aws,

How to get private IP address of Fargate ECS task with metadata

Sep 13, 2021 · 2 mins read · Post a comment
How to get private IP address of Fargate ECS task with metadata

Previously I’ve explained how to ssh into a fargate container. In this tutorial, I will cover some steps on how can you get the private IP address of a fargate ECS container, so that way you can check your service availability, access it through the private network directly, and see if the service operates as expected.

Prerequisites

  • AWS account
  • ECS cluster
  • Fargate containers

Solution

Step 1. To get the private IP address of your fargate container, firstly you will have to connect to the fargate container:

aws ecs execute-command --region {name-of-the-region} --cluster {name-of-the-cluster} --task {task number} --container {container-name} --command "/bin/bash" --interactive

Step 2. Once you are connected, get the private IP address of your fargate contaner:

wget -qO- http://169.254.170.2/v2/metadata | jq -r .Containers[0].Networks[0].IPv4Addresses[0]

It will retrive only the private IP addrees that you are looking for.

Example output:

10.0.203.295
  • Maybe you will wonder how come on earth to appear the above 169.254.170.2 IP address?
  • The first part from the command http://169.254.170.2/v2/metadata is an AWS API endpoint and returns metadata in JSON for the task that you are going to specifie.

Step 2. If you want to get all the information about the fargate task, run:

wget -qO- http://169.254.170.2/v2/metadata

Output:

{"Cluster":"arn:aws:ecs:eu-east-1:865649038563:cluster/ecs-dev-eu-east-1","TaskARN":"arn:aws:ecs:eu-east-1:885849018523:task/ecs-dev-eu-east-1/7016278a8d3813eb3185651","Family":"devcoops-dev-task-fargate","Revision":"5","DesiredStatus":"RUNNING","KnownStatus":"RUNNING","Containers":[
{"DockerId":"7016d3813eb3185651-10273856","Name":"devcoops-dev-task-fargate-route53-update","DockerName":"devcoops-dev-task-fargate-route53-update","Image":"devcoops/node:latest","ImageID":"sha256:a00c58b46d0bbe2cc7b437ebcbeac3451c668aa929d8b","Labels":{"com.amazonaws.ecs.cluster":"arn:aws:ecs:eu-east-1:8858490:cluster/ecs-dev-eu-east-1","com.amazonaws.ecs.container-name":"devcoops-dev-task-fargate-route53-update","com.amazonaws.ecs.task-arn":"arn:aws:ecs:eu-east-1:885849018523:task/ecs-dev-eu-east-1/7016278766c94340a8d3813eb3185651","com.amazonaws.ecs.task-definition-family":"devcoops-dev-task-fargate","com.amazonaws.ecs.task-definition-version":"5"},"DesiredStatus":"RUNNING","KnownStatus":"STOPPED","ExitCode":0,"Limits":
{"CPU":2},"CreatedAt":"2021-09-10T15:17:50.837396367Z","StartedAt":"2021-09-10T15:17:50.837396367Z","FinishedAt":"2021-09-10T15:17:52.260548713Z","Type":"NORMAL","Networks":[{"NetworkMode":"awsvpc","IPv4Addresses":["10.0.203.295"]}]},
{"DockerId":"7016278766c94340a8d3813eb3185651-877586198","Name":"devcoops-dev-task-fargate-cont","DockerName":"devcoops-dev-task-fargate-cont","Image":"node-alpine","ImageID":"sha256:5cd381c85eb0b7e13ec3df62b46a5ee442f0b66c8c0910e3","Labels":{"com.amazonaws.ecs.cluster":"arn:aws:ecs:eu-east-1:885849018:cluster/ecs-dev-eu-east-1","com.amazonaws.ecs.container-name":"devcoops-dev-task-fargate-cont","com.amazonaws.ecs.task-arn":"arn:aws:ecs:eu-east-1:88518523:task/ecs-dev-eu-east-1/7016278766c94340a8d3813eb3185651","com.amazonaws.ecs.task-definition-family":"devcoops-dev-task-fargate","com.amazonaws.ecs.task-definition-version":"5"},"DesiredStatus":"RUNNING","KnownStatus":"RUNNING","Limits":{"CPU":2},"CreatedAt":"2021-09-10T15:17:53.519853278Z","StartedAt":"2021-09-10T15:17:53.519853278Z","Type":"NORMAL","Networks":[
{"NetworkMode":"awsvpc","IPv4Addresses":["10.0.203.295"]}],"Volumes":[{"DockerName":"devcoops-dev-task-fargate-5-efs","Destination":"/usr/bin/console"}]}],"Limits":{"CPU":4,"Memory":8192},"PullStartedAt":"2021-09-10T15:17:39.706061369Z","PullStoppedAt":"2021-09-10T15:17:46.654785077Z","AvailabilityZone":"eu-east-1c"}

You should get output similar to above.

Conclusion

To wrap up the things, getting the private IP address of a Fargate container has a lot of advantages. As I mentioned previously checking the service state can be done directly, implementing some kind of healtcheks and many others things.
Feel free to leave a comment below and if you find this tutorial useful, follow our official channel on telegram.