Software Development

Configuring the Elastic Load Balancer of your Elastic Beanstalk application

In my previous post I showed how to run a Spring Boot application on AWS using AWS Elastic Beanstalk. In that post I mention that it is possible to bypass the default Nginx instance on the EC2 instance and have the Elastic Load Balancer communicating with a custom port on your EC2 instance(s) directly. In this post I show how to achieve that.

The first step is to let my Spring Boot application listening for port 8888 instead of 5000. To do this simply change the following line in the ‘application.yml’ file:

...
server:
  port: 8888
...

When we now deploy the application with the Elastic Beanstalk it won’t work anymore and we will see the 502 Bad Gateway again.
To modify the ports of the Elastic Load Balancer (and the corresponding Security Groups) I add the folder ‘.ebextensions’ to my Spring Boot project. In this folder I put configuration files that will be used by the Elastic Beanstalk to configure the resources it creates. Since I deploy my application as a jar file and use Maven to create it I add the folder to the ‘main/resources’ folder so it ends up in the root of jar file.
The first file I add is the one to configure the security group:

Resources:
  securityGroupIngress:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
      GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
      IpProtocol: tcp
      ToPort: 8888
      FromPort: 8888
      SourceSecurityGroupName: {"Fn::GetAtt" : ["AWSEBLoadBalancer" , "SourceSecurityGroup.GroupName"]}

As you see I add the inbound port 8888 to the ‘default’ security group with the allowed source of the traffic being the Elastic Loadbalancer. That way the port 8888 is only available from the Elastic Load Balancer.
The next file will configure the Elastic Load Balancer so it forwards the incoming traffic on port 80 to 8888 on our EC2 instance:

Resources:
  AWSEBLoadBalancer:
    Type: "AWS::ElasticLoadBalancing::LoadBalancer"
    Properties:
      Listeners:
        - {LoadBalancerPort: 80, InstanceProtocol: "TCP", InstancePort: 8888, Protocol: "TCP"}
      HealthCheck:
        HealthyThreshold: "3"
        Interval: "30"
        Target: "HTTP:8888/hello"
        Timeout: "5"
        UnhealthyThreshold: "5"

As you can see also the HealthCheck is modified since our EC2 instance now listens to port 8888. After adding these files my resources folder looks like this:

screenshot-at-jul-12-20-08-12
When we rebuild the application and perform the ‘eb create’ with these settings it will create the Elastic Beanstalk with the following security group:

screenshot-at-jul-12-19-54-57

And the Elastic Load Balancer contains the following listener:

screenshot-at-jul-12-19-58-28

So with this configuration our Elastic Load Balancer is directly talking with our EC2 instance(s) and bypassing the Nginx running at port 80.

Pascal Alma

Pascal is a senior JEE Developer and Architect at 4Synergy in The Netherlands. Pascal has been designing and building J2EE applications since 2001. He is particularly interested in Open Source toolstack (Mule, Spring Framework, JBoss) and technologies like Web Services, SOA and Cloud technologies. Specialties: JEE, SOA, Mule ESB, Maven, Cloud Technology, Amazon AWS.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Back to top button