I have a Nuxt app (Vue client with Express server) that has been working for a couple years. I made a change, committed it and now my app is down. I use Elastic Beanstalk, Code Pipeline. I use route 53 as DNS and ACM (Certificate Manager).
I went straight to my EBS console to check the environment and saw that the health was severe. The logs showed no errors so I went to Events and looked for them there and found this:
Creating Load Balancer listener failed Reason: Resource handler returned message: "Certificate 'arn:aws:acm:us-east-2:019538876777:certificate/ee8af09b-c6d7-4636-b2a6-099792f66caf' not found
I went straight to the AWS Certificate Manager and saw that one certificate had expired for my domain but that another had been issued. So that means that I shouldn't have to request a new one, which I was I thought would be the case.
Where's the disconnect, then? If I have a newly reissued certificate then why is my EBS Environment still throwing an error? Thanks for any helpful tips.
Related
I have two memcached clusters created (t2.small and t2.micro)
When I updated my EB endpoint pointing to new memcached cluster which is t2.micro. It rolls back to the old cluster configuration which is cache.t2.small. It gives me warning and error message informing about the load balancer.
I have degraded status then went to OK but with the old configuration.
Anyone who had experienced the same issue?
I have tried the second time but is giving me an error.
In my AWS environment I have 2 hosted zones:
aaa.nl
bbb.nl
I have an elastic beanstalk (NodeJS) application running. It works fine. I want this EB application to be available via the domain name:
my-app.bbb.nl
I followed this approach:
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-beanstalk-environment.html#routing-to-beanstalk-environment-create-alias-procedure
Configuring a new record is easy. I can select my EB application and the record is created successfully. And i see it listed in the record list of hosted zone bbb.nl (A Record)
Now I open up my browser and navigate to:
my-app.bbb.nl
To my great surprise, what I get to see in the browser is a different application that I have running at https://my-other-app.aaa.nl, but the url is https://app.bbb.nl (my-other-app is listed as an A record in hosted zone aaa.nl)
I did get some certificate warnings in my browser as well (in the browser I see that it has the ssl certificate of aaa.nl coming along),
I do have something else running correctly at https://bbb.nl
I have no idea how this is possible and how to debug this. Anyone any clues?
Use browser development tools to trace the request to my-app.bbb.nl
Look for redirection in response.
Check if my-other-app.aaa.nl isn't hardcoded into app itself.
I created a REST AWS API Gateway and it worked perfectly when it was targeting a single ec2 instance. I then went on to set it up with an EC2 Load Balancer for a Target Group with 2 EC2 instances. Now when I make a request that I synchronously get the status of, I get a 404 error. My guess is that the initial job was posted on one machine and then I try to access it on the other machine yielding a 404 error. I tried to enable stickiness to the target group, but that did nothing. Any suggestions?
Stickiness config
I would suggest you to check the logs on your EC2 instances and see which is the exact request routed from the LB to the EC2 machine. My experience is that LB calls the EC2 instances using their internal IP address and the URL might be modified, based on configuration.
Checking the logs will help you debug this error. With stickness you're doing good.
I am hosting a Django site on Elastic Beanstalk. I haven't yet linked it to a custom domain and used to access it through the Beanstalk environment domain name like this: http://mysite-dev.eu-central-1.elasticbeanstalk.com/
Today I did some stress tests on the site which led it to spin up several new EC2 instances. Shortly afterwards I deployed a new version to the beanstalk environment via my local command line while 3 instances were still running in parallel. The update failed due to timeout. Once the environment had terminated all but one instance I tried the deployment again. This time it worked. But since then I cannot access the site through the EB environment domain name anymore. I alway get a "took too long to respond" error.
I can access it through my ec2 instance's IP address as well as through my load balancer's DNS. The beanstalk environment is healthy and the logs are not showing any errors. The beanstalk environment's domain is also part of my allowed hosts setting in Django. So my first assumption was that there is something wrong in the security group settings.
Since the load balancer is getting through it seems that the issue is with the Beanstalk environment's domain. As I understand the beanstalk domain name points to the load balancer which then redirects to the instances? So could it be that the environment update in combination with new instances spinning up has somehow corrupted the connection? If yes, how do I fix this and if no what else could be the cause?
Being a developer and newbie to cloud hosting my understanding is fairly limited in this respect. My issue seems to be similar to this one Elastic Beanstalk URL root not working - EC2 Elastic IP and Elastic IP Public DNS working
, but hasn't helped me further
Many Thanks!
Update: After one day everything is back to normal. The environment URL works as previously as if the dependencies had recovered overnight.
Obviously a server can experience downtime, but since the site worked fine when accessing the ec2 instance ip and the load balancer dns directly, I am still a bit puzzled about what's going on here.
If anyone has an explanantion for this behaviour, I'd love to hear it.
Otherwise, for those experiencing similar issues after a botched update: Before tearing out your hair in desperation, try just leaving the patient alone overnight and let the AWS ecosystem work its magic.
I have been trying to install Pivotal Cloud Foundry on AWS and I have troubles with it.
In the section upload-cert mentioned that I need to create SSL Certificates for:
*.system.example.com
*.login.system.example.com
*.uaa.system.example.com
*.apps.example.com
So, I've created domain xxxxx.com on AWS Route53 and created a certificate on AWS ACM for domain and subdomains.
So, my questions are:
do I need to create subdomains (system, login, uaa, apps) in AWS Route53
do I need to bound my domain and subdomain somehow to PCF? Or the installation process had to do it for me?
for now, if I open http://login.xxxxx.com/ it responses with 503. what can be the reason?
what is the correct url to open the PCF UI?
I have such error in Ops Manager. What can be the reason of such error?
The same about logs. When I tried to download logs for failed services it failed too. What can be the reason?
Thank you for the help!
do I need to create subdomains (system, login, uaa, apps) in AWS Route53
do I need to bound my domain and subdomain somehow to PCF? Or the installation process had to do it for me?
You can create a wildcard subdomain (*.xxxxx.com) and alias using the instructions here: https://docs.pivotal.io/pivotalcf/1-10/customizing/cloudform-er-config.html#cname
what is the correct url to open the PCF UI?
If you mean Ops Manager, it is whatever DNS entry you created and pointed to the Ops Manager public IP address in this step: https://docs.pivotal.io/pivotalcf/1-10/customizing/cloudform-om-deploy.html#create-dns
For the ERT UI, there is the Pivotal Apps Manager https://docs.pivotal.io/pivotalcf/1-10/console/index.html
which is usually apps.system.xxxx.com
You can see what system apps are deployed by connecting to Cloud Foundry using the CLI and seeing which apps are in the system org, and what their routes are.
for now, if I open http://login.xxxxx.com/ it responses with 503. what can be the reason?
If the DNS has not been set up, I'm surprised you're getting any response whatsoever. Usually you get 503s when the routers connected to the load balancers are failing for some reason (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ts-elb-error-message.html#ts-elb-errorcodes-http503)
I have such error in Ops Manager. What can be the reason of such error?
This would explain the 503s if the router is unhealthy. I would SSH into those machines and see what the logs say (in /var/vcap/sys/logs), which should tell you what is going wrong.
The reason of the red instances on the Status page was that my AWS account had limit on number of instances and it failed to create VMs for this nodes.
To find more information open Changelog (https://ops_manager_host/change_log) and the open log of the FAILED setup.