By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Unable to access the API endpoints through load balancer address

0

All the server addresses and ports are dummy.

I'm working on a microservices based project. I have deployed it to EC2 and ECS. Lets assume it has 2 services:

  • EC2_SERVER_IP:8080 for authentication service APIs
  • EC2_SERVER_IP:8081 for user service APIs

Now, I have decided to add a load balancer to EC2 cluster. I created a load balancer and mapped it with domain, https://api.com; and enabled the SSL on it.

Load Balancer Details: I have added a listener with Protocol:Port = HTTPS:443

I have created 2 target groups, dev-auth-tg and dev-user-tg. (linked with EC2 instance (EC2_SERVER_IP)). On dev-auth-tg, I have registered a target by selecting EC2 instance( EC2_SERVER_IP) and port 8080 On dev-user-tg, I have registered a target by selecting EC2 instance( EC2_SERVER_IP) and port 8081

For each target group, Protocol:Port = HTTPS:443 and protocol version is HTTP1. After that, I checked the state of instance and target group. Instance is "running", target group is "healthy" (means these are hitting API to get health status. I have implemented an endpoint / in root of each microservice and configure target group to get health status from there)

I have added 3 rules, one for authentication service, one for user service, and third is default.

Rule # 1: Path Pattern is /auth* Forward to target group: dev-auth-tg

Rule # 2: Path Pattern is /user* Forward to target group: dev-user-tg

Rule # 3: If no other rule applies Actions (Then) Return fixed response Response code: 503 Response body: Default Action

When I hit the endpoint: https://api.com/ It is returning the response generated by default rule.

Now, lets assume I have an endpoint, /customers in user microservice to get data of customers. So, when I hit the endpoint: https://api.com/user/customers it gives 502: Bad Gateway

But when I add something else than auth and user in endpoint, it redirects to default rule. So, it means rules are being working correctly.

Still when I hit APIs using domain address, it gives 502: Bad Gateway error. Can anyone please assist me to troubleshoot this issue?

Note: EC2 instance is up, Target groups are healthy, Security groups are added for inbound and outbound and SSL has been enabled.

Topics
ComputeNetworking & Content Delivery
Tags
Amazon EC2Elastic Load BalancingApplication Load Balancer
Language
English
rePost-User-5203636
asked 8 months ago251 views
1 Answer
0

Hello.
First of all, it is necessary to confirm that the routing is routed to the EC2 of "dev-user-tg" when accessed by "/user/customers".
Can you check the EC2 access log and application log for "dev-user-tg" to confirm that it is being accessed?

For each target group, Protocol:Port = HTTPS:443 and protocol version is HTTP1.

The EC2 listen port is listed as "8081", but is the target group port set to 443?
I think the target group port may need to be set to the EC2 listen port.

profile picture
EXPERT
Riku_Kobayashi
answered 8 months ago
  • rePost-User-5203636
    8 months ago

    The listener port of target group is HTTPS:443, but the port of registered target is as per EC2 listener port (8080 for auth, 8081 for user). EC2 as well as load balancer access logs are not showing any logs related to these operations.

  • rePost-User-5203636
    8 months ago

    Additional info: Target type is instance, I have registered EC2 instance at required ports(8080, 8081) while registering a target.

  • rePost-User-5203636
    8 months ago

    Do I need to add record for each rules in route53?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content