0

I am trying to achieve the following network topology. I want the EC2 instances in private subnets to receive http traffic on port 80 from application load balancer.

enter image description here

For that

I have launched EC2 instances in both the private subnets each. Also, installed apache web server with index.html using the following user data script.

#!/bin/bash
yum update -y
yum install -y httpd.x86_64
systemctl start httpd.service
systemctl enable httpd.service
echo “Hello World from $(hostname -f)” > /var/www/html/index.html

Next, I created ALB in the public subnets. Also, registered EC2 instances with a Target Group while creating the ALB. But health checks for the registered EC2 instances always fail. Please find the image below.

enter image description here

I have double checked security groups for EC2 instances and ALB. Both looks fine to me. Could anyone please let me know what am I missing here ?

thanks

Ashy Ashcsi
  • 1,529
  • 7
  • 22
  • 54
  • Do you have NAT gateway for the private instances to enable installing `httpd`? – Marcin Jan 07 '21 at 10:55
  • Few things to check: - what path are you using I the health checks? - private subnet is allowed to receive traffic from public subnet? - can load balancer security group access private ec2 security group? - there is a routing provisioned / correct between private and public subnets? - is ACL blocking traffic between subnets? – Tomek Klas Jan 07 '21 at 10:56
  • i hv added load balancer sg to security groups associated with EC2 instances. Also route tables are correctly configured. One rt for public and another for private subnets. – Ashy Ashcsi Jan 07 '21 at 10:59
  • Can you provide exact details of your LB, Target groups, NAT gateway and RTs setup, security groups. – Marcin Jan 07 '21 at 11:18
  • The first thing to check is that apache is actually running on the servers, and on port `80`. SSH into one of the servers and run a `curl http://localhost` to see if it is. – Mark B Jan 07 '21 at 13:29

0 Answers0