问题描述
我已使用Cloudformation从此模板(https://github.com/cmanikandan/fargate-apigateway/blob/master/fargate-private-subnet-network-loadbalancer.yml创建了一个ECS集群,该模板在端口80(请参见下面的dockerfile)上运行flask应用程序,并通过私有VPC链接将API Gateway连接到应用程序负载均衡器(请参见下面的AWS CLI代码)。第一步,我尝试仅在根(/)上配置GET方法。
在aws博客文章(https://aws.amazon.com/blogs/compute/access-private-applications-on-aws-fargate-using-amazon-api-gateway-privatelink/)中,我已经能够使用此示例,但是当我在ECR中使用我的应用程序尝试该操作时,遇到了500错误(Execution failed due to configuration error: There was an internal error while executing your request)
。 / p>
我在哪里配置出错?可能与端口映射有关?
Dockerfile:
FROM python:3
WORKDIR /usr/src/app
COPY requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt
COPY . .
CMD ["python","app.py","--host","0.0.0.0"]
API网关的AWS CLI命令:
aws apigateway create-vpc-link \
--name REMOVED \
--target-arns REMOVED \
--region us-west-2
aws apigateway get-vpc-link --vpc-link-id REMOVED --region us-west-2
aws apigateway create-rest-api --name 'Fargate Test' --region us-west-2
aws apigateway get-resources --rest-api-id REMOVED --region us-west-2
aws apigateway put-method \
--rest-api-id REMOVED \
--resource-id REMOVED \
--http-method ANY \
--authorization-type "NONE" --region us-west-2
aws apigateway put-integration \
--rest-api-id REMOVED \
--resource-id REMOVED \
--uri 'http://myApi.example.com' \
--http-method ANY \
--type HTTP_PROXY \
--integration-http-method ANY \
--connection-type VPC_LINK \
--connection-id REMOVED --region us-west-2
aws apigateway create-deployment \
--rest-api-id REMOVED \
--stage-name REMOVED \
--variables vpcLinkId=REMOVED--region us-west-2
解决方法
最终的问题是,我没有在dockerfile中公开网络负载均衡器的端口,以便能够从API网关端点路由流量。
vvv这是解决方案vvv
Dockerfile:
FROM python:3
WORKDIR /usr/src/app
COPY requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt
COPY . .
EXPOSE 80
CMD ["python","app.py","--host","0.0.0.0"]