如何在 CloudFormation 中将目标添加到网络负载均衡器
How to add a target to a Network Load Balancer in CloudFormation
我有一些用于网络负载均衡器的 CloudFormation。
PrivateNetworkLoadBalancerSG:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Access to the internal network load balancer
VpcId: !Ref 'VPC'
PrivateNetworkLoadBalancerIngressFromECS:
Type: AWS::EC2::SecurityGroupIngress
Properties:
Description: Only accept traffic from a container in the container host security group
GroupId: !Ref 'PrivateNetworkLoadBalancerSG'
IpProtocol: -1
SourceSecurityGroupId: !Ref 'EcsHostSecurityGroup'
PrivateNetworkLoadBalancer:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Type: network
Scheme: internal
Subnets:
- !Ref PrivateSubnetOne
- !Ref PrivateSubnetTwo
DummyTargetGroupPrivateNetwork:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
Name: !Join ['-', [!Ref 'AWS::StackName', 'drop-3']]
Port: 6379
Protocol: TCP
# UnhealthyThresholdCount: 2
VpcId: !Ref 'VPC'
还有一些用于在 ECS 中设置 Redis docker 容器。
RedisService:
Type: AWS::ECS::Service
Properties:
Cluster: !ImportValue "privatevpc:ClusterName"
DesiredCount: 1
TaskDefinition: !Ref RedisTaskDefinition
RedisTaskDefinition:
Type: AWS::ECS::TaskDefinition
Properties:
Family: redis
ContainerDefinitions:
- Name: redis
Essential: true
Image: "redis:latest"
Memory: 512
PortMappings:
- ContainerPort: 6379
HostPort: 6379
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group: !Ref CloudWatchLogsGroup
awslogs-region: !Ref AWS::Region
RedisTargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId: !ImportValue "privatevpc:VPCId"
Port: 6379
Protocol: TCP
HealthCheckProtocol: TCP
RedisLoadBalancerListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- Type: forward
TargetGroupArn: !Ref RedisTargetGroup
LoadBalancerArn: !ImportValue "privatevpc:PrivateNetworkLoadBalancer"
Port: 6379
Protocol: TCP
但我必须通过 AWS Web 控制台手动添加我的 RedisService 部署到的 EC2 实例作为 RedisTargetGroup 的目标。知道如何让 CloudFormation 为我做这件事吗?
我认为您需要将 LoadBalancers 属性 添加到 RedisService。 ECS 应自动将正确的 EC2 实例添加到指定的目标组。
例如:
RedisService:
Type: AWS::ECS::Service
Properties:
Cluster: !ImportValue "privatevpc:ClusterName"
DesiredCount: 1
TaskDefinition: !Ref RedisTaskDefinition
LoadBalancers:
- ContainerName: redis
ContainerPort: 6379
TargetGroupArn: !Ref RedisTargetGroup
我有一些用于网络负载均衡器的 CloudFormation。
PrivateNetworkLoadBalancerSG:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Access to the internal network load balancer
VpcId: !Ref 'VPC'
PrivateNetworkLoadBalancerIngressFromECS:
Type: AWS::EC2::SecurityGroupIngress
Properties:
Description: Only accept traffic from a container in the container host security group
GroupId: !Ref 'PrivateNetworkLoadBalancerSG'
IpProtocol: -1
SourceSecurityGroupId: !Ref 'EcsHostSecurityGroup'
PrivateNetworkLoadBalancer:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Type: network
Scheme: internal
Subnets:
- !Ref PrivateSubnetOne
- !Ref PrivateSubnetTwo
DummyTargetGroupPrivateNetwork:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
Name: !Join ['-', [!Ref 'AWS::StackName', 'drop-3']]
Port: 6379
Protocol: TCP
# UnhealthyThresholdCount: 2
VpcId: !Ref 'VPC'
还有一些用于在 ECS 中设置 Redis docker 容器。
RedisService:
Type: AWS::ECS::Service
Properties:
Cluster: !ImportValue "privatevpc:ClusterName"
DesiredCount: 1
TaskDefinition: !Ref RedisTaskDefinition
RedisTaskDefinition:
Type: AWS::ECS::TaskDefinition
Properties:
Family: redis
ContainerDefinitions:
- Name: redis
Essential: true
Image: "redis:latest"
Memory: 512
PortMappings:
- ContainerPort: 6379
HostPort: 6379
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group: !Ref CloudWatchLogsGroup
awslogs-region: !Ref AWS::Region
RedisTargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId: !ImportValue "privatevpc:VPCId"
Port: 6379
Protocol: TCP
HealthCheckProtocol: TCP
RedisLoadBalancerListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- Type: forward
TargetGroupArn: !Ref RedisTargetGroup
LoadBalancerArn: !ImportValue "privatevpc:PrivateNetworkLoadBalancer"
Port: 6379
Protocol: TCP
但我必须通过 AWS Web 控制台手动添加我的 RedisService 部署到的 EC2 实例作为 RedisTargetGroup 的目标。知道如何让 CloudFormation 为我做这件事吗?
我认为您需要将 LoadBalancers 属性 添加到 RedisService。 ECS 应自动将正确的 EC2 实例添加到指定的目标组。
例如:
RedisService:
Type: AWS::ECS::Service
Properties:
Cluster: !ImportValue "privatevpc:ClusterName"
DesiredCount: 1
TaskDefinition: !Ref RedisTaskDefinition
LoadBalancers:
- ContainerName: redis
ContainerPort: 6379
TargetGroupArn: !Ref RedisTargetGroup