阅读背景:

AWS Load Balancer EC2运行状况检查请求超时失败

来源:互联网 

I'm trying to get down and dirty with DevOps and I'm running into a health check request timed out failure. The problem is my Elastic Load Balancer sends a health check to my EC2 instance and gets a network timeout. I'm not sure what I did wrong. I am following this tutorial and I have completed all the steps up to and including "Using a Elastic Load Balancer". My EC2 instance seems to be working fine and I am able to successfully curl localhost on port 9292 from within the EC2 instance.

我正在尝试使用DevOps进行故障并且我遇到了运行状况检查请求超时失败。问题是我的Elastic Load Balancer向我的EC2实例发送运行状况检查并获得网络超时。我不确定我做错了什么。我正在学习本教程,并完成了所有步骤,包括“使用弹性负载均衡器”。我的EC2实例似乎工作正常,我能够在EC2实例中成功地在端口9292上卷曲localhost。

EC2 instance security group setup:

EC2实例安全组设置:

Elastic Load Balancer setup:

弹性负载均衡器设置:

My target group for the ELB routing has port 9292 open via HTTP and here's a screenshot of the target in my target group that is unhealthy.

我的ELB路由目标组通过HTTP打开端口9292,这是我的目标组中目标组的目标屏幕截图,它不健康。

Health check config:

健康检查配置:

I have a VPC that my EC2 instance is a part of and my ELB is connected to the same VPC. I do not have Apache installed and I do not have nginx installed. To my understanding, I do not need these. I have a Rails Puma server running and I can send successful curl requests to the server.

我有一个VPC,我的EC2实例是其中的一部分,我的ELB连接到同一个VPC。我没有安装Apache,也没有安装nginx。据我了解,我不需要这些。我有一个Rails Puma服务器正在运行,我可以将成功的curl请求发送到服务器。

My hunch is that my ELB is not allowed to reach my EC2 instance, resulting in a network timeout and a failed health check. I'm unable to find the cause for this. Any ideas? This SO post didn't help much. Are my security groups misconfigured? What else could potentially block a routing request from ELB to my EC2 instance?

我的预感是我的ELB不允许到达我的EC2实例,导致网络超时和健康状况检查失败。我无法找到原因。有任何想法吗?这个SO帖子没有多大帮助。我的安全组是否配置错误?还有什么可能阻止从ELB到我的EC2实例的路由请求?

Also, is there a way to view network requests / logs for my EC2 instance? I keep seeing VPC flow logging but I feel like there are simpler alternatives.

另外,有没有办法查看我的EC2实例的网络请求/日志?我一直看到VPC流量记录,但我觉得有更简单的替代品。

Here's something I posted in the AWS forums but to no avail.

这是我在AWS论坛上发布的内容,但无济于事。

UPDATE: I can curl the private IP of target just fine from within an EC2 instance. I don't think it's the target instance, I think it's something to do with the security group setup. I am unable to identify why though because I have basically allowed all traffic from the Load Balancer to the EC2 instance.

更新:我可以在EC2实例中完好地卷曲目标的私有IP。我认为这不是目标实例,我认为这与安全组设置有关。我无法确定原因,因为我基本上允许从Load Balancer到EC2实例的所有流量。

1 个解决方案

#1


4  

I made my mistake during the "Setup your VPC" step. I finished creating a subnet for an RDS instance. I proceeded to start an instance and the default subnet that AWS chose when I switched to my VPC was the subnet I made for my RDS, which was NOT a public subnet. Therefore, any attempts, from any EC2 instance or my load balancer, would not be able to reach it because I had only set up my public subnet to take requests.

我在“设置您的VPC”步骤中犯了错误。我完成了为RDS实例创建子网。我继续启动一个实例,当我切换到我的VPC时,AWS选择的默认子网是我为RDS制作的子网,它不是公共子网。因此,任何来自任何EC2实例或我的负载均衡器的尝试都无法访问它,因为我只设置了我的公共子网来接收请求。

The solution was to create a new instance and this time, pick the correct public subnet. My original EC2 instance was associated with a private subnet while the load balancer was pointing to the public subnet.

解决方案是创建一个新实例,这次选择正确的公有子网。当负载均衡器指向公有子网时,我的原始EC2实例与私有子网关联。

Here's a link to a hand drawn image that helped me pin point my problem, hopefully can help anyone else who's having trouble setting up. I didn't put image here directly because it's bigger than 2MB.

这是一个手绘图像的链接,帮助我指出我的问题,希望可以帮助其他任何设置有问题的人。我没有把图像直接放在这里,因为它大于2MB。

Glad to answer any further questions too!

很高兴回答任何进一步的问题!


分享到: