Create an App LB in AWS
In this guide, I'll walk through how to set up an AWS Application Load Balancer (ALB) to route traffic to different ECS services based on domain names, allowing you to host multiple websites on a single ECS cluster.
The Scenario
We have two websites:
- Webpage A with domain:
inmo-track.com - Webpage B with domain:
time-track.me
Both are running as separate nginx services in AWS ECS:
- An nginx service for Webpage A
- An nginx service for Webpage B
Our goal is to configure an Application Load Balancer that will direct traffic to the appropriate service based on the incoming domain.
Step 1: Create Target Groups
First, we need to create target groups for each of our services:
-
Navigate to EC2 > Load Balancing > Target Groups
-
Click "Create target group"
-
For Webpage A:
- Target type: IP addresses
- Name:
inmo-track-tg - Protocol: HTTP, Port: 80
- VPC: Select your VPC
- Health check path:
/(or your specific health check path) - Click "Next" and "Create target group"
If you need to manually register targets after creating the target group:
- Select the target group and click "Register targets"
- When prompted "Enter an IPv4 address from a VPC subnet":
- For a VPC CIDR of 172.31.0.0/16, you should enter the specific IP of your ECS task
- This would be an IP in the range of 172.31.X.X (e.g., 172.31.16.45)
- To find the exact IP of your task, go to ECS > Clusters > [Your Cluster] > Services > [Service Name] > Tasks tab > Select your task > Configuration section > Private IP
- Enter port 80 (or your application's port)
- Click "Include as pending below"
- Click "Register pending targets"
-
Repeat for Webpage B:
- Target type: IP addresses
- Name:
time-track-tg - Protocol: HTTP, Port: 80
- VPC: Select the same VPC as Webpage A
- Health check path:
/(or your specific health check path) - Health check protocol: HTTP
- Health check port: traffic port
- Healthy threshold: 5 consecutive successes
- Unhealthy threshold: 2 consecutive failures
- Timeout: 5 seconds
- Interval: 30 seconds
- Success codes: 200-399
- Click "Next" and "Create target group"
Step 2: Create the Application Load Balancer
- Navigate to EC2 > Load Balancing > Load Balancers
- Click "Create load balancer"
- Select "Application Load Balancer"
- Basic configuration:
- Name:
multi-domain-alb - Scheme: internet-facing
- IP address type: ipv4
- Name:
- Network mapping:
- VPC: Select your VPC
- Mappings: Select at least two Availability Zones and public subnets
- Security groups:
- Create or select a security group that allows HTTP (port 80) and HTTPS (port 443)
- Listeners and routing:
- HTTP on port 80: Forward to the default target group (e.g.,
inmo-track-tg) - Add HTTPS on port 443 if you have SSL certificates
- HTTP on port 80: Forward to the default target group (e.g.,
- Click "Create load balancer"
Step 3: Configure Listener Rules for Host-Based Routing
- After ALB creation, navigate to the "Listeners" tab
- Select the HTTP:80 listener and click "View/edit rules"
- Click "Add rules"
- Create a rule for Webpage A:
- Condition: Host header is
inmo-track.com - Action: Forward to
inmo-track-tg
- Condition: Host header is
- Create a rule for Webpage B:
- Condition: Host header is
time-track.me - Action: Forward to
time-track-tg
- Condition: Host header is
- Make sure to set the priority of these rules above the default rule
Step 4: Update ECS Task Definition and Service
For both services, update the task definitions to work with the ALB:
-
Navigate to Amazon ECS > Task Definitions
-
Create or update task definitions for both services:
- For each container definition, ensure the port mappings are correctly set (typically port 80)
- Make sure the container ports are accessible
-
Create the ECS services (Note that if you already has an ECS Service, you need to delete it and create it again):
-
Navigate to your ECS cluster
-
Select the service you want to update or click "Create" to make a new service
-
In the service creation/update wizard:
For Webpage A:
- On the "Configure service" page, select your task definition and configure other service settings
- In the deployment configuration section, set your desired service options
- In the "Networking" section (might appear as a separate tab or section):
- Configure your VPC, subnets, and security groups
- In the "Load balancing" section (usually found below the networking options):
- Select "Application Load Balancer" as the load balancer type
- For service IAM role, select an appropriate role with ECS service permissions
- In the "Container to load balance" section, select your container name and port
- For "Target group name", select
inmo-track-tgfrom the dropdown
- Review and complete the remaining steps to create/update the service
For Webpage B:
- Follow the same process but select
time-track-tgas your target group
-
Step 5: Configure DNS Records
Create DNS records pointing your domains to the ALB:
- Navigate to your DNS provider
- Create an A record or CNAME record for
inmo-track.compointing to your ALB DNS name - Create an A record or CNAME record for
time-track.mepointing to your ALB DNS name
Step 6: Test Your Configuration
Once DNS propagation completes:
- Visit
http://inmo-track.com- should serve content from the first ECS service - Visit
http://time-track.me- should serve content from the second ECS service
Security Considerations
- Consider adding HTTPS listeners with SSL certificates
- Review security groups to ensure only necessary traffic is allowed
- Set up health checks for continuous service availability monitoring
Conclusion
You've now successfully set up an Application Load Balancer that routes traffic based on domain names to different ECS services. This approach allows you to host multiple websites efficiently while maintaining proper separation between services.
This implementation is cost-effective and scalable, making it ideal for hosting multiple domains on a single AWS infrastructure.