
, maybe this Network mode is related....??
const adminTaskDefinition = new ecs.Ec2TaskDefinition(this, 'AdminTaskDefinition', {
networkMode: ecs.NetworkMode.AWS_VPC,
})
Perhaps set your Network Mode = host in your task definition.