1. How to manage ECS tasks with a Network Load Balancer in TypeScript?


    In this program, we create a network load balancer and an ECS task set using the AWS native Pulumi libraries. For this, we use the following resources:

    • aws-native.ecs.TaskSet: This resource describes a set of ECS tasks. An ECS task set is a subset of an ECS service's tasks that use a specific task definition version, container settings, and network settings.

    • aws-native.elasticloadbalancingv2.TargetGroup: A target group routes requests to one or more registered targets when it receives traffic from the load balancer.

    • aws-native.elasticloadbalancingv2.Listener: Before you start using your Network Load Balancer, you create one or more listeners. A Network Load Balancer listener listens for connection requests from clients.

    Let's start coding:

    import * as pulumi from "@pulumi/pulumi"; import * as aws_native from "@pulumi/aws-native"; // A new VPC for our load balancer and ECS tasks. const vpc = new aws_native.ec2.Vpc("myVpc"); // Create a security group for our load balancer. const lbSecurityGroup = new aws_native.ec2.SecurityGroup("lbSecurityGroup", { vpcId: vpc.id, }); // A load balancer listing on port 80. const loadBalancer = new aws_native.elasticloadbalancingv2.LoadBalancer("myLoadBalancer", { scheme: "internet-facing", subnets: vpc.subnets, securityGroups: [lbSecurityGroup.id], type: "network", }); // A target group for port 80. const targetGroup = new aws_native.elasticloadbalancingv2.TargetGroup("targetGroup", { vpcId: vpc.id, port: 80, protocol: "TCP", targetType: "ip", }); // Listen to port 80. const listener = new aws_native.elasticloadbalancingv2.Listener("myListener", { defaultActions: [{ type: "forward", targetGroupArn: targetGroup.arn, }], loadBalancerArn: loadBalancer.arn, port: 80, protocol: "TCP", }); // Create a log group for our ECS service. const logGroup = new aws_native.logs.LogGroup("logGroup"); // An ECS cluster. const cluster = new aws_native.ecs.Cluster("cluster", { containerInsights: true, }); // Create an ECS task definition: the application we want to run. const taskDefinition = new aws_native.ecs.TaskDefinition("taskDefinition", { containerDefinitions: JSON.stringify([{ name: "my-app", image: "nginx", memory: 128, portMappings: [{ containerPort: 80 }], logConfiguration: { logDriver: "awslogs", options: { "awslogs-group": logGroup.name, "awslogs-region": "us-west-2", "awslogs-stream-prefix": "my-app", }, }, }]), cpu: "256", memory: "0.5GB", networkMode: "awsvpc", requiresCompatibilities: ["FARGATE"], executionRoleArn: role.arn, family: "my-app", }); // An ECS service to run and maintain tasks in an ECS cluster. const service = new aws_native.ecs.Service("service", { cluster: cluster.arn, desiredCount: 5, launchType: "FARGATE", taskDefinition: taskDefinition.arn, waitForSteadyState: true, networkConfiguration: { assignPublicIp: "ENABLED", subnets: vpc.subnets, securityGroups: [lbSecurityGroup.id], }, loadBalancers: [{ targetGroupArn: targetGroup.arn, containerName: "my-app", containerPort: 80, }], });

    This establishes a network load balancer listening on port 80 and balancing amongst ECS tasks. These tasks are running the nginx Docker image. The ECS tasks are publicly reachable through the load balancer.

    You can access the load balancer at its DNS name. The Pulumi Program exports this value.

    export const url = loadBalancer.dnsName;