- 최신
- 최다 투표
- 가장 많은 댓글
You will need to add rules to allow inbound traffic on the port that the Application Load Balancer (ALB) is using for health checks. By default this is port TCP/443 or TCP/80 depending on whether you specify HTTPS or HTTP health checks. The security group should allow ingress from the ALB security group on the health check port.
When using the bridge network mode, the containers are placed on the same network as the EC2 host instance. This means the security groups of the EC2 instance apply to the containers as well. Since the default VPC security group is associated with EC2 instances by default, it allows the health checks from the ALB to reach the containers without needing to be explicitly added.
In the awsvpc network mode, each container gets its own elastic network interface and thus its own security group.
As Giovanni mentioned, the security group needs to allow ingress from the ALB security group on the health check port.
See if following the documentation guidelines on security group configurations solves your problem here: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-update-security-groups.html
Or allowing the CIDR ranges on the target group IPv4 Addresses: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-register-targets.html
Hi,
Thank you for your response. I've already configured the security group to allow all traffic from the source 10.0.0.0/16, which I believe encompasses both HTTP and HTTPS. Therefore, I'm a bit puzzled if the health check requires its own specific IP or if I might have overlooked something?
Additionally, it's worth mentioning that simply adding the default VPC security group allows everything to function properly.
관련 콘텐츠
AWS 공식업데이트됨 2년 전- AWS 공식업데이트됨 2년 전
Thank you for your response. However, I have already added the following rules to the custom security group of ALB:
Yet, it seems I still need to add the default VPC security group. Could you kindly advise on what part I might be missing?