I am looking to triage an issue in my cloud environment. We have a simple TCP Service that is spinning up correctly when connecting to it in our local docker environment. when deployed to fargate, the service is spinning up correctly as well. The Service is fronted by a network load balancer which is ALSO registering all the tasks and doing a successful "ping" to the individual tasks to ensure health checks.
I'm using a full 0.0.0.0/8 in my Task Security Groups (No SGs attached to NLB) which is how the NLB is able to do a successful health check to the tasks.
The problem is when I'm connecting to the NLB via TELNET -> Its "connecting" to the NLB but beyond that, no further session is being established with the tasks. I see zero logs within the tasks and after a few seconds, the telnet session times out.
PS: Our administrators dont allow ECS Exec so secure shell into Tasks is not possible.
I was looking to triage this - had some questions:
Can I connect to the FARGATE SERVICE Endpoint bypassing the NLB? I have been searching for this but can't seem to find any resources (even though Service is registered successfully to NLB which is registering all the tasks)
Yes, just use the task's IP address. If the task doesn't have a public IP assigned, then you will have to do that from another server inside the VPC.