Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Why ALB executes healhcheck URLs with connection close request header? Can't we allow it to use HTTP/2?

0

I have set up an ALB with ECS Fargate service. The target group's health check URL is being hit 6 times per minute, with each request having the Connection: close header and using HTTP/1.1. I’ve enabled HTTP/2 on both the ALB and the ECS service to enforce HTTP/2 usage. When I load my app on browser, it makes around 15 api calls to the load balancer and 2-3 requests fail due to premature connection closure, possibly linked to the health check endpoint.

The ALB has a 70-second Connection idle timeout, and the HTTP client keepalive duration. On the ECS service, I’ve configured IDLE_TIMEOUT and NO_REQUEST_TIMEOUT to 120 seconds, as per the documentation stating server timeout values should be higher than those on the ALB.

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/edit-load-balancer-attributes.html

I'm also curious, why connection header is removed by the ALB? If i start my app without ALB, I could see the connection header with value keep-alive.

If anybody faces this issue, please share what am I missing here?

Topics
Networking & Content DeliveryContainers
Tags
Application Load BalancerElastic Load BalancingAmazon Elastic Container Service
Language
English
asked 10 months ago136 views
1 Answer
0

The Application Load Balancer (ALB) executes health check URLs with the "Connection: close" header and uses HTTP/1.1 for a few important reasons:

  1. Health checks are designed to be independent and stateless. By using "Connection: close", the ALB ensures that each health check request is a separate connection, which helps in accurately assessing the target's health without relying on persistent connections.

  2. While HTTP/2 is supported for client-to-ALB communication, health checks are typically performed using HTTP/1.1. This is because health checks are meant to be simple and consistent across different target types and configurations.

Regarding your specific setup:

  1. The health check frequency of 6 times per minute is normal and configurable. You can adjust the health check interval in the target group settings if needed.

  2. The connection failures you're experiencing (2-3 out of 15 requests) are likely not related to the health checks. Instead, they may be caused by the interaction between your application, the ALB, and the client. The premature connection closures could be due to mismatched timeout settings or how your application handles connections.

  3. Your timeout settings (70 seconds on ALB, 120 seconds on ECS) seem appropriate. However, you might want to investigate if your application is closing connections prematurely or if there are any network issues between the ALB and your ECS tasks.

As for why the ALB removes the Connection header:

The ALB manages connections between clients and targets independently. It terminates the incoming connection from the client and creates a new connection to the target. This allows the ALB to perform its load balancing functions effectively. When the ALB forwards requests to your application, it typically doesn't include the original Connection header to maintain this separation.

To troubleshoot your issues:

  1. Review your application logs to see if there are any errors related to connection handling.
  2. Consider using AWS X-Ray or other tracing tools to identify where exactly the connection failures are occurring.
  3. Ensure your application is correctly configured to handle the connection management done by the ALB.
  4. If the issues persist, you may want to contact AWS support for more detailed investigation.

Remember that while HTTP/2 is supported between clients and the ALB, the communication between the ALB and your targets (ECS tasks) typically uses HTTP/1.1, which is why you see this protocol in your health checks.
Sources
Is it possible for alb listener to support both http2 and http1.1 ? | AWS re:Post
Health checks for Application Load Balancer target groups - Elastic Load Balancing
How Elastic Load Balancing works - Elastic Load Balancing

answered 10 months ago
  • Ashok
    10 months ago

    I've configured the below in my target group health check configuration Healthy threshold - 2 Unhealthy Threshold - 3 Interval - 70 sec Status Code - 200

    Why do I receive 6 health check API calls per minute?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content