By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

502 Bad Gateway when going from Single Instance to Load Balancer in Elastic Beanstalk

0

Hi all,

So I am having trouble with my domain going 502 bad gateway when using a load balancer. I have a backend spring boot project that I've deployed. I've set server.port=5000 in application.properties and have a health method at endpoint "/".

I have a frontend deployed on Amplify that need to reach and endpoint in this backend, but it has to do it via HTTPS so I've gotten a domain, a certificate and told that domain to point to my EC2 instance. Now I just need to setup the load balancer for the order of actions going: Frontend call https endpoint -> load balancer receives it and funnels to http backend

I am new to AWS, so please bear with me:)

Load balancer: -Listens on port 80 HTTP -Listens on port 443 HTTPS It forwards to my target group.

Target group: This guy has health status Unhealthy -Listens on port 5000 HTTP -Health checks are done on port 5000 aswell, Path / This guy points to my EC2 instance

EC2 instance: -Inbound rules port 5000 TCP -Outbound rules All ports, All protocls.

I have no idea what to do. I suspected the Load Balancer was wrong and have went back and forth with security groups and listeners/outbound rules.

i'm trying to find the error, but when trying to fetch logs from the instance it never works. I've put access logs in my S3 bucket but don't really know what I am looking for. Saw something about 'elb_something_something' on the internet but I dont have that (or at least cant find it).

Topics
ComputeNetworking & Content Delivery
Tags
AWS Elastic BeanstalkAmazon EC2Elastic Load Balancing
Language
English
mekaniker
asked 10 days ago300 views
2 Answers
6
Accepted Answer

Hlo,

you must follow below steps and try once,

Load Balancer Configuration: Ensure that your load balancer listeners are correctly configured. It seems you have listeners set up for both HTTP (port 80) and HTTPS (port 443), which is good. Make sure they are forwarding traffic to the correct target group. Verify that your load balancer's security group allows traffic on ports 80 and 443 from the internet. Double-check both the inbound and outbound rules. Check the health check settings for your target group. Ensure that the health check path ("/") and port (5000) match the configuration of your backend application.

Target Group Configuration:** Ensure that the target group's health checks are passing successfully. If the health status is "Unhealthy," it suggests that the health checks are failing. This could be due to misconfigured health check settings or issues with the backend application responding to health check requests. Confirm that the target group's registered instances include your EC2 instance. If the instance is not registered or if it is deregistered due to failed health checks, traffic won't be routed to it.

EC2 Instance Configuration: Verify that your EC2 instance's security group allows incoming traffic on port 5000 from the load balancer. The inbound rules should permit traffic from the security group associated with the load balancer. Ensure that your backend application is listening on port 5000. You mentioned setting server.port=5000 in your Spring Boot application, which is correct. Check the logs of your backend application running on the EC2 instance. Look for any errors or exceptions that might indicate issues with the application startup or handling incoming requests.

Logging and Monitoring: If you're not seeing logs from your EC2 instance in the S3 bucket, double-check the logging configuration. Ensure that the correct log files are being captured and that the IAM role associated with your EC2 instance has permissions to write logs to the S3 bucket. Consider enabling access logs for your load balancer as well. These logs can provide insights into the incoming requests and help diagnose issues with routing or load balancing.

Thanniru Anil Kumar
answered 10 days ago
0

Morning!

EDIT: IT WORKS NOW:)

First of all, thanks for the long and detailed reply. I've come some steps forward from yesterday, I'll update the state further down.

Load Balancer:

-Make sure they are forwarding traffic to the correct target group - Yes, they are.

-Verify that your load balancer's security group allows traffic on ports 80 and 443 from the internet. - Check. Yesterday I added outbound rules for port 80 HTTP and port 443 HTTPS (prior it was only port 5000) and now the target group to which I redirect is now healthy. And the Target instance on port 5000 is also healthy (I see this under EC2->Loadbalancer->Mybalancer->Resource map).

-Check the health check settings for your target group. Ensure that the health check path ("/") and port (5000) match the configuration of your backend application. - Check. I can see in my stdout.logs that the health check is called and the target group says healthy aswell.

----

EC2 Instance Configuration:

-Verify that your EC2 instance's security group allows incoming traffic on port 5000 from the load balancer. The inbound rules should permit traffic from the security group associated with the load balancer. Check. Inbound rules for Security Group for the instance has port 22, port 80 HTTP, port 443 HTTPS and port 5000. Under "Source" the security group associated with the load balancer is stated.

---

Logging and Monitoring: I will look deeper into this, thank you.

---

State now: So like I said, yesterday I added outbound rules for the load balancers security group. This is the only change I've done since last. Target group is now healthy aswell as the instance (according to the resource map). I can make calls to my root domain from my terminal and get 200 code.

However, I have an endpoint ("/getprice") that I need to reach which, from the terminal, gives me 503 bad gateway (it takes like 20 seconds before I get that error message back). When SSHing into my instance and doing curl http://localhost:5000/getprice I get the correct response though.

What can be the problem here? The instance can obviously call the /getprice endpoint, the load balancer can call the "/" endpoint but 503's on the /getprice endpoint. I return a simple JSON file with 3 key:value's, so the file is not large by any means.

mekaniker
answered 9 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content