1. Answers
  2. Routing Traffic to Multiple Ports on the Same EC2 Instance with ALB

how do I route traffic to multiple ports on the same EC2 instance with ALB?

To route traffic to multiple ports on the same EC2 instance using an Application Load Balancer (ALB), we need to set up an ALB along with listeners for each port we want to forward traffic to. Additionally, we will define target groups corresponding to each port and link them to the EC2 instance. Below is how you can achieve this.

Here’s an overview of what the code does:

  1. Define an EC2 Instance: This section sets up the compute instance.
  2. Configure Security Groups: This part sets up rules to allow traffic on the desired ports.
  3. Create an ALB: The application load balancer that will receive traffic.
  4. Define Target Groups: Each target group corresponds to a port on the EC2 instance.
  5. Set Up Listeners: Listeners for each port to forward traffic to the respective target groups.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create Security Group
const albSg = new aws.ec2.SecurityGroup("alb_sg", {
    name: "alb_sg",
    description: "Allow HTTP and HTTPS traffic",
    vpcId: "vpc-xxxxxxxx",
    ingress: [
        {
            fromPort: 80,
            toPort: 80,
            protocol: "tcp",
            cidrBlocks: ["0.0.0.0/0"],
        },
        {
            fromPort: 443,
            toPort: 443,
            protocol: "tcp",
            cidrBlocks: ["0.0.0.0/0"],
        },
    ],
    egress: [{
        fromPort: 0,
        toPort: 0,
        protocol: "-1",
        cidrBlocks: ["0.0.0.0/0"],
    }],
});
// Create an EC2 Instance
const myInstance = new aws.ec2.Instance("my_instance", {
    ami: "ami-0c55b159cbfafe1f0",
    instanceType: aws.ec2.InstanceType.T2_Micro,
    vpcSecurityGroupIds: [albSg.id],
    subnetId: "subnet-xxxxxxxx",
});
// Create an ALB
const myAlb = new aws.lb.LoadBalancer("my_alb", {
    name: "my-alb",
    internal: false,
    loadBalancerType: "application",
    securityGroups: [albSg.id],
    subnets: [
        "subnet-xxxxxxxx",
        "subnet-yyyyyyyy",
    ],
});
// Create a Target Group for each port
const tgHttp = new aws.lb.TargetGroup("tg_http", {
    name: "tg-http",
    port: 80,
    protocol: "HTTP",
    vpcId: "vpc-xxxxxxxx",
    targetType: "instance",
    healthCheck: {
        path: "/",
        port: "80",
        protocol: "HTTP",
        interval: 30,
        timeout: 5,
        healthyThreshold: 5,
        unhealthyThreshold: 2,
    },
});
const tgHttps = new aws.lb.TargetGroup("tg_https", {
    name: "tg-https",
    port: 443,
    protocol: "HTTPS",
    vpcId: "vpc-xxxxxxxx",
    targetType: "instance",
    healthCheck: {
        path: "/",
        port: "443",
        protocol: "HTTPS",
        interval: 30,
        timeout: 5,
        healthyThreshold: 5,
        unhealthyThreshold: 2,
    },
});
// Register EC2 instance with target groups
const tgAttachmentHttp = new aws.lb.TargetGroupAttachment("tg_attachment_http", {
    targetGroupArn: tgHttp.arn,
    targetId: myInstance.id,
    port: 80,
});
const tgAttachmentHttps = new aws.lb.TargetGroupAttachment("tg_attachment_https", {
    targetGroupArn: tgHttps.arn,
    targetId: myInstance.id,
    port: 443,
});
// Create listener for port 80
const listenerHttp = new aws.lb.Listener("listener_http", {
    loadBalancerArn: myAlb.arn,
    port: 80,
    protocol: "HTTP",
    defaultActions: [{
        type: "forward",
        targetGroupArn: tgHttp.arn,
    }],
});
// Create listener for port 443
const listenerHttps = new aws.lb.Listener("listener_https", {
    loadBalancerArn: myAlb.arn,
    port: 443,
    protocol: "HTTPS",
    defaultActions: [{
        type: "forward",
        targetGroupArn: tgHttps.arn,
    }],
});
export const albDnsName = myAlb.dnsName;

In this example, we created an AWS Application Load Balancer (ALB) that directs traffic to an EC2 instance on different ports (80 for HTTP and 443 for HTTPS). We set up security groups, target groups, and listeners to ensure traffic is properly routed based on the configuration.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up