enum NetworkMode
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.ECS.NetworkMode |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awsecs#NetworkMode |
 Java | software.amazon.awscdk.services.ecs.NetworkMode |
 Python | aws_cdk.aws_ecs.NetworkMode |
 TypeScript (source) | aws-cdk-lib » aws_ecs » NetworkMode |
The networking mode to use for the containers in the task.
Example
declare const vpc: ec2.Vpc;
const cluster = new ecs.Cluster(this, 'Cluster', { vpc });
const securityGroup = new ec2.SecurityGroup(this, 'SecurityGroup', {
vpc,
description: 'Security group for managed instances',
});
const miCapacityProvider = new ecs.ManagedInstancesCapacityProvider(this, 'MICapacityProvider', {
capacityOptionType: ecs.CapacityOptionType.SPOT,
subnets: vpc.privateSubnets,
securityGroups: [securityGroup],
instanceRequirements: {
vCpuCountMin: 1,
memoryMin: Size.gibibytes(2),
},
});
// Optionally configure security group rules using IConnectable interface
miCapacityProvider.connections.allowFrom(ec2.Peer.ipv4(vpc.vpcCidrBlock), ec2.Port.tcp(80));
// Add the capacity provider to the cluster
cluster.addManagedInstancesCapacityProvider(miCapacityProvider);
const taskDefinition = new ecs.TaskDefinition(this, 'TaskDef', {
memoryMiB: '512',
cpu: '256',
networkMode: ecs.NetworkMode.AWS_VPC,
compatibility: ecs.Compatibility.MANAGED_INSTANCES,
});
taskDefinition.addContainer('web', {
image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'),
memoryReservationMiB: 256,
});
new ecs.FargateService(this, 'FargateService', {
cluster,
taskDefinition,
minHealthyPercent: 100,
capacityProviderStrategies: [
{
capacityProvider: miCapacityProvider.capacityProviderName,
weight: 1,
},
],
});
Members
| Name | Description |
|---|---|
| NONE | The task's containers do not have external connectivity and port mappings can't be specified in the container definition. |
| BRIDGE | The task utilizes Docker's built-in virtual network which runs inside each container instance. |
| AWS_VPC | The task is allocated an elastic network interface. |
| HOST | The task bypasses Docker's built-in virtual network and maps container ports directly to the EC2 instance's network interface directly. |
| NAT | The task utilizes Docker's built-in virtual network which runs inside each Windows container instance. |
NONE
The task's containers do not have external connectivity and port mappings can't be specified in the container definition.
BRIDGE
The task utilizes Docker's built-in virtual network which runs inside each container instance.
AWS_VPC
The task is allocated an elastic network interface.
HOST
The task bypasses Docker's built-in virtual network and maps container ports directly to the EC2 instance's network interface directly.
In this mode, you can't run multiple instantiations of the same task on a single container instance when port mappings are used.
NAT
The task utilizes Docker's built-in virtual network which runs inside each Windows container instance.