This is the targets in my target group. They corresponds to the docker processes running in my ecs service.
As you can see all processes are marked as either draining
or unhealthy
.
Here is how I define my Health checks
,
I have tried the health check url on a local docker process and the url works as expected.
The same log messages are not found incloud watch log. I presume the healthcheck url is not called at all.
Here is my container definition in my task
As you can see in the above screenshot, I have mapped port 0 to 8090. I believe it is how to enable dynamic mapping.
Also I have set the network mode to 'Bridge'
How can get the health check to work? I think currently it is the reason why I cannot reach the underlying docker processes.
Best Answer
It seems to be an issue with the default security group when I created the ecs cluster
The default SG is
So basically no traffic can reach the ec2 instance that hosts the docker process.
I added a very permissive security group and it is working and I can reach the healthcheck url