I have deployed an ECS service via the UI and have created a load balancer and target group. The service is in a vpc with a security group that allows all inbound and outbound traffic. The load balancer is associated with the default vpc, as is the ecs servcie, and this vpc has subnets which are linked to a routing table which has directs all traffic to the 0.0.0.0/0 CIDR range to an internet gateway. I have verified that port 8000 is exposed in my container, and have set the load balancer listener's port to 8000 as well. I've checked the service logs, and the health check works. However, when I try to call the service from my own computer that's outside the vpc, I get a time out.
I've noticed that the target group has the Protocol : Port parameter set to 80, and I haven't figured out where that's specified on the UI, but I don't think this is the issue because the helath check targets whatever listener is associated with the target group, as far as i understand it.
Any help would be much appreciated.
I have verified that port 8000 is exposed in my container, and have set the load balancer listener's port to 8000 as well.
The load balancer listener port is the port you want to expose to the world. It is not related to the container's port in any way. If the load balancer listener port is 8000 then you will have to enter http://load-balancer-domain:8000 in the web browser in order to access your application since it is not listening on the default HTTP protocol port of 80.
I've noticed that the target group has the Protocol : Port parameter set to 80
The target group port parameter absolutely needs to be the same as the container port. If the health check is actually passing with this configuration, then something in your container must be listening on port 80. It's really strange that the health check is passing, since you have the ports configured to be different here.
I haven't figured out where that's specified on the UI
The target group port configuration is specified in the Target Group UI under the EC2 service. You will need to look in the EC2 UI for the load balancer and the target group.
I don't think this is the issue because the helath check targets whatever listener is associated with the target group, as far as i understand it.
That is not true at all. The health checks go directly against your containers. The health checks are completely unrelated to the load balancer listener. The health check is used to determine which backend containers or servers are available for your load balancer to send requests to.