Best practice using ALB

What would be the best practice in terms of high security and functionality of using ALB with the Docker containers that are inside private subnets? Should I install ALB in public subnet with the internet or installing ALB in private subnet would be the best thing to do in order to secure instances inside private subnet while using ALB features?

  • Docker: ECS vs Beanstalk vs Docker Cloud
  • How to ssh to a docker container on ec2 ubuntu host from outside machine
  • Passing binary data to callables on AWS
  • ECS Service other than HTTP keeps restarting
  • How to put fluentd containers behind a load balancer in ECS?
  • How to make containers communicate with each other in ECS without link and port mapping?
  • Running multiple docker instances in EC2
  • PostgreSQL on AWS ECS: psycopg2.OperationalError invalid port number 5432
  • Deploying multicontainer docker environment (flask & nginx) with EBS
  • docker info command doesn't show anything in ec2 Instance
  • Increasing mysql max_connections to 1024 in a docker container
  • executable file not found in $PATH when trying to connect to a container in an AWS ECS EC2 instance
  • One Solution collect form web for “Best practice using ALB”

    The choice of public or private for a load balancer entirely depends on how you want to access the load balancer. If traffic will be hitting the load balancer from the Internet then the load balancer has to exist in a public subnet. If traffic will only be originating from within your VPC, then the load balancer can be in a private subnet.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.