AWS ELB load balancers keeps failing health check (HTTP)

Asked 29/8, 2016 at 20:23 Answered 30/8, 2016 at 17:3

amazon-web-services amazon-ec2 amazon-elb elastic-load-balancer

-1

On my EC2 instance my app is using Port 80, so cannot install Apache to simply get the ELB health check succeed.

For health check settings on the ELB, I am using port - HTTP/80 Ping Path - /index.html

And I have placed this index.html at the /var/www and /var/www/html/ directories as well.

<!DOCTYPE html PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML>
<BODY>
   <H1>Hi</H1>
   <P>Hello to the World.</P> 
</BODY>
</HTML>

Any clue why this is failing health check? Without this, no traffic is going to my EC2 instance.

Barone answered 29/8, 2016 at 20:23 Comment(8)

You will have to install apache and make it listen to port 80 and add this path /var/www/html/ as the doc root in apache config file then only the health check will succeed. or you can change that health check to TCP instead of HTTP. – Wadi 29/8, 2016 at 20:27

In short you need some sort of web server for passing a http health check. – Wadi 29/8, 2016 at 20:35

Since my app is using port-80, I do not think adding apache is an option as I want to keep 80 free. If I change to TCP - what do i have to do? – Barone 29/8, 2016 at 20:37

You don't have to do any thing for TCP just change the health check to TCP – Wadi 29/8, 2016 at 20:40

Already did, does not work. Set it to TCP - and used the different inbound ports I have in the security group in turn. Does not work - still unhealthy – Barone 29/8, 2016 at 20:44

Detach and reattach the instance also is your pOrt 80 open in your security group? – Wadi 29/8, 2016 at 21:3

Yes - the security group is setup with the ports. HTTP:80, SSH:22. Tried TCP on 22/80 and deattached/attached - does not work. – Barone 29/8, 2016 at 21:10

I tried to telnet into the private DNS - telnet: Unable to connect to remote host. Wondering if this is the issue and how to resolve it. – Barone 29/8, 2016 at 21:12

Found the issue .. once I created a new security group for my LB and kept that as IB for the SG used for EC2 it worked fine. Keeping the same SG across LB & EC2 is making it break for whatever reason.

http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-groups.html

Barone answered 30/8, 2016 at 17:3 Comment(0)

As long as the page returns a 200 response, it should eventually pass the health check. The Health Check configuration includes the number of times a Health Check needs to return a good result and how often to check it. So, a Healthy count of 5 with a check every 30 seconds would take 2.5 minutes to return as Healthy.

If the HTTP health check is failing, try it with a TCP health check on port 8080 or 80 as per your configured server

Also, just in case, check that your VPC configuration allows a connection from the Load Balancer to the EC2 instance. This will be automatic if they are in the same Subnet, but Network ACLs can impact a connection between different Subnets.

also check following;

Is your instance behind the ELB running a web server ? If it is does it return an '200' (OK) ? If not then that's your problem.

If you are running a web service that returns a 200, is your security group open to the ELB? Meaning the ELB's source security group has to allowed into your instance's security group.

ping path should be the file name which you want to hit after you entered url of ELB in browser.

Edgebone answered 30/8, 2016 at 7:24 Comment(1)

Could not use HTTP as I dont need Apache. Found the issue .. once I created a new security group for my LB and kept that as IB for the SG used for EC2 it worked fine. Keeping the same SG across LB & EC2 is making it break for whatever reason. docs.aws.amazon.com/elasticloadbalancing/latest/classic/… – Barone 30/8, 2016 at 17:3

Recommended topics

Hot tags