- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
A 503 error response from the Network Load Balancer (NLB) usually indicates that the targets are either not healthy or not properly configured. Ensure that your NLB, target group, and ECS tasks are all within the same VPC and that the subnets for each are correctly configured. Double-check that the NLB listener is correctly forwarding traffic to the target group and that the target group is configured with the correct target type (IP) and protocol (HTTPS). And please check the following for NLB Access Logs to view the exact error https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-access-logs.html
- Confirmed NLB, Target Group, ECS Cluster/Service/Tasks are all in the same VPC
- Confirmed Target Group configuration Target Type as IP and Protocol as TLS:443, and all registered targets are healthy (HTTPS 200 status code health check), 3 AZs, 1 task for each AZ.
When using a NLB, the NLB does not care whether the target replies with a HTTP code or not, it tries to establish the connection with TCP and that's it. So it seems to me it might not be able to do that.
A NLB does not have a SG, instead, the Security Group Rules (Ingress here) used are the ones of the service. That includes for the NLB to do the healthcheck. Make sure your SG ingress allows for the NLB to perform the healthcheck. To check, you can try to do telnet <container IP> <port>
and see whether your NLB would be able to perform the test. Do that from an EC2 instance for example, placed in the same subnet as your NLB.
Hope this helps,
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata un anno fa