brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-09 05:44:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(aws/ecs): elaborate on connectivity inside tasks

Browse Source
This commit is contained in:
Michele Cereda
2025-10-06 10:06:43 +02:00
parent e30956b9c4
commit 600124c782
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
knowledge base/cloud computing/aws/ecs.md
View File

@@ -775,7 +775,10 @@ One cannot manually detach nor modify those ENIs. To release the ENIs for a task
A task can only have **one** ENI associated with it at a time.
Containers belonging to the same task **can** communicate over the `localhost` interface.
Containers within the same task are placed on the same virtual network interface.<br/>
However, differently from Docker or Kubernetes, they **must** use `localhost` should they wish to communicate with each
other. Container name-based DNS resolution (e.g. `postgresql://postgres:5432) will **not** work by default, and ECS
will **not** create DNS records for container names inside a task.
Tasks on Fargate that need to pull a container image must have a route to the container registry.
@@ -1522,7 +1525,10 @@ The `fluentd-address` value is specified as a secret option as it may be treated
Options:
- [Set environment variables to secrets from Secrets Manager][pass secrets manager secrets through amazon ecs environment variables].
- [Pass Secrets Manager secrets through Amazon ECS environment variables].
When setting environment variables to secrets from Secrets Manager, it is the **execution** role (and **not** the task
role) that must have the permissions required to access them.
## Best practices