Allow binding ECS container port #3533
Conversation
|
Also, for clarity, as per #2896 the only way to do mapping prior to this is something along these lines in a task definition: The static port binding clearly means you can only have one of these tasks running on a given host. The PR allows for something like: Which allows you to do bin-packing and removes the necessity for static port binding. |
|
Hi @andrewstucki, Thanks for your interest in Træfik. Why do you need a new label WDYT ? |
|
@mmatur well, the current I wouldn't mind changing the functionality of the label so that it resolves dynamic port binding instead and treats the port specified as the container's port, but figured that making a breaking change to existing behavior was probably something we didn't want to do, hence the implementation of a new label. Off the top of my head I can't think of a way of implementing the new behavior while keeping the old behavior without a new label. Let me know if you have any ideas. |
|
So, hopefully to illustrate the point better, here's how things currently work. Assuming static port binding a setup can look like this:
Where However, when you have dynamic binding it looks like more this:
In the dynamic binding scenario we have no way of using the behavior So, in most scenarios this probably won't be a huge deal since many containers only expose a single port. As such, Traefik will just choose the first port that it sees and route to it. However, In the case where you have multiple dynamically bound ports, then this becomes an issue because we currently have no way of specifying which of the exposed ports is the one we care about. My particular use case is co-locating a bunch of services that expose two ports dynamically, a port that's internally scraped by Prometheus, and a port that a web-server serving up and API listens on. Since I want to co-locate all of the services, I can't dynamically bind either the Prometheus or the web-server ports, but need a way to tell Traefik to only route to the port that the web-server is bound on, meaning I need to tell Traefik to only route to the port exposed as port 8080 in my container and to ignore whatever translates to port 9000. What that maps to at the host level, I have no way of knowing due to the dynamic nature of the port binding. |
|
@andrewstucki Thanks for you feedback. I was thinking about a solution like that func getPort(i ecsInstance) string {
if value := label.GetStringValue(i.TraefikLabels, label.TraefikPort, ""); len(value) > 0 {
port, err := strconv.ParseInt(value, 10, 64)
for _, mapping := range i.machine.ports {
if err == nil {
if port == mapping.hostPort || port == mapping.containerPort {
return strconv.FormatInt(mapping.hostPort, 10)
}
}
}
return value
}
return strconv.FormatInt(i.machine.ports[0].hostPort, 10)
}If With an example
WDYT ? |
|
Hi @andrewstucki, The code freeze for the next 1.7 release will happen at the end of this week, on Friday 6th July 2018. |
mmatur
added
status/2-needs-review
and removed
contributor/waiting-for-feedback
status/1-needs-design-review
labels
mmatur
changed the title
This comment has been minimized.
This comment has been minimized.
What does this PR do?
Implements #2854. Makes Traefik look for an ECS label called
containerPortto allow for dynamic mapping.Motivation
See #2854 for a longer description, but basically there's no current way to specify routing behavior for ECS containers with more than one dynamically exposed port. This means without this feature:
a. expose only a single port
b. statically bind the container port to a well-known host port
More
Additional Notes
In the final solution, we use only the
traefik.portlabeltraefik.portnot settraefik.portnot settraefik.port=8080traefik.port=8080traefik.port=80