Posted On: Nov 14, 2017
Tasks running on Amazon EC2 Container Service (Amazon ECS) can now take advantage of awsvpc mode for container networking. This new mode allocates an elastic networking interface to each running task, providing a dynamic private IP address and internal DNS name. This simplifies container networking operations, allowing tasks to run with full networking features on AWS, just like EC2 instances.
Previously, tasks running on Amazon ECS shared the elastic network interface of their host EC2 instance. This meant that networking containers to communicate with other containers or external traffic sources required you to map the port on each container. This required knowing which ports were available for use and dynamically assigning ports to avoid conflicts. Additionally, using EC2 security groups and network monitoring tools was only possible for a host EC2 instance.
Now, users can define an Amazon ECS task definition to use task networking. This allows elastic network interfaces to be assigned directly to running Amazon ECS tasks from the VPC subnets designated by the user. This task-level elastic network interface makes it possible to assign EC2 security groups and use standard network monitoring tools at the container level. This simplifies network configuration management, allowing you to treat each container just like an EC2 instance with full networking features in the VPC.
To learn more about using task networking for your containers, see our hands-on blog or documentation. You can learn about how task networking works in our deep-dive blog.
Amazon ECS is available in US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Canada (Central), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), EU (London), and China (Beijing). For more information on AWS regions and service, please visit here.