By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Cannot access the ALB URL for N8N, but my ECS Service is running fine, reaching steady state without issues

0

Fellows, I'm trying to deploy and configure N8N in my AWS account. Now, I'm facing two challenges since but it was somehow tricky to run and configure its Docker image. However, I'll focus on the greatest one, I can reach the website via its IP:

Preview IP

However, I cannot reach it by the domain I configured that is linked to my Application Load Balancer via the Route 53:

Preview 2

route 53

And I know the domain is working fine since I got issued a certificate:

certificate

This is the Task Definition JSON, you will need an EFS to configure it:

{
    "family": "n8n",
    "containerDefinitions": [
        {
            "name": "n8n",
            "image": "n8nio/n8n:latest",
            "cpu": 0,
            "portMappings": [
                {
                    "name": "n8n-80-tcp",
                    "containerPort": 80,
                    "hostPort": 80,
                    "protocol": "tcp",
                    "appProtocol": "http"
                },
                {
                    "name": "n8n-5678-tcp",
                    "containerPort": 5678,
                    "hostPort": 5678,
                    "protocol": "tcp"
                },
                {
                    "name": "n8n-443-tcp",
                    "containerPort": 443,
                    "hostPort": 443,
                    "protocol": "tcp"
                }
            ],
            "essential": true,
            "environment": [],
            "environmentFiles": [],
            "mountPoints": [
                {
                    "sourceVolume": "n8n_data",
                    "containerPath": "/data",
                    "readOnly": false
                }
            ],
            "volumesFrom": [],
            "ulimits": [],
            "logConfiguration": {
                "logDriver": "awslogs",
                "options": {
                    "awslogs-create-group": "true",
                    "awslogs-group": "/ecs/n8n",
                    "awslogs-region": "eu-west-1",
                    "awslogs-stream-prefix": "ecs"
                },
                "secretOptions": []
            },
            "systemControls": []
        }
    ],
    "taskRoleArn": "arn:aws:iam::YOUR_ID:role/ecsTaskExecutionRole",
    "executionRoleArn": "arn:aws:iam::YOUR_ID:role/ecsTaskExecutionRole",
    "networkMode": "awsvpc",
    "volumes": [
        {
            "name": "n8n_data",
            "efsVolumeConfiguration": {
                "fileSystemId": "fs-YOUR_EFS",
                "rootDirectory": "/db"
            }
        }
    ],
    "requiresCompatibilities": [
        "FARGATE"
    ],
    "cpu": "256",
    "memory": "2048",
    "runtimePlatform": {
        "cpuArchitecture": "X86_64",
        "operatingSystemFamily": "LINUX"
    }
}

As you can see the issue is quite strange since I cannot reach the URL I configured in Route 53 that is an alias to my ALB that is the same that is running my ECS Service. Oddly, I can reach the task IP without any issues as I showed before.

These are some pictures of my current configuration:

ALB:

ALB

ALB 2

ALB 3

Security Group:

SG

SG 2

Target Group:

TG

TG 2

Service configuration:

SC

TS 2

ECS Service:

ECS2

Any idea what I could be doing wrong?

Topics
ContainersNetworking & Content Delivery
Tags
Amazon Elastic Container ServiceElastic Load BalancingAmazon Route 53ContainersSecurity Group
Language
English
profile picture
Federico
asked a year ago878 views
3 Answers
1

Hello,

you're unable to access it through the URL configured in Route 53, which points to your Application Load Balancer (ALB).

could you please follow the some step it will be helpfull for you

Check Route 53 Configuration: Go to your Route 53 dashboard. Verify that the DNS record for your subdomain is correctly configured as an alias to your ALB. Ensure that the Alias Target points to the correct ALB.

Verify ALB Configuration: Go to your EC2 dashboard. Navigate to the Load Balancers section and select your ALB. Check the listeners to ensure they are configured correctly (e.g., port 80 and/or 443). Confirm that the ALB is associated with the correct target group that includes your ECS service.

Security Groups: Double-check the security groups associated with your ALB. Ensure that inbound traffic from the internet is allowed on ports 80 and/or 443.

Target Group Health: Verify that the target group associated with your ALB shows healthy instances. If not, check the health checks configured for the target group to ensure they match the settings of your ECS service. If you're using HTTPS, ensure that your SSL/TLS certificate is correctly configured and valid

EXPERT
Parthasaradi
answered a year ago
  • Federico
    a year ago

    Hi @Parthasaradi,

    1. Check Route 53 Configuration. This is correct. I have even modified to double check.
    2. Verify ALB Configuration. This is correct also. I have only one rule and points to the Target group that is healthy.
    3. Security Groups. This is correct. I went to the extreme and created one that is fully opened to everything.
    4. Target Group Health. As I said before, it's healthy and the task reached Steady State.

    None of these seemed to be the problem.

0
Accepted Answer

The solution was not in AWS. AWS was correctly configured, but the domain provider did not have the records from Route 53. I copied the values and added them as NS values with a new subdomain and began to work.

Enter image description here

profile picture
Federico
answered a year ago
profile pictureAWS
EXPERT
Jordan Sandri
reviewed 2 months ago
0

Hi Fedrico,

I'm also trying to set up n8n on Fargate with EFS but failed to get the service up and running. The container reached running state for about 1-2 minutes and then exit with code 1. There were no entries in the CloudWatch log. I mounted the EFS to an EC2 instance and noticed a config file with encryptionKey was created in .n8n directory. I tried to use EFS with access point and without access point, neither worked. Did you create /db manually in EFS? Who's the owner for /db directory? Could you share how you made it work?

Thanks, PH

blacktulip12
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content