I am using a reverse proxy in front of my load balancer. Currently I am just trying to make a TCP connection with LB from reverse proxy to check its health and if it succeeds then I will send the request to main load balancer. I want to check that whether my main load balancer have any servers running or not. If not I want to redirect those requests to another server fleet. Is there api or anything else which AWS load balancer exposes to tell the status of the its targets.
Go to the EC2 console, and then to the target groups section. Select your target group. From there, you should be able to see which instances are passing the healthcheck.
Related
I am new to AWS
I am develpoing a PoC for AWS server & PC Client COmmunication
My AWS Server App (Running in Ubuntu EC2) has exposed a rest API (RestAPI Name is /TestAPI)
If I call the Rest API in my C# code with "http://EC2 Ubuntu IP:8080/TestAPI", its working fine. I am getting data
I have created a Application Load Balancer & attached target Group where Ubuntu EC2 instance is added as a listner
I want to call the Rest API using Load Balancer default DNS
But if I call like below, EC2 instace Rest API is not working
"http://Load Balancer Default DNS:8080/TestAPI"
"http://Load Balancer Default DNS/TestAPI"
Kindly help
You need to check your health check of your target group associated with your Load balancer.
Load balancer will not forward traffic to your instances within the target group until it deems them as healthy.
As i can see you are port 8080 for your application, you need to set a health check for port 8080 and you need to mention health check path, by default it is /, if you can access your application on / then path is fine otherwise you need to provide path which is accesbile so that alb can successfully send packets and verify that path.
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html
Is there a way that would allow me to check if my ALB is respecting the target rules ?
Input:
ALB
URL1 -> (should be forwarded to ) TG1
URL2 -> ("""""""""""""""""""""" ) TG2
Output:
ALB works correctly or not.
Thank you in advance.
You can enable Access logs for your Application Load Balancer to check if the requests are being forwarded.
OR
Enable VPC Flow Logs
Monitor your Application Load Balancers
I would suggest checking the backend logs be it a lambda function or EC2 instances.
In case of EC2 instances, try to keep the number of instances associated with the target group equals to 1 instance, otherwise, you need to monitor all instances at the same time to ensure no requests are dropped.
From within the instance, go to the web server log file (nginx, apache, tomcat...) and tail the file with a follow option
"tail -f {web_server_log_file_name}"
If you doubt your request is reaching the load balancer at all, you can set the load balancer rule to return a fixed response and try to send a request to check if that fixed response is the one being sent back to you.
I have an ELB setup for my Magento2 application. The application is running on EC2 instances. In Magento 2 I need to specify a base url for the site. I am setting that as my load balancer public dns.
When the ELB performs Health Checks on the individual EC2 Instances they are returning a 302 as magento is trying to redirect the call to the public dns record for the ELB.
How do I deal with this?
I created a file health.html and placed this in the root magento folder on the EC2 instances.
I updated the health check to load /health.html.
This works fine and the Load Balancers are able to direct traffic to these instances as they are healthy.
This is not really ideal and mainly served to verify configurations between M2 and the ELB and EC2 instances.
I would like the health check to make sure Magento2 is actually healthy.
You could assign the health endpoint to a magento action directly.
I updated the health check to load /health.html.
Set that to an HTTP request declared in your Application routes, and add your checks there. /health/action for example.
I found the answer, There is a setting in Stores->Configuration->General->Web->Url-Options that allows you to turn off the auto redirect. I disabled this and the checks are now working
I have configured app load balancer on amazon. Set up DNS LB to route 53 with alias for A. Behind LB i have 2 instances with IIS. If i set up 2 sites on both instances, balancer automatically balance client by rotation
(as i know round robin). But, if i turn off site on IIS in one instance, load balancer continue go to that instance and if i go to exapmle.com i will have one time worked site and if refresh the page i will have error (because site turned off in IIS). Could you please tell me, how can i set up load balance to route traffic in working instance if one of them not working. Thank you
Load balancers continue to distribute the traffic on healthy servers. If it is not happening in your case, I would recheck the health check configuration under Target Groups.
You need to modify the port/path so that health checks start failing once the site is turned off. Only then, the load balancer will pass all traffic to healthy host, not the unhealthy host
What does the LB health checks say? If the back-end instances are not listening on the health check port then LB marks it as unhealthy and stops forwarding requests to it. If you are using Application loadbalancer then I think you can get the health check status within the target groups associated with the loadbalancer.
Is there any way to make an instance attached to an ELB unhealthy purposefully using boto ?
I tried few methods and non of them working so far.
Thanks for any help !!
No, this is not possible. There is no AWS API call that can change the health status of an instance. (Auto Scaling has this capability, but not Load Balancing).
You could use the deregister_instances() API call, which would effectively achieve the same result.
The Register or Deregister EC2 Instances for Your Classic Load Balancer documentation says:
Deregistering an EC2 instance removes it from your load balancer. The load balancer stops routing requests to an instance as soon as it is deregistered. If demand decreases, or you need to service your instances, you can deregister instances from the load balancer. An instance that is deregistered remains running, but no longer receives traffic from the load balancer, and you can register it with the load balancer again when you are ready.
When you deregister an instance, Elastic Load Balancing waits until in-flight requests have completed if connection draining is enabled.
Yeah, We can do that in the below scenario.
Let's assume that you have loadblancer(myloadbalancer), an instance attached with it and PingPath configuration as such below.
Ping Protocol: HTTP
Ping Port: 80
Ping Path: /
Just add boto3 code to edit the health check configuration as below and you can see the magic(Instance OutOfService).
client.configure_health_check(
LoadBalancerName='myloadbalancer',
HealthCheck={
'Target': 'HTTP:80/hjkx',
'Interval': 30,
'Timeout': 5,
'UnhealthyThreshold': 5,
'HealthyThreshold': 3
}
)
Two other options:
1. Temporarily disable the web server / process that's responding to the health check. In our case, we were running Java webapps with and nginx proxy in front of it. Shutting down the nginx proxy made the health check fail while the Java app would still be running.
2. Temporarily firewall the port that the ELB uses to perform the health check on. You could do this via a call to the AWS api.