I have an ECS cluster in AWS and can't find a solution for the microservices to be accessed, like:
domain.com/service1 or domain.com/service2
Where each service is a different task definition or container.
The domain is handled via Cloudfront.
Does anybody know if this is possible only via AWS services? Can the microservices be routed in AWS via /path or /microservice. Can this be done via API gateway?
Tried to find a solution from cloudfront and API gateway, but I may not be doing something right.
Thanks everyone!
Here is a good reference blog specifying HTTP API, CloudFront, API Gateway and ECS tasks.
It provides context on routing a specific path to a specific ECS task
Related
I have started a monolith using a NodeJS with Elastic Beanstalk, exposing the api with Route 53 and Cloud Front just to launch my mvp/pilot.
I’ve designed the architecture to easily decouple into micro services.
I was wondering, how to decouple it, or maybe create new domains as a Lambda, and keep both words in parallel, by leaving the Elastic Beanstalk live until every service be decoupled as a lambda micro service.
At the moment, the endpoint is “api.domain.com/v1…”.
As far as im aware, Lambda works with Api Gateway. Is possible to keep them in the same “api.domain.com…” or should I have a different subdomain to orchestrate the lambdas with the API Gateway?
You should start by setting up API Gateway and placing it in front of your Elastic Beanstalk API. So your domain would then point to API Gateway, and it would be setup to send requests to your Elastic Beanstalk backend.
You could start by doing this without a custom domain in API Gateway, and once it is working, configure the custom domain settings and update your DNS so the domain then points at API Gateway.
After you get API Gateway working with Elastic Beanstalk, you would then be able to start configuring specific paths in the API to go to Lambda functions instead of Elastic Beanstalk.
I have a internet facing NLB and want to integrate it with API Gateway. Searching over posts and aws docs, and they all just provide only one way to use VPC Links with private integration. However, this introduce the limitation where both API Gateway, VPC Links and NLB have to exist in one single account. Trying to get some help to see if it is possibly to use other type of integration like HTTP (I also notice that Elastic Load Balancing is one of the AWS Service integration options, but not sure if it is only for ALB).
Many thanks
I am trying to understand the use of API Gateway along with AWS ALB (Ingress Controller) for the EKS cluster.
Let's say,
there are 10 microservices in the AWS EKS cluster running on 10 pods. The EKS cluster is in Private VPC.
I can create Kubernetes Ingress which will create an ALB and provide rule-based routing. The ALB will be in Public VPC and I believe, AWS will allocate a public ip to the ALB. I can configure the ALB behind Route53 to access using the domain name. My understanding says that ALB supports multiple features including host or path based routing, TLS (Transport Layer Security) termination, WebSockets, HTTP/2, AWS WAF (Web Application Firewall) integration, integrated access logs, and health checks.
So, security wise there should not be any challenge. Am I wrong?
Please refer Link of the above mentioned solution architecture.
Is there any specific use case where I need to use AWS API Gateway in front of AWS ALB in the above-mentioned architecture?
What are additional benefits the AWS API Gateway has along with AWS ALB?
Should I put AWS ALB in the Private VPC if decided to use AWS API Gateway in front of that?
With API GW you will get rate limiting, throttling and if you want to authenticate and authorize requests based on OAUTH or any other auth model that can be done with API GW.
whats the standard implementation i should make to implement an AWS API Gateway entrypoint with an ECS microservices structure?
I been trying to do it, but i get an ALB that is public and an API Gateway pointing to it, the problem is that the authentication is handled by API Gateway so the ALB endpoint is unsecure.
Thanks
This is pretty standard and well documented. Have you checked the articles published by AWS? I think these articles would help
Normally you would have a private Load Balancer and need to setup a "private integration" between API Gateway and Load Balancer
Situation
I have multiple Micro-Services deployed. All micro-services should be made available under the domain www.mycompany.com/[myservice].
Some of the micro-services are based on AWS, while other services are based on other technology.
Question
How can do I setup a routing in AWS to redirect
www.mycompany.com/blog to an AWS Micro-Service
www.mycompany.com/support to an external service hosted under the address mycompany.zendesk.com
How can I set such a routing mechanism up in AWS?
According to my knowledge you can't setup this kind of routing using only Route 53. However there is a work around using API Gateway. If you can deploy all your microservices behind an API Gateway, you can configure routing as you had mentioned using the API Gateway custom domains option. I recently wrote an article on the usage of this feature, and link to that mentioned below.
API management for microservices