Best practice using ALB

What would be the best practice in terms of high security and functionality of using ALB with the Docker containers that are inside private subnets? Should I install ALB in public subnet with the internet or installing ALB in private subnet would be the best thing to do in order to secure instances inside private subnet while using ALB features?

  • Increasing mysql max_connections to 1024 in a docker container
  • Unable to deploy Docker composer to AWS ECS
  • What is the entry point/command required to run an etcd container in ECS?
  • aws ecs perfomance doesn't increase on single instance
  • Docker: ECS vs Beanstalk vs Docker Cloud
  • ECS agent can not successfully pull image from ECR
  • How to do container rollbacks using a multi docker configuration on elasticbeanstalk
  • how to provide environment variables to AWS ECS task definition?
  • Docker push to AWS ECR fails on Windows: no basic auth credentials
  • Use RDS or a container (ECS) for database? Advantages and disadvantages
  • Does Kubernetes evenly distribute across an ec2 cluster?
  • Getting list of running containers from a cluster
  • One Solution collect form web for “Best practice using ALB”

    The choice of public or private for a load balancer entirely depends on how you want to access the load balancer. If traffic will be hitting the load balancer from the Internet then the load balancer has to exist in a public subnet. If traffic will only be originating from within your VPC, then the load balancer can be in a private subnet.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.