Score:0

How to set up conditional redirects on an Application Load Balancer for an Elastic Beanstalk environment?

ng flag

I have two Docker-based single-instance Elastic Beanstalk environments (one for staging and one for production).

I'd like to migrate the (Elastic Beanstalk) application to sit behind a load balancer (primarily to take advantage of AWS Certificate Manager).

Currently I'm using .ebextensions to customise the Nginx config to satisfy my application's traffic routing requirements:

  • For path /xyz/, traffic should go to the app via port 80 (i.e. HTTP)
  • For all other requests to port 80, a (301) redirect response to port 443 (HTTPS) should be emitted.
  • All requests on port 443 (HTTPS) should pass through to the app.

So my question is: how do I achieve those routing requirements using a load balancer in front of one of my Elastic Beanstalk environments? I'm thinking to have one load balancer per environment, for the sake of flexibility.

I've come across the following possible solutions (none of which seem ideal):

  1. Set up a new Elastic Beanstalk environment with a dedicated Application Load Balancer and then modify the load balancer's listeners and rules via the EC2 console service (similar to what this Elastic Beanstalk documentation entry seems to be suggesting, under "Redirect HTTP traffic to HTTPS > Configure load balancer").
  2. Set up a new Application Load Balancer via the EC2 console service, create a new Elastic Beanstalk environment connected to the new Application Load Balancer as a Shared Application Load Balancer and then follow these guides (this and this) to (hopefully?) ensure that the load balancer and Elastic Beanstalk environment are in sync (in terms of instance management and traffic routing).
  3. Set up a new Elastic Beanstalk environment with a dedicated Application Load Balancer and then modify the application so that it listens on three ports (one for the /xyz/ traffic, one for the HTTP -> HTTPS redirection and one for the HTTPS traffic), which the docs here appear to be telling me to do (but make no mention of how to achieve multiple listening ports on a single app).

Options one and two involve going behind Elastic Beanstalk's "back" to modify underlying resources (which I'm hesitant to do) and the third option would require me to modify my application (which I'd like to try and avoid).

Are any of these options advised? Is there a better option?

Score:0
ng flag

After contacting AWS tech support about this, I can confirm that:

  • The second option is supported and the guides I mentioned are not necessary. I.e. As long as you select the application load balancer (created from EC2) as a shared load balancer (in your Elastic Beanstalk environment), they will be in sync (in terms of appropriately routing traffic to instances in the environment).
  • Another possibility is to take the first option, but instead of modifying the load balancer in EC2 (which I'm guessing would not be recommended), you can use ".ebextensions" to modify the load balancer. So in general, whenever the AWS console doesn't provide the GUI to achieve your Elastic Beanstalk requirements, ".ebextensions" can be used to work around the missing Elastic Beanstalk console GUI.
Rami avatar
us flag
Do you have any templates on how you did the modification in CloudFormation, I'm having currently almost the same issue.
ng flag
No sorry, I haven't used CloudFormation.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.