Questions tagged with Elastic Load Balancing

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Route 53 A record with Load Balancer DNS not propagating

I´ve configured a Load Balancer but when adding A record on Hosted Zone, the DNS is not propagating. Let me explain my current configuration (Let´s say the domain is 'something.com' and security groups are allowing traffic, also rules on LightSail): 1. LightSail instance and VPC peered (AWS default VPC and LightSail VPC are in the same avaliability zones and currently peered). From now, this will be 'previous VPC' on followint points. 2. A target group pointing to private IP addres of LightSail instance (Type: IP Addresses, Network 'Other private IP address', previous VPC, HTTPS protocol and Healty state). 3. Load Balancer with certificate imported, Internet-Facing, IPv4, previous VPC, 2 subnets selected (including the one where the Light Sail instance belongs to). 4. Hosted Zone for 'something.com' with a DNS A record for 'dummy.something.com' record pointing to Load Balancer DNS. With Alias that redirect traffic to 'Classic Load Balancer and applications', same region and previously created Load Balancer. I´ve done this before to protect an OWASP JuiceShop and it worked perfectly. The difference with the current one are: 1. DNS zone on LightSail with A record for 'dummy.something.com' pointing to the instance public IP (I´m deleting that record when creating the one Route 53, the one on previous point 4), between others records type for 'something.com' (for example A record apidummy.something.com) 2. The hosted zone is NOT 'created by Route53 Registar'. After all of this and after create the DNS A record of point 4, the DNS does not propagate and application hosted on 'dummy.something.com' is not accessible (DNS error returned). What I´m doing wrong or missing? should I create a CNAME record on LightSail for 'dummy.something.com' resolving to Load Balancer DNS? should I register 'dummy.something.com' with route53? other completely different thing? Any help would be really appreciated.
1
answers
0
votes
53
views
Pepelu
asked 2 months ago

[🚀Launch Announcement] - AWS Gateway Load Balancer launches Target Failover feature

Hello, ELB team is happy to announce that we just launched a new Target Failover feature that provides an option to define flow handling behavior for AWS Gateway Load Balancer. Using this option, customers can now rebalance existing flows to a healthy target, when the target fails or deregisters. This helps reduce failover time when a target becomes unhealthy, and also allows customers to gracefully patch or upgrade the appliances during maintenance windows. Launch Details: * This feature uses the existing ELB API/Console and provides new attributes to specify the flow handling behavior. You can use the existing modify-target-group-attributes API to define flow handling behavior using the two new attributes target_failover.on_unhealthy and target_failover.on_deregistration. * This feature does not change the default behavior and existing GWLBs are not affected. * The feature is available using API and AWS Console. * The feature is available in all commercial, GovCloud, and China regions. It will be deployed in ADC regions at a later date based on demand. * Customers should evaluate the effect of enabling this feature on availability and check with their third-party appliance provider documentation. * AWS appliance partners should consider taking following actions - (a) Partners should validate whether rebalancing existing flows to healthy target has implications on their appliance as it will start receiving the flow midway, i.e. without getting the TCP SYN. (b) Update public documentation on how this feature will affect their appliance. (c) Partner may use this capability to improve stateful flow handling on their appliances. Launch Materials: * Launch Blog - https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-aws-gateway-load-balancer-target-failover-for-existing-flows/ * Feature Documentation - https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/target-groups.html#target-failover * Attribute Documentation - https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/target-groups.html#target-group-attributes Thank you!
0
answers
1
votes
284
views
profile picture
EXPERT
asked 2 months ago

Problem on Application load balancer with rule: Health check only responds on the default rule

Hi everyone I have 3 microservices running on an **ECS cluster**. Each microservice is launched by a **Fargate task**. Each microservice runs in its own Docker container. * *Microservice A* responds on port 8083. * *Microservice B* responds on port 8084. * *Microservice C* responds on port 8085. My configuration consists of two public subnets, two private, an internet gateway and a NAT, as well as two security groups, one for fargate services and one for ALB. On the security groups I have enabled inbound traffic on all ports. I have defined a listner for the ALB that responds on port 80 and wrote some path-based rules to route requests to the appropriate target group (*every target group is a Target type*) :![Enter image description here](/media/postImages/original/IM8oFOWQXjQEuDjdKe3PeGgw) Only the health check of the target group that responds to the default rule responds ( but I suspect it all happens randomly) , and consequently only the service reachable on port 8083 works ![Enter image description here](/media/postImages/original/IMtOk5-EqJRrmxLa49ium6hg) The remaining target groups are **unreachable**. What you notice is that in the "*Registered Target"* section the assigned IP addresses change continuously. For example: ![![Enter image description here](/media/postImages/original/IMkdJ_RNqsTJazJ3J8j4foqw) Enter image description here](/media/postImages/original/IMCm7LLgy1QJKk0JsLC3XlGg) But every time IP assigned it generates a timeout. It can happen quite randomly that a certain IP address is registered correctly. These are the ECS configurations of one of the unresponsive services: ![Enter image description here](/media/postImages/original/IMOdt86JdpS_2paN_elspK5g) What is the problem and how can I solve it? Thank you. **UPDATE1** I tried to add a new instance for microservice A. For the new IP (10.0.0.137) the health check is not responding. After a few minutes, the provisioning of a new IP (10.0.0.151) appears and it is registered correctly: ![Enter image description here](/media/postImages/original/IMUcZubrfCRrGo-fpqYAvSJQ) **UPDATE2** It is really strange behavior. **All services are now connected correctly**, after several hours of failed attempts. It looks like an IP address assignment problem. Before finding the correct address, AWS makes several attempts with different IP addresses until it randomly finds the correct one. These are the CIDRs of my PRIVATE subnets * private_subnets = ["10.0.0.128/28", "10.0.0.144/28"] * public_subnets = ["10.0.0.0/28", "10.0.0.16/28"] While these are the IPs that connected successfully: 1. 10.0.0.136 (micorservice A istance1) 2. 10.0.0.151 (micorservice A istance2) 3. 10.0.0.153 (micorservice A istance3) 4. 10.0.0.152 (micorservice B) 5. 10.0.0.142 (Microservice C)
3
answers
0
votes
48
views
zar1978
asked 2 months ago