Need help?

Our experts have had an average response time of 13.52 minutes in October 2021 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

ECS service discovery with CloudFormation | How to use

by | Nov 16, 2021

Want to use ECS service discovery with CloudFormation? Our Support Techs are here with an easy solution. Read on to find out more about it.

At Bobcares, we offer help with similar queries and more as a part of our Server Management Services.

About using ECS service discovery with CloudFormation

Although the Amazon ECS console permits you to create service discovery resources in the course of service creation, the AWS::ECS::Service resource type for CloudFormation doesn’t permit the same. If you want to use Amazon ECS service discovery with AWS CloudFormation, you have come to the right place.

How to use ECS service discovery with CloudFormation

  1. First, go to the Resource section in the CloudFormation template and create a private service discovery namespace like example.com. Make sure you create the namespace in an existing Amazon VPC.
    For instance in JSON:

    { 
    "PrivateNamespace": { 
     "Type": "AWS::ServiceDiscovery::PrivateDnsNamespace", 
    "Properties": {
         "Name": "example.com", 
         "Vpc": "vpc-xxxxxxx" 
          }
       }
    }

    For instance, in YAML:

    PrivateNamespace: 
    Type: AWS::ServiceDiscovery::PrivateDnsNamespace 
    Properties: 
       Name: example.com 
       Vpc: vpc-xxxxxxx

    Remember to replace example.com with the namespace’s name and vpc-xxxxxxx with the ID of a VPC in your account.

  2. Next, create a new service discovery service with the namespace ID created in the previous step.
    If you do not have namespace ID, you can use the Ref Intrinsic function in the CloudFormation to get it.
    For instance, in JSON:

    {
      "DiscoveryService": {
        "Type": "AWS::ServiceDiscovery::Service",
        "Properties": {
          "Description": "Discovery Service for the Demo Application",
          "DnsConfig": {
            "RoutingPolicy": "MULTIVALUE",
            "DnsRecords": [
              {
                "TTL": 60,
                "Type": "A"
              },
              {
                "TTL": 60,
                "Type": "SRV"
              }
            ]
          },
          "HealthCheckCustomConfig": {
            "FailureThreshold": 1
          },
          "Name": "example-service-name",
          "NamespaceId": {
            "Ref": "PrivateNamespace"
          }
        }
      }
    }

    For instance, in YAML:

    DiscoveryService:
      Type: AWS::ServiceDiscovery::Service
      Properties: 
        Description: Discovery Service for the Demo Application
        DnsConfig:
          RoutingPolicy: MULTIVALUE
          DnsRecords:
            - TTL: 60
              Type: A
            - TTL: 60
              Type: SRV
        HealthCheckCustomConfig: 
          FailureThreshold: 1
        Name: example-service-name
        NamespaceId: !Ref PrivateNamespace

    Remember to replace example-service-name with the service’s name. The DnsConfig property specifies DNS records created when the Amazon ECS task is registered with the service discovery service.

    Our Support Engineers recommend using the HealthCheckCustomConfig property. It allows Amazon ECS to pass on task health information to service discovery. In fact, Amazon ECS utilizes information from container checks, task state, and health checks to update service discovery’s health with AWS Cloud Map.

Integrating Amazon ECS service with a service discovery namespace

  1. After that, we will create an Amazon ECS service that is integrated with the service created in the earlier steps and the service discovery namespace. We will utilize the ServiceRegisteries property in the AWS:ECS::Service for the integration.

    For instance, in JSON:

    {
      "EcsService": {
        "Type": "AWS::ECS::Service",
        "Properties": {
          "Cluster": "awsExampleCluster",
          "DesiredCount": 4,
          "LaunchType": "FARGATE",
          "NetworkConfiguration": {
            "AwsvpcConfiguration": {
              "SecurityGroups": [
                "sg-xxxxxxx"
              ],
              "Subnets": [
                "subnet-xxxxxxx"
              ]
            }
          },
          "ServiceName": "awsExampleService",
          "TaskDefinition": "awsExampleTaskDefinition",
          "ServiceRegistries": [
            {
              "RegistryArn": {
                "Fn::GetAtt": [
                  "DiscoveryService",
                  "Arn"
                ]
              },
              "Port": 80
            }
          ]
        }
      }
    }

    For instance, in YAML:

    EcsService:
      Type: AWS::ECS::Service
      Properties:
        Cluster: awsExampleCluster
        DesiredCount: 4
        LaunchType: FARGATE
        NetworkConfiguration:
          AwsvpcConfiguration:
            SecurityGroups:
              - sg-xxxxxxx
            Subnets:
              - subnet-xxxxxxx
        ServiceName: awsExampleService
        TaskDefinition: awsExampleTaskDefinition
        ServiceRegistries:
          - RegistryArn: !GetAtt DiscoveryService.Arn
            Port: 80

    Here, we will replace awsExampleCluster, awsExampleService. awsExampleService and subnet-xxxxxxx with the cluster, service, task definition, and security group ID respectively.

    We will also have to set the RegistryArn property to the ARN of the service discovery service’s value for the integration. We can get this value from the CloudFormation with the Fn::GetAtt Intrinsic function.

    In case you are using awsvpc mode, set the value to either a combination of ContainerName and ContainerPort or Port. However, if you are using host or bridge, set it to ContainerName or ContainerPort.

  2. The next step is to run the following commands to verify that the tasks can be resolved from the VPC:
    $ dig awsExampleService.awsExampleNamespace. +short
    $ dig srv awsExampleService.awsExampleNamespace. +short
    $ curl awsExampleService.awsExampleNamespace. -I

    Here, awsExampleService and awsExampleNamespace is the name of the AWS::ECS::Service resource and AWS::ServiceDiscovery::PrivateDnsNamespace resource respectively.

    [Looking for help with another query? Give us a call today.]

    Conclusion

    To sum up, we learned how to use ECS service discovery with CloudFormation from the skilled Support Engineers at Bobcares.

    PREVENT YOUR SERVER FROM CRASHING!

    Never again lose customers to poor server speed! Let us help you.

    Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

    GET STARTED

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF