1

I have ALB and has one of target group (type IP) where i have spring boot application.Health check for this target is failing with HTTP 502 We are using tomcat image for spring boot application.

Health check configure are

Protocol : HTTP
Path : /Query
Port: traffic port
Healthy Threshold: 2
Unhealthy Threshold: 3
Timeout : 2
Interval :5 
Success-code : 200

I am using tomcat image for this spring boot application.Is the timeout given very less and that might be cause of 502 ? But it was working with same configuration earlier.

AWS_Lernar
  • 627
  • 2
  • 9
  • 26
  • 2 seconds should be more than enough to route the traffic within AWS infrastructure unless your instance is under too much load. I would start by checking whether you can actually access that `/Query` path to which you are sending health checks. – Matus Dubrava Dec 01 '19 at 14:06
  • @ Matus Dubrava My ALB is internal so what way i can access /Query path ? – AWS_Lernar Dec 01 '19 at 14:38
  • Not through ALB but directly from within the instance that is hosting your application. – Matus Dubrava Dec 01 '19 at 14:46
  • @ Matus Dubrava I have to ping the private IP from Instance? – AWS_Lernar Dec 01 '19 at 14:49
  • No. Ping is L3 (network layer) test. You need to test the application layer and specifically the `/Query` path. You can use `curl` to test the URL from within the instance. – Matus Dubrava Dec 01 '19 at 15:32
  • @ Matus Dubrava $curl ALB-DNS/Query should be fine right ? – AWS_Lernar Dec 01 '19 at 15:45
  • 1
    No, you should query the instance directly. You need to find out whether the instance is responding to ALB health checks. – Matus Dubrava Dec 01 '19 at 16:23

1 Answers1

0

Are you using Spring Security? If you are, you probably need to allow the ALB to access to the path of the Health Check without being authenticated.

.antMatchers("/actuator/health", "/actuator/info").permitAll()
Chris Savory
  • 2,597
  • 1
  • 17
  • 27