Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Proposal] Network Load Balancer Support #2918

Closed
Lou1415926 opened this issue Oct 14, 2021 · 3 comments
Closed

[Proposal] Network Load Balancer Support #2918

Lou1415926 opened this issue Oct 14, 2021 · 3 comments
Labels
type/design Issues that are design proposals.

Comments

@Lou1415926
Copy link
Contributor

Lou1415926 commented Oct 14, 2021

Background

Currently, the Load-Balanced Service pattern only supports listening on port 80 or 443 with HTTP/HTTPS protocols. To support more variations (e.g. listening on 443/udp), we need to integrate Network Load Balancers into Copilot.

Related Issues

Proposal

We will add a new field named nlb in Load-Balanced Service's manifest:

name: my-service
type: Load Balanced Web Service

nlb:
  port: 443/udp
  healthcheck:
    path: '/'
    success_codes: 200

This will create a service fronted by a Network Load Balancer that is listening for UDP on port 443. Traffics will be routed to the main workload container on port 443.

Flexibility on the container port can be achieved by

nlb:
  port: 443/udp
  healthcheck:
    path: '/'
    success_codes: 200
  target_container: aSidecar
  target_port: 53

This will route traffic from 443/udp to the aSidecar's port 53.

When the application is associated with a domain (e.g. by having run copilot app init --domain example.com), we will provide a default endpoint for public access : <svc>-nlb.<env>.<app>.<domain>.

For users that want to customize the domain instead of using <svc>-nlb.<env>.<app>.<domain>, they can take advantage of alias field that come with nlb:

nlb:
  alias: example.com
  port: 443/udp
  ...other configurations

similar to what they would have done with our current alias support..

We can start small by supporting only one port for the NLB. This will also mean that users can either specify http or nlb, but not both.

Sample Manifest Snippets

To listen on port 80/udp

nlb:
   port: 80/tcp

Note that this is the same as

image:
   port: 80

nlb:
   port: 80/tcp

To disable listening for HTTP/HTTPS on top of that, simply add

http: false

nlb:
   port: 80/tcp

To listen on port 443/udp, with health check configurations to apply to 443/udp

nlb:
  port: 443/udp
  healthcheck:
    path: '/'
    success_codes: 200

To listen on 5672/tcp, receiving traffic in the "rabbitmq" sidecar container

nlb:
  port: 5672/tcp
  target_container: rabbitmq
  target_port: 5672
@kohidave
Copy link
Contributor

qq - will removing the http remove the ALB ?

@Lou1415926
Copy link
Contributor Author

qq - will removing the http remove the ALB ?

If there is no LB service using ALB left in the environment, then the ALB will be removed.

@efekarakus
Copy link
Contributor

NLB support was released for "Load Balanced Web Service" in v1.14 🥳 https://github.com/aws/copilot-cli/releases/tag/v1.14.0

We would love to hear your feedback, for example the first release does not have UDP support. We'd love to hear more about:

  1. What usecases of NLB (i.e. why) you'd like to have that's not currently supported
  2. What does your architecture look like (example: is the NLB for an internal service or public?)

Resolving the issue in the mean time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type/design Issues that are design proposals.
Projects
Status: Complete
Development

No branches or pull requests

3 participants