AWS ALB Shows Target Group unhealthy, even though port 80 is open to Internet

John Heyer

11/10/22, 8:59 PM

I've built an AWS ALB & Target group via Terraform and everything looks correct but the Target Group is reporting unhealthy for HTTP, HTTPS, and TCP. The instance is a t3.nano in us-east-2 and has Nginx installed and running.

I've verified the following:

Nginx is configured and running on ports 80 & 443
Security groups allow HTTP & HTTPS from 0.0.0.0/0
Instance is on a public subnet (that is, the 0.0.0.0/0 route is to the IGW)

If I access the instance's public IP from Internet, and the "Welcome to nginx!" page is displayed. This request shows up both in /var/log/nginx/access.log. tcpdump port 80 shows requests coming from Internet but nothing indicating an AWS healthcheck.

I've used ALBs and Target groups before and never encountered an issue like this. The only difference is this instance was created with Terraform.

639

1 + 2

amazon-ec2

amazon-web-services

amazon-elastic-ip

terraform

amazon-alb

Tim

11/10/22, 11:51 PM

When you have an ALB the instances should be in a private subnet with no public IP. Not sure what the problem is though, I'd have to poke around and see what's happening. I wonder if the ALB refuses to connect to public instances? Probably not but worth checking

John Heyer

11/12/22, 1:45 AM

Interesting thing is if I change the target group from 'instance' to 'ip address' and manually enter the IP address of the instance, it works fine

Score:0

Server

mclavel

11/21/22, 10:33 PM

I think you need to configure the target_type parameter in your lb_target_group resource. The default value is instance, that configuration requires use autoscaling_group for EC2 instances. If you use aws_instance for EC2, you need use ip parameter.

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group#target_type

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: AWS ALB Shows Target Group unhealthy, even though port 80 is open to Internet

TH: AWS ALB แสดงกลุ่มเป้าหมายไม่แข็งแรง แม้ว่าพอร์ต 80 จะเปิดต่ออินเทอร์เน็ตก็ตาม

RO: AWS ALB arată că grupul țintă este nesănătos, chiar dacă portul 80 este deschis la Internet

RU: AWS ALB показывает неработоспособность целевой группы, хотя порт 80 открыт для Интернета

VI: AWS ALB Hiển thị Nhóm mục tiêu không lành mạnh, mặc dù cổng 80 được mở với Internet

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.