I've got an ECS cluster where I have a couple of services running. All of them have their own load balancer so for every service I have a URL like http://my-service-1234554321.eu-west-1.elb.amazonaws.com. But I would like to open only one service of all these (f.ex. 10) services for the whole world while all the others I would like to be hidden and have access to them only from services in this cluster via HTTP. Is it possible and how can I do that?
Asked
Active
Viewed 100 times
0
1 Answers
0
Elastic Load Balancers can be either be internet facing (open to traffic from the Internet) or internal facing (accepting traffic from within a VPC).
When you create the load balancer for your service, specify the scheme as internal for the services you only wish to access from within the cluster. For the service that needs to be external, set it as internet facing.
The ECS documentation talks about setting the Load Balancer scheme here.
Just remember that a load balancer cannot be both internet facing and internal at the same time. If you decide that you want to expose services that were internal over the Internet at a later date, you will probably need to create a second internet facing ELB for that.
Rob Lockwood-Blake
- 4,688
- 24
- 22
-
And I cannot set some routes to be `internal` and some `internet` facing? – Aleksander Anokhin Sep 13 '17 at 12:32
-
Internal/external Is an attribute of the entire balancer. – Michael - sqlbot Sep 13 '17 at 17:52
-
@Michael-sqlbot - sqlbot I mean, is it possible to use 2 load balancers for one service: `internet` facing for routes `/api/*` and `internal` for routes `/some-route/*` – Aleksander Anokhin Sep 14 '17 at 07:48