skip to Main Content

Im deploying my docker container via my docker compose file.

When i initially deploy my app it creates a load balancer but as type "network". I cannot do a redirect to https with this type.

I want my load balancer to be created as a type "application" and then setup the redirect from http to https.

My container will still be listening to port 80.

Bonus: i would like to deploy and also attach my SSL cert in my compose file so that its all ready on a fresh deploy.

As you can see ive tried a few things but cant get it to work.

Thanks

version: '3.8'
services:

  web:
    container_name: auction_web
    image: <ECR Image>
#    x-aws-pull_credentials: arn:aws:secretsmanager:xxxxxxxxxxxx
    depends_on:
      - redis
    ports:

#      - "80:80" - tried this
#      - "443:443" - tried this
      - target: 80
        x-aws-protocol: http
      - target: 443
        x-aws-protocol: https
#      - published: 80
#        protocol: "http"
#        x-aws-alb-default-actions:
#          - type: redirect
#            host: '<domain>'
#            port: 443
#            protocol: HTTPS
#            status-code: HTTP_301

#      - published: 443
#        protocol: "https"
#        x-aws-acm-certificate: <cert name>
    deploy:
      resources:
        limits:
          cpus: '1'
          memory: 4096M

2

Answers


  1. Chosen as BEST ANSWER
    x-aws-cloudformation:
      Resources:
        App80Listener:
          Properties:
            Port: 80
            Protocol: HTTP
            LoadBalancerArn:
              Ref: LoadBalancer
            DefaultActions:
              - Type: redirect
                RedirectConfig:
                  Port: 443
                  Protocol: HTTPS
                  StatusCode: HTTP_301
          Type: AWS::ElasticLoadBalancingV2::Listener
    
        App443Listener:
          Properties:
            Port: 443
            Protocol: HTTPS
            LoadBalancerArn:
              Ref: LoadBalancer
            DefaultActions:
              - ForwardConfig:
                  TargetGroups:
                    - TargetGroupArn:
                        Ref: App8080TargetGroup
                Type: forward
            Certificates:
              - CertificateArn: "<arn for cert>"
          Type: AWS::ElasticLoadBalancingV2::Listener
    
        App8080TargetGroup:
          Properties:
            Name: 'jenkins-tg'
            Port: 8080
            Protocol: HTTP
            Tags:
              - Key: com.docker.compose.project
                Value: jenkins
            TargetType: ip
            VpcId: vpc-d21afbbb
            HealthCheckPath: '/login'
          Type: AWS::ElasticLoadBalancingV2::TargetGroup
    

  2. Please try this:

    1. Define ports with "80:80" and "443:443" and nothing else.

    2. Add the following section at the bottom of the docker-compose file:

    x-aws-cloudformation:
      Resources:
        Web443Listener:
          Properties:
            Certificates:
              - CertificateArn: "<certificate ARN>"
            Protocol: HTTPS
            Port: 443
        Web80Listener:
          Properties:
            DefaultActions:
              - Type: redirect
                RedirectConfig:
                  Port: 443
                  Protocol: HTTPS
                  StatusCode: HTTP_301
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search