对于在 ECS 中部署的 django 应用程序容器,我对在 ECS AWS 中运行的负载均衡器进行了以下 terraform 配置:
resource "aws_lb" "api" {
name = "${local.prefix}-api"
load_balancer_type = "application"
subnets = [
aws_subnet.public_a.id,
aws_subnet.public_b.id
]
security_groups = [aws_security_group.lb_api.id]
tags = local.common_tags
}
resource "aws_lb_target_group" "api" {
name = "${local.prefix}-api"
protocol = "HTTP"
vpc_id = aws_vpc.main.id
target_type = "ip"
port = 8000
health_check {
path = "/admin/login/"
}
}
resource "aws_lb_listener" "api" {
load_balancer_arn = aws_lb.api.arn
port = 80
protocol = "HTTP"
default_action {
type = "redirect"
redirect {
port = "443"
protocol = "HTTPS"
status_code = "HTTP_301"
}
}
}
resource "aws_lb_listener" "api_https" {
load_balancer_arn = aws_lb.api.arn
port = 443
protocol = "HTTPS"
certificate_arn = aws_acm_certificate_validation.cert.certificate_arn
default_action {
type = "forward"
target_group_arn = aws_lb_target_group.api.arn
}
}
resource "aws_security_group" "lb_api" {
description = "Allow access to Application Load Balancer"
name = "${local.prefix}-lb-api"
vpc_id = aws_vpc.main.id
ingress {
protocol = "tcp"
from_port = 80
to_port = 80
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
protocol = "tcp"
from_port = 443
to_port = 443
cidr_blocks = ["0.0.0.0/0"]
}
egress {
protocol = "tcp"
from_port = 8000
to_port = 8000
cidr_blocks = ["0.0.0.0/0"]
}
tags = local.common_tags
}
我有一个几乎相同的 React Frontend 容器文件。唯一的区别是将单词“api”替换为“frontend”,目标组端口(对于前端负载均衡器,端口为 80)和健康检查路径(对于前端,仅使用“/”)
当我仅部署 API 时,我可以在浏览器上正常访问应用程序。但是,当我添加前端负载均衡器时,我无法在浏览器中访问前端(错误“503 服务暂时不可用”)。django 应用程序继续运行,但过了一段时间,它也崩溃了。
我查看了 ECS UI,发现集群、任务和容器运行正常。但我在健康检查中不断收到错误。我认为这个错误可能与端口映射有关。但映射与容器定义文件。
这可能的原因是什么?