Can't connect to outside from the docker container managed by ECS on EC2
I have ECS which uses EC2 and EC2 has a container.
From EC2 node I can access the outside with this command.
[ec2-user@ip-172-31-23-50 ~]$ curl google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
Then I login container running on this node, docker exec -it container-name /bin/bash
root@ip-172-31-24-234:/# curl google.com
I can't access (nothing appears).
So, I check the security group of ECS Service.
However all outbound connection is allowed
Test
On EC2 node, I try to run another container (because I wanted to test the container which is not managed by ECS service).
docker run -it ubuntu
then install curl and try curl in the this ubuntu container, I can connect to the outside from the container.
So the problem happens only in ECS managed container,
My task definition is made by CDK, maybe this Network mode is related....??
const adminTaskDefinition = new ecs.Ec2TaskDefinition(this, 'AdminTaskDefinition', {
networkMode: ecs.NetworkMode.AWS_VPC,
})
Solution
Perhaps set your Network Mode = host in your task definition.
- Unable to run a simple python application in AWS App Runner
- Row was updated or deleted by another transaction (or unsaved-value mapping was incorrect)
- Difference between KMS encryption and S3 SSE
- How to Manage Terraform State Across Multiple Workspaces and Environments Without Causing Downtime in AWS?
- Get Cognito verification code in lambda to send SMS using local provider
- AWS ECR basic scanning - different outcomes from different accounts
- What do the SSM PingStatus values mean?
- Adding On-Premise node to EKS - Kubernetes
- Use macro inside CloudFormation Conditions
- "sls dynamodb start" throws spawn java ENOENT
- Accessing AWS ElastiCache (Redis CLUSTER mode) from different AWS accounts via AWS PrivateLink
- Cannot start an AWS ssm session on EC2 Amazon linux instance
- elasticache -ERR unknown command 'PSYNC
- AWS Cloudformation to create EventBridge Scheduler to trigger Instance Refresh
- `aws secretsmanager list-secrets` command to return secrets and filter them by tag
- nginx ingress controller type nlb with static ip giving error "AllocationIdNotFound"
- ModuleNotFoundError: No module named 'imp'
- cdk api gateway route53 lambda custom domain name not working
- couldn't get current server API group list: the server has asked for the client to provide credentials error: You must be logged in to the server
- Bash with AWS CLI - unable to locate credentials
- InvalidClientTokenId: The security token included in the request is invalid. status code: 403
- s3 - how to get fast line count of file? wc -l is too slow
- AWS PostgreSQL `Cannot find version X for aurora`
- Cannot connect to Amazon Keyspaces with cqlsh
- Can't connect to phpmyadmin in Bitnami instance hosted by AWS
- AWS Amplify - 404 error when deploying Nextjs App
- How can I connect to my aurora serverless v2 database instance?
- Why do I get a CORS error on AWS Api Gateway & Lambda POST?
- How can I toggle between kubernetes context of various deployed apps?
- Redis Instance Reuse in AWS Lambda