Aws-elb health check failing at 302 code

Asked 20/3, 2018 at 16:29 Answered 14/9, 2022 at 14:48

Hi i created ALB listener 443 and target group instance on 7070 port (not-ssl)

I can access instanceip:7070 without problem , but with https://elb-dns-name not able to access.. instance health check also failed with 302 code

ALB listener port https and instance is http protocol ,

when i browse with https://dns-name it redirecting to http://elb-dns-name

Labiche answered 20/3, 2018 at 16:29 Comment(0)

you get 302 when performing URL redirection, any ELB Health check will look for success code 200 for the health check to pass. In ALB, this can be configured under health check in the ELB console.

To modify the health check settings of a target group using the console

Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
On the navigation pane, under LOAD BALANCING, choose Target Groups. Select the target group.
On the Health checks tab, choose Edit.
On the Edit target group page, modify the setting Success Codes to 302 or as needed, and then choose Save.

Feu answered 20/3, 2018 at 16:47 Comment(8)

I modified success code to 200 and 302 , now instance is showing healthy, but i am not able to access elb-dns-name. it redirecting https to http and not getting web interface ,, when i access with instance ip i am not getting this error – Labiche 20/3, 2018 at 17:24

why are you redirecting HTTPs to HTTP,? then what is the point of having https, its because you don't have an HTTP listener on ALB. – Feu 20/3, 2018 at 17:27

I am not redirecting , elb it self reirecting to http ..... when i browse with elb-dns-name after few sections it failed and showing in browser as elb-dns-name – Labiche 20/3, 2018 at 17:29

Do you have nginx or any other proxy? ELB does not do redirects. – Feu 20/3, 2018 at 17:32

Please accept this answer if it helped, you can open a new answer with details for the other problem – Feu 27/3, 2018 at 6:31

You are a lifesaver @SudharsanSivasankaran – Oneal 2/11, 2018 at 12:9

In my case when I used to "ec2publicip/path" url was redirecting to "ec2publicip/path/morepath" and in my health check setting I was only mentioning "/path" in the target group path setting. When I changed it to "/path/morepath" health checks passed successfully. – Violinist 28/8, 2020 at 6:45

this answer is wrong as @Igor pointed out setting the healthcheck with 302 will show a healthy check but 302 is not the code your app responds with... – Sparling 30/8, 2022 at 10:22

I stuck with the same problem in AWS ALB (Health checks failed with these codes: [302]) Configuration:

Tomcat 9 servers that are listening on port 80 only
ALB health check path was set to "/my_app_name" expecting to serve health check from the application's root index page.

My configured health page is not expected to do any redirects, but to return HTTP/200 if server is healthy and HTTP/500 if unhealthy.

The proposed solution just to add HTTP/302 as a success code is absolutely WRONG and misleading. It means that the page's internal health check logic isn't run, as HTTP/302 redirect code just shows common ability of the server to respond.

The problem was in Tomcat server itself that in the case of request to "/my_app_name" was redirecting with HTTP/302 to "/my_app_name/" (pay attention to the slash at the end).

So setting health check path to "/my_app_name/" fixed the problem, health check logic runs well and HTTP/200 is returned.

Leninakan answered 16/5, 2022 at 12:33 Comment(2)

Correct, The proposed solution is wrong and does not fix the problem whatsoever. I had this exact problem with URL pattern matching in Django application. To anybody reading this, examine your /health path locally first and make sure to receive 200 OK. Then push changes to AWS or whatever. – Metzger 13/3 at 10:13

Adding the missing slash at the end of the health check path made it work! Thanks! – Thilde 11/6 at 5:30

add this annotation in your ingress controller it will modify the success code and nodes will be in healthy state.

alb.ingress.kubernetes.io/success-codes: 200,404,301,302

Libbielibbna answered 30/6, 2020 at 5:30 Comment(0)

I run into the same issue recently, and as suggested by @SudharsanSivasankaran we have edited the health check settings at the target level.

But we have kept the 200 only status code and instead updated the path to directly hit the page the redirection goes to.

For instance if a website hosted under instance:80 needs the user to be logged on and redirect it to the /login page, all we need to do is add the /login path in the health check.

Cancellate answered 9/7, 2020 at 14:53 Comment(0)

In my case I had a domain www.domain.com

but by default when you accessing the domain and you are not logged in you are immediately redirected to www.domain.com/login

... and that is something that caused the problem

So you have 2 options:

Go to your aws target group -> health check and change your default path / to the new one which in my case was /login. I'm really sure if login endpoint works - website works too.
Go to your aws target group -> health check and change your default status code from 200 to 200,301,302(added two redirecting status codes). It is definitely less appropriate way but still acceptable, depends on the case

Scathing answered 14/9, 2022 at 14:48 Comment(0)

I had a similar case where I'm offloading TLS on the ELB and then sending traffic to port 80 with plain HTTP. I'm always getting the 302 code from the ELB.

You can change the status code for the target group and specify the success code as 302, but I don't think that is a very good idea. Since you may encounter a different status code if you changed some configuration in your Apache or htaccess files which may cause your instance to put out of service. The goal of Health Check is identify faulty servers and remove them from the production environment.

This solution worked great for me: https://mcmap.net/q/538025/-rewrite-rule-to-return-status-200-for-certain-urls

Cited below with more explanation:

Enable the mod_rewrite module. In most Linux distros it's enabled by default when you install Apache. But check for it anyway. Check this: https://mcmap.net/q/73485/-how-to-enable-mod_rewrite-for-apache-2-2

LoadModule rewrite_module modules/mod_rewrite.so

and then add the following to your virtual host.

ErrorDocument 200 "ok"
RewriteEngine On
RewriteRule "/AWS-HEALTH-CHECK-URL" - [R=200]

AWS-HEALTH-CHECK-URL is the one you specify in the health check settings.

AWS EC2 - Target Groups - YOUR_GROUP - Health Checks

This solution will always return 200 code that specific URL as long as your server is active and serving requests.

Jennifferjennilee answered 28/7, 2022 at 8:34 Comment(0)

Recommended topics

Hot tags