I have several EC2 instances deployed with a standard configuration consisting of a reverse proxy and an assortment of API gateways. The gateways and reverse proxies both use HTTP/HTTPS and so listen on 80/443. The obvious problem here is that there are port collisions if the services share the same instance, so I assign each a unique (non-standard) port, for example 8080 and 7777.
Is there are way with Terraform to host these services on the same machines and map the ports through an NLB. For example here the network load balancer accepts TCP traffic on 443 and forwards to a non-standard port.
https://api.domain.com --> (backend1.compute.internal:7777, backend2.compute.internal:7777)
https://web.domain.com --> (backend1.compute.internal:8080, backend2.compute.internal:8080)
Here I have two EC2 instances, backend1 and backend2 and 2 NLBs api.domain.com and web.domain.com.
I have tried and failed to forward from an aws_lb_listener to a aws_lb_target_group using different ports. For example.
resource "aws_lb_listener" "api_ingress_http" {
load_balancer_arn = aws_lb.api_nlb.arn
protocol = "TCP"
port = 80
default_action {
type = "forward"
target_group_arn = aws_lb_target_group.api_http.arn
}
}
resource "aws_lb_target_group" "api_http" {
name = "prod-api-http"
vpc_id = var.vpc_id
target_type = "instance"
protocol = "TCP"
port = 80 <<------------------- If this is 8080 or 7777 it fails
}
How do I set up an aws_lb_target_group that has a different port from the listener?
Note
I need ultra low latency and the highest possible throughput, microseconds matter here. This means Docker and an ALB are out of the question (tested latency is millisecond range).
