All the server addresses and ports are dummy.
I'm working on a microservices based project. I have deployed it to EC2 and ECS.
Lets assume it has 2 services:
- EC2_SERVER_IP:8080 for authentication service APIs
- EC2_SERVER_IP:8081 for user service APIs
Now, I have decided to add a load balancer to EC2 cluster. I created a load balancer and mapped it with domain, https://api.com; and enabled the SSL on it.
Load Balancer Details:
I have added a listener with Protocol:Port = HTTPS:443
I have created 2 target groups, dev-auth-tg and dev-user-tg. (linked with EC2 instance (EC2_SERVER_IP)).
On dev-auth-tg, I have registered a target by selecting EC2 instance( EC2_SERVER_IP) and port 8080
On dev-user-tg, I have registered a target by selecting EC2 instance( EC2_SERVER_IP) and port 8081
For each target group, Protocol:Port = HTTPS:443 and protocol version is HTTP1.
After that, I checked the state of instance and target group.
Instance is "running", target group is "healthy" (means these are hitting API to get health status. I have implemented an endpoint / in root of each microservice and configure target group to get health status from there)
I have added 3 rules, one for authentication service, one for user service, and third is default.
Rule # 1:
Path Pattern is /auth*
Forward to target group: dev-auth-tg
Rule # 2:
Path Pattern is /user*
Forward to target group: dev-user-tg
Rule # 3:
If no other rule applies
Actions (Then)
Return fixed response
Response code: 503
Response body: Default Action
When I hit the endpoint:
https://api.com/
It is returning the response generated by default rule.
Now, lets assume I have an endpoint, /customers in user microservice to get data of customers.
So, when I hit the endpoint: https://api.com/user/customers
it gives 502: Bad Gateway
But when I add something else than auth and user in endpoint, it redirects to default rule.
So, it means rules are being working correctly.
Still when I hit APIs using domain address, it gives 502: Bad Gateway error.
Can anyone please assist me to troubleshoot this issue?
Note: EC2 instance is up, Target groups are healthy, Security groups are added for inbound and outbound and SSL has been enabled.
The listener port of target group is HTTPS:443, but the port of registered target is as per EC2 listener port (8080 for auth, 8081 for user). EC2 as well as load balancer access logs are not showing any logs related to these operations.
Additional info: Target type is instance, I have registered EC2 instance at required ports(8080, 8081) while registering a target.
Do I need to add record for each rules in route53?