21

I'm exploring using the new Fargate option for my ECS containers. One constraint is that the running task must always be accessible at the same Public IP address.

My first thought was to allocate an Elastic IP but I can't tell what to associate it to. It seems an Elastic IP can be associated to an instance (which is irrelevant for Fargate) or a Network Interface. However, if I associate it with an ENI, I can't see how to ensure my task's container has that Network Interface. When creating a Service, I see that I can put it in a VPC, but that's it.

From experimentation, if I kill a task so that the service restarts a new one, or if I update the service to run a new task revision - the container that starts running the new task will have a new ENI each time.

Is there some way to ensure that a given service has the same public IP address, even if its tasks are killed and restarted?

Gabe Durazo
  • 1,721
  • 1
  • 16
  • 26
  • Can't you use a load-balancer for this purpose ? This way your running task will always be available on the load-balancer address and not going to change even after the restart of container or underlying host machine. – Shantanu Dec 22 '17 at 05:27
  • Have you figured this out? if load balancer is restarted the IP would be different. It would be nice to be able to assign hostnames to elastic ip. if anything gets restarted just re-assign elastic ip. – Davinj Jan 24 '18 at 20:42
  • 1
    The load balancers supported by AWS only do TCP, this won't work if your service is UDP – ashgromnies Feb 27 '18 at 21:02

2 Answers2

10

Fargate does not currently support ENI assignment, so it is not possible to have an Elastic IP associated with a Fargate task definition.

The only way you can use a static IP address with Fargate is via the Application Load Balancer with an alias.

Greg Perry
  • 145
  • 9
8

Actually your can do it with Network Load balancer. It is a special type of load balancer, where elastic IP can be added. This instruction can really help https://docs.aws.amazon.com/elasticloadbalancing/latest/network/introduction.html

user2105282
  • 522
  • 1
  • 9
  • 19
  • 6
    While Network Load Balancer is hardly the same thing as associating an Elastic IP with the task directly, it still fits many of the use cases. Network Load Balancer allows for a load balancer with a static IP address, doing DNAT to the actual Fargate task. For inbound connections using TCP, this is pretty much the solution. Do not downvote this answer. – Nakedible Apr 29 '18 at 22:26
  • Thanks! I really used such techique and it worked fine. Another option is to create ec2 instance and configure Nginx, which will redirect requests to ELB which will point to fargate task – user2105282 May 04 '18 at 10:24
  • It is worth noting that LB's are not free. If you're running a small rig, the LB could cost more than the rest of the service. Be sure to check pricing. – Tom Wilson May 14 '20 at 19:45
  • Currently we are using nginx to redirect requests to the fargate service. To have some static name for the service, fargate service discovery is used. And yes, if you have a lot small services, to have separate LB will cost you a lot (15$ for LB). – user2105282 May 16 '20 at 06:08