0

I have a PHP + Apache application running in ECS with an Application Load Balance sitting in front of it. Everything works fine except when the application makes request to itself and the request times out.

Let's say the URL to reach the application is www.app.com and in PHP I use Guzzle to send requests to www.app.com but that request will always time out.

I suspect it is a networking issue with ALB but I do not know how I can go about fixing it. Any help please?

Thanks.

TopQ
  • 175
  • 3
  • 13

1 Answers1

0

As you're using ECS I would recommend replacing calls to a public load balancer with a service mesh instead to allow your application to keep all HTTP(S) traffic internal to the network. This will improve both security and performance (latency is reduced). AWS has an existing product that integrates with ECS to allow this functionality named App Mesh/

Alternatively if you want to stick with what you currently have setup you will need to check the following functionality:

  • If the hosts are ECS hosts are private then they will need to connect outbound by using a NAT Gateway/NAT Instance in the routing table for the 0.0.0.0/0 route. For Fargate this will depend on if the container is public or private.
  • If the host/container is public it will need the internet gateway added to its route table for the 0.0.0.0/0 route. Even if inbound access from the ALB to the host is private the host will always speak outbound to the internet via an internet gateway.
  • Ensure that inbound/outbound security groups allow access to either HTTP or HTTPS
Chris Williams
  • 32,215
  • 4
  • 30
  • 68
  • The host is in a public subnet so all outbound traffic is routed through its internet gateway. Security group outbound rule is open to all traffic while inbound is open only to the load balancer. I am not sure why would I need to open HTTP(S) for the inbound. Thanks. – TopQ Jul 30 '20 at 02:29