skip to Main Content

I’ve got impressed with the simplicity of AWS Elastic Beanstalk and created multiple environments to deploy my express.js APIs. I’ve used the Classic Load Balancer with incoming requests using ports 80 & 443 and redirecting them inbound to 80 on the EC2 instances for NGINX to process.

But when tried to hit using the browser or other console applications with libraries like Axios, request-promise, the API does not respond and hits 502 error after a minute. This was very weird since the APIs send the response almost immediately under 1 or 2 seconds of time.

When I hit the APIs from the Postman console, the responses are fine. There should be some issue with NGINX, ELB and the client. The express.js application is running totally fine without any errors.

I wanted to debug and took the logs from the AWS console to see the NGINX logs having tonnes of 499 errors which was causing this issue. Moreover, some requests are not even going to NGINX from the load balancer.

I want a solution to fix this. Also, proxy_ignore_client_abort was one suggested way I found on multiple occasions. But, I am clueless on how to use this in .ebextensions way. If there’s an answer for this, this will be helpful to solve the issue.

2

Answers


  1. Chosen as BEST ANSWER

    The solution to fix this issue was to follow these steps:

    1. Use a single instance based EB stack or prefer an application load balancer instead of the classic load balancer as the CLB terminated the connections to the EB intermittently for unknown reasons.

    2. Add a custom issued SSL (could be Let's Encrypt) in case it's a single instance config via the .ebextensions to copy the SSL keys to EB. In case it's ALB based, you can use ACM from AWS to configure the cert automatically.

    3. Now, the SSL config is to be added as per the instructions from AWS EB stack documentation for Application Load Balancer / Single Instance.

    4. Now the application will run without any 499 errors due to the load balancer.


  2. Also this will happen if the SSL certificate is not valid or expired.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search