Skip to main content

Questions tagged [amazon-alb]

Amazon Web Services supports three types of Load Balancers. An Application Load Balancer (ALB) functions at the application layer, the seventh layer of the Open Systems Interconnection (OSI) model.

Filter by
Sorted by
Tagged with
21 votes
2 answers
21k views

AWS Fargate service: scale to zero?

I've recently migrated a small web application to AWS using Fargate and Aurora Serverless. The application doesn't get much traffic so my goal is to save cost while no one is using it. Aurora ...
computmaxer's user avatar
6 votes
1 answer
11k views

AWS Application Load Balancer vs Network Load Balancer

I am trying to understand what are the key differences are between ALB (Application Load Balancer) and NLB (Network Load Balancer). I understand that ALB is at layer 7 on the OSI model -- this means ...
Diego Velez's user avatar
6 votes
1 answer
10k views

ALB Connection Draining is always reaching the "Deregistration Delay"

I'm using ECS along with ALB to expose my containers to the internet. When I'm updating a container image (I'm using CloudFormation to update the tasks and services), the target group set the ...
Laurent Jalbert Simard's user avatar
5 votes
1 answer
5k views

AWS ALB resolves to 2 IPs. What are they?

I have set up an AWS ALB for my application. The ALB is connected to AWS ECS cluster which has 2 instances. The 2 instances are in private subnets. When I resolve the IP of the ALB DNS name, I get 2 ...
Neron Joseph's user avatar
5 votes
1 answer
895 views

ECS Stopped Task not Releasing Port

I have an ECS cluster with ELB. Last night I saw that a task was stuck in restarting loop. From the service Events log, it said: "service xxxxx was unable to place a task because no container ...
billyklh's user avatar
4 votes
1 answer
2k views

Is there any point in using more than one Application Load Balancer on AWS?

One can add to ALB multiple listeners and rules that can check for hostname and forward requests to appropriate target groups. So, I'm not sure what could be the point in using more than 1 Application ...
Defozo's user avatar
  • 153
4 votes
2 answers
9k views

AWS Application Load Balancer (ALB) in single az

We have an environment setup in AWS and would like to have an ALB with targets in only one AZ and that only appears on IP address in the same AZ. This is required because of some routing rules that we ...
theduck's user avatar
  • 213
4 votes
1 answer
5k views

AWSApplication load balancer - custom headers

I have question regarding AWS ALB. Does anybody knows if it is possible to modify (specifically ADD) custom headers to requests? Something like proxy_set_header in nginx http://nginx.org/en/docs/http/...
Jakub Ječmínek's user avatar
4 votes
1 answer
1k views

Is there a CloudWatch metric that corresponds to ALB data transfer usage/cost?

I have an Application Load Balancer whose data transfer cost I want to monitor. In Cost Explorer, I can filter on usage type "DataTransfer-Out-Bytes", and see how many GB of data it is ...
legoscia's user avatar
  • 318
4 votes
0 answers
5k views

Overriding AWS ALB's default error page(s) with custom one(s) using CloudFront

I have an ALB, containing Rules that forward requests to my private EC2s, hosted on AWS, and when I make a new deployment, I have a script in Lambda that turns off my ASGs and turns them back on. ...
G. ILL's user avatar
  • 41
3 votes
2 answers
7k views

Is reverse proxy still required between AWS ALB and application server?

Context Web application with application server, i.e. Ruby on Rails with puma. Running within a container on AWS ECS with Fargate. Traffic is routed by AWS Application Load Balancer directly to ...
Leszek Zalewski's user avatar
3 votes
1 answer
2k views

Should I share an AWS application load balancer between applications?

I have two unrelated applications ( they are not two microservices of the same application, but two separate services ) running on Amazon Ec2 or Fargate. Should I share an application loadbalancer ...
Heschoon's user avatar
  • 251
3 votes
1 answer
1k views

Are there any benefits in using HTTPS between a load balancer and EC2 targets?

I've spent some time refactoring a load-balanced web application in AWS in order to make it end-to-end HTTPS, CloudFront->ALB->EC2. This was mostly just for fun, to see if I could do it. Having ...
user1751825's user avatar
3 votes
1 answer
1k views

Cloudwatch event for changes in ALB target groups

I have a lambda function that copies the targets (IP addresses in this case) from one target group to another (deleting any in the second target group that don't appear in the first). This gives us 2 ...
theduck's user avatar
  • 213
3 votes
1 answer
3k views

HTTP/2 for ALB with EKS on AWS

I'm experimenting with AWS EKS and have created the following setup: EKS cluster with a single service/pod/node AWS ALB ingress controller ALB I try to configure the ALB to: create access logs ...
chrisvdb's user avatar
  • 1,329
3 votes
1 answer
3k views

How do I determine the Container ID so that Terraform can attach it to an ALB target group?

I've used Terraform to create a VPC, subnets, ECS instances, routing and a task definition which I am able to run via the AWS console. That gives me a few instances of my small web app running in ...
Neil Trodden's user avatar
3 votes
5 answers
8k views

Easier way how to put AWS ALB behind Cloudfront with TLS?

I have this flow: user => Cloudfront with TLS => ALB with TLS => ECS I encrypted connection between Cloudfront and ALB. Cloudfront has domain MAIN.DOMAIN.NET + TLS cert configured. ALB has ...
wtdmn's user avatar
  • 93
3 votes
1 answer
2k views

Using ALB to target PHP-FPM ECS containers

I'd love to know if this is actually posible but I'm sure I've seen it demonstrated by one of our old AWS TAMs. I am serving PHP-FPM containers (port 9000) out of ECS hosting a PHP application. I am ...
Wildcard27's user avatar
3 votes
1 answer
13k views

AWS ALB/NLB HTTPS Target with Self-Signed Cert

I am using AWS to build a service. For this service I want to use ACM certificates. The backend is running on an EC2 instance with TLS enabled using a self-signed certificate. Since ACM certificates ...
TenPlusFive's user avatar
3 votes
1 answer
1k views

AWS: ECS/ALB setup, converting a docker-compose file, port mapping to mulitple containers

I know this is not an 'original question'. The general topic is covered extensively. Neverthless i'm struggling with my particular setup: I'm trying to basically convert the following docker-compose ...
baku's user avatar
  • 133
3 votes
1 answer
5k views

AWS ALB Connection Draining not Closing Connections after Deregistration Delay

I have three instances configured as targets in an ALB. Connection draining is disabled (deregistration delay set to 0 seconds). Sticky sessions are enabled for 5 minutes. I get stuck to one web ...
user avatar
2 votes
2 answers
10k views

How to block loadbalancer forwarding to a specific path?

I have set up ALB loadbalancer. I want to prevent forwarding request towards a specific path like not to go to mydomain.com/admin/ The current Listeners set up look like below: 1 Arn ...
Matrix's user avatar
  • 261
2 votes
2 answers
7k views

Restricting access to a specific domain on AWS

Our current setup is ALB -> Target Group -> EC2 instances At the moment it's possible to access the EC2 servers behind the load balancer using the IP address of the ALB, the DNS Name (e.g. ...
JamieD's user avatar
  • 231
2 votes
2 answers
12k views

Achieving mTLS with AWS ALB

If I have an ALB in my infrastructure with ECS target groups downstream, will SSL/TLS always be terminated at the ALB? If so, are my only options ELB/NLB to preserve the SSL/TLS context?
RustyShackleford's user avatar
2 votes
1 answer
619 views

On and off requests take very long on my system

EDITED: I have and issue in my AWS system. Every few requests takes almost exactly 130 seconds to answer. When I say a few I mean 5 to 25 or so. Normally if you cancel the slow request and send again ...
wti's user avatar
  • 158
2 votes
1 answer
2k views

How to assign the same elastic IP to a NAT gateway and an ALB?

The architectural diagram shown below is taken from an AWS blog titled Task Networking in AWS Fargate. The blog was posted in January 2018. The description that comes with the image states that: ...
krismath's user avatar
  • 125
2 votes
2 answers
5k views

AWS: How to redirect HTTP to HTTPS on App Load Balancer?

I have a number of IIS web servers behind an App Load Balancer (ALB). The web servers all have self-signed SSL certificate installed and redirect from HTTP to HTTPS using URL rewrite module properly ...
AussieDude's user avatar
2 votes
1 answer
4k views

Why is my autoscaling group instance unhealthy?

I'm noticing a very strange issue with an AWS auto-scaling group. Instances are being reported (incorrectly) as being unhealthy. The instances are then being terminated and replaced unnecessarily. ...
user1751825's user avatar
2 votes
2 answers
7k views

Cannot get websocket connection working with ec2 + application load balancer

I have an aws application load balancer with an https listener on port 9999, forwarding to a group on port 9999 with an ec2-instance being the target. If I run my websocket server with the host name ...
patrick's user avatar
  • 153
2 votes
2 answers
6k views

Nginx container health-check for AWS-ALB

I need to have a health-check path for ALB setup that points to a server which has docker container Nginx. I do not have access inside the EC2 server to add a file there. I can just add something in ...
Matrix's user avatar
  • 261
2 votes
2 answers
2k views

403 when using Terraform to attach Lambda Function to Target Group w/ ALB

I'm able to create Instances, Target Groups, and ALBs just fine with Terraform, but am getting stuck when trying to use Lambda Functions. It looks like the Lambda function gets created OK along with ...
John Heyer's user avatar
2 votes
1 answer
760 views

AWS ALB health checks of Windows Server 2022 on a HTTP/1 target group works but not with HTTP/2

I have set up an AWS application load balancer with a target group specified to be HTTP/1. The target group contains a single Windows Server 2022 instance running IIS. The health check functionality ...
JR19's user avatar
  • 21
2 votes
1 answer
38 views

Managing AWS EC2 and RDS autoscalling configuraiton

A client of ours generally can get away with running just the one EC2 and also has an Aurora serverless MySQL 5.7 database running, however there are times when their load spikes up significantly. e.g....
Seamus Lee's user avatar
2 votes
0 answers
907 views

AWS ALB and HAProxy Keep-Alive header

Has any one come across this behavior? AWS ALB is sending traffic to HaProxy. HaProxy sets keep-alive header to 29 seconds. Client connected to ALB does not see this header. It can only see "...
Sameer Naik's user avatar
2 votes
0 answers
906 views

How do you route to a mix of HTTP and HTTPS backends from an ALB Ingress?

I have a Kubernetes cluster running in EKS (on AWS.) In the cluster I have Elasticsearch, Kibana and various other web services. I would like to set up a single ALB loadbalancer such that: Requests ...
Zorlack's user avatar
  • 395
2 votes
0 answers
2k views

AWS Application Load Balancer 502 Bad Gateway

I am using AWS ECS Fargate and have an application load balancer to forward all the connections to the correct instance. I did already manage to get up a cluster and a service up and running ...
MZaza's user avatar
  • 51
1 vote
2 answers
5k views

AWS ALB for TCP socket connections on a custom port number?

I have an application load balancer (ALB) and a number of web servers behind it. Apart from HTTP and HTTPS, the web servers also serve long-lasting TCP socket connections on port 52345. When a client ...
AussieDude's user avatar
1 vote
3 answers
1k views

terraform: Configuring load-balancer to use dynamic port of ECS task/service in AWS

This is sort-of a general question for how dynamic port assignments are supposed to work, though my specific context is trying to figure-out if there is a natural way for a target-group to know the ...
Dustin Oprea's user avatar
1 vote
1 answer
343 views

AWS Application Load Balancer: how many IPv4 vs IPv6 network interfaces?

Because AWS has started to charge for public IPv4 addresses, I'm looking into how many public IPv4 addresses my Application Load Balancers are using. Right now, they are listening on IPv4 only, and it'...
legoscia's user avatar
  • 318
1 vote
1 answer
2k views

How to authorize only IP from a Fargate ECS service for MongoDB Atlas Cluster

I have an ECS Fargate service mapped to an Application Load Balancer on AWS. In this service, there are several task that are frequently killed and restart. These tasks should be able to connect to a ...
Howins's user avatar
  • 113
1 vote
1 answer
710 views

Keycloak w/ EKS + ALB (401 after auth)

I’m currently trying to get Keycloak to run in EKS behind ALB and for the life of me, I can’t get it to work. I get the redirect to a login screen and after I log in - I instantly get presented with ...
iotanum's user avatar
  • 21
1 vote
1 answer
2k views

AWS alb and DNS routing

I have example.com behind ALB Since I'm using external DNS service other than route53, I created a CNAME in my DNS service such as some-unique-name.ap-northeast-2.elb.amazonaws.com pointing to ...
eugene's user avatar
  • 139
1 vote
1 answer
2k views

Whether AWS ALB can route to different URLs within the same instance (not container based)?

I am planning to host 3 URLs on one Ec2 instance(linux and not container based) and do path based routing. Can you please help to find out whether ALB supports multiple URLs within the same instance. ...
Dave's user avatar
  • 191
1 vote
0 answers
751 views

AWS Sticky session cookie not working

I'm using an application load balancer with the target group of two instances. In the target group, I have enabled application based cookie. However whenever I test the load balancer, it keeps ...
Jay.'s user avatar
  • 111
1 vote
1 answer
105 views

AWS EC2 not showing a request for IP Issue

My AWS web servers are not showing a request for example '42.26.32.120' after running some athena queries We are unable to identify the cause of the issue, as the IPs is not in any of the access logs ...
sam23's user avatar
  • 59
1 vote
0 answers
147 views

How to reduce the time it takes a request to pass from a ALB to the actual Fargate Server?

I have a webhook endpoint where our service provider send a payload which I have to respond to within 2 seconds. I've been getting way too many timeout errors from the service provider, meaning I wasn'...
Sahil's user avatar
  • 133
1 vote
0 answers
500 views

aws-load-balancer-controller annotations not working

I'm trying to automatically start an ALB in my EKS cluster by using the aws-load-balancer-controller This is what the logs of my deployment look like: $ kubectl logs -n kube-system deployment.apps/aws-...
E-Kami's user avatar
  • 123
1 vote
0 answers
388 views

Apache 502 bad gateway response when using AWS Application Load Balancer and Centos 7

I am new in Linux/centos, I configured a Laravel application in my AWS EC2 Instance (Centos 7),The application was working fine but after that I configured a Application Load Balancer to use path ...
Hasnain's user avatar
  • 11
1 vote
1 answer
350 views

AWS ALB SSL/TLS offloading security

AWS ALBs allow one to configure an SSL/TLS certificate for encrypting traffic between the client and the LB. Traffic between the LB and the target can be protected with a certificate, but target ...
JTW's user avatar
  • 111
1 vote
0 answers
482 views

Persistent 502s from AWS ALB

This is our architecture: Cloudflare -> ALB 1 -> Nginx API Gateway -> ALB 2 -> (Nginx Sidecar -> Application) The application and the sidecar are on the same box and communicate via unix domain ...
septerr's user avatar
  • 141