Saltar al contenido
Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post
Acerca de re:Post

Health check failure with HTTP/2 in an ALB target group

0

Created a new ALB with HTTP/2 support and configured the target group to use HTTP/2 as well. The goal was to make them compatible. However, I am currently facing health check failures when using HTTP/2 with the target group in the ALB. Interestingly, when I used the same container with a different target group, it was able to successfully pass data using the HTTP/1.1 protocol. Could you please help me understand why the health checks are failing in the HTTP/2 configuration?

Temas
MicroserviciosRedes y entrega de contenidoContenedores
Etiquetas
MicroserviciosBalanceo de carga elásticaAmazon Elastic Container Service
Idioma
English
preguntada hace 3 años2,1 mil visualizaciones
2 Respuestas
0

Was facing the same issue. Have you found the fix for this ??

AWS
respondido hace 9 meses
  • Sean_N INGENIERO DE SOPORTE
    hace 9 meses

    What's the OS of your server? (Linux, Windows, ...) And what do you use to host the website? (IIS, Nginx, Apache...)

  • rePost-User-6188405
    hace 9 meses

    Linux and nginx

  • Sean_N INGENIERO DE SOPORTE
    hace 9 meses

    Have you enabled HTTP2 in nginx? Backend servers need to enable HTTP2 in order for HTTP2 Target group to work

    1. Make a backup of the nginx.conf file (default location: /etc/nginx/nginx.conf).
    2. After that, modify the file by adding http2 under the listen directive:

    listen 443 ssl http2;

    1. The SSL configuration needs to be updated, so ensure that it is added under server block which has SSL configuration since HTTP/2 is only supported over HTTPS.

    server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name example.com; root /path/to/public; ssl_certificate /path/to/certificate.crt; ssl_certificate_key /path/to/private.key; ssl_protocols TLSv1.2; }

    1. Restart Nginx using the following command:

    sudo systemctl reload nginx.service

0

Hi, maybe you face this issue with TLS:

If a target group is configured with HTTPS health checks, its registered targets 
fail health checks if they support only TLS 1.3. These targets must support an
 earlier version of TLS, such as TLS 1.2.

See https://docs.aws.amazon.com/elasticloadbalancing/latest/network/target-group-health-checks.html for all details.

Hope it helps!

Didier

EXPERTO
respondido hace 3 años
  • Afridi
    hace 3 años

    The target group is set up to exclusively listen on port 80 for HTTP traffic.

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Contenido relevante