Cloud map service discovery target per environment

[sekamaneka]

Hello again,

as mentioned in another issue im trying to create an API GW with copilot authorization. It should have 2 environments. prod and test. But only 1 of them works at any given time (the one created first). I think the issue is that these two service discovery endpoints have the same name.

copilot svc show

Service Discovery

  Environment       Namespace
  -----------       ---------
  prod, test        api.ens.local:443
  

[efekarakus]

Hi @swilso793 :)

Assuming that you're not importing an existing VPC, Copilot should create for each environment's VPC:

copilot-cli/templates/environment/versions/cf-v1.1.0.yml

Lines 44 to 52 in 35ac40c

	ServiceDiscoveryNamespace:
	Type: AWS::ServiceDiscovery::PrivateDnsNamespace
	Properties:
	Name: !Sub ${AppName}.local
	{{- if .ImportVPC}}
	Vpc: {{.ImportVPC.ID}}
	{{- else}}
	Vpc: !Ref VPC
	{{- end}}

Are you importing an existing VPC?

[sekamaneka]

Hey,

Yes it creates two private dns namespaces. With exactly the same name.
Since it's dns i assume the name matters and not some unique id behind it.

Even if selecting the cloudmap manually (from the web console) as an integration target of the API GW it doensn't work.
I will try changing the local namespace to have the env in the name and report back if it works.

     Properties: 
         Name: !Sub ${Env}.${AppName}.local 

[sekamaneka]

When adding the environment name to the cloudmap namespace it works as expected.

[efekarakus]

Wow okay! this is surprising to me, do you have a VPC link for your HTTP API? Does APIGW still pick up the "test" environment's namespace if your VPC link points to the "prod" environment?

[sekamaneka]

yes and yes.. It just leads to a service unavailable message. when in doubt blame DNS 💯

[efekarakus]

😂 thanks for letting us know! I'll reach out to someone on the APIGW team to see if this is expected behavior or if it's a bug that they can fix!

[efekarakus]

Hi @swilso793 I contacted the API GW team to let them know of this behavior, I'll update this issue if we get any updates!

[efekarakus]

Hi @swilso793 would you mind emailing me karakuse@amazon.com with your account ID and VPC IDs where this issue was occurring, I'll relay this information to help us troubleshoot with the APIGW team.

Thanks!

[efekarakus]

@swilso793 I just head back from the APIGW team that this issue should be fixed now for new CloudMap integrations!

So if we start from new environments hopefully this behavior should be gone.

[sekamaneka]

thank you! i will test at a later date but im closing this for now.

[efekarakus]

Yay I just tried this out and can confirm that APIGW has fixed this issue!