Currently, ALB is placed on AWS and one EC2 is placed below it.
(The reason for placing ALB is because WAF is set on ALB.)
EC2 is a web/AP server, and users who use services within EC2 connect externally via https (via ALB).
The EC2 operating hours are 8: 00-20: 00 every day
(Scheduled by Lambda/cloudwatch)
In this configuration, I want to automatically display the screen when the server (service) is stopped for users connecting from outside between 20:00 and 8:00 (while EC2 is stopped). I don't know how.
EC2->Load balancer->ALB->"View/edit rules" for listeners
So, I was wondering what to do when EC2 returns 503,
I did not know exactly what value to achieve.
Sorry for your understanding, thanks for your professor
Answer # 1
This is an automated method of "display a stop screen when the service is down"
Since each method is different, the time required for switching is quite different.
Which is better is difficult, but Route 53 is easier, so I think you should consider this first.
(1) Use Route53 DNS Failover
・ Switches to the stop screen server when Route53 goes down while monitoring ALB.
・ Since it is switching by DNS, it is affected by TTL after switching.
・ A web server for the stop screen is required (S3 static website is OK)
(2) Cloudwatch Alarm->Lambda
-Monitor service stoppage with Cloudwatch (Example: Alarm is activated when HealthyHostCount = 0)
* Cloudwatch monitoring interval is 5 minutes
・ Cloudwatch Alarm->SNS Topics->Cooperation with Lambda
・ Lambda code uses API to change ALB settings and switch.
It is better to register two listener rules in advance (for normal time and for stop time), and change the priority by changing the priority with the API.
・ Priority 1: IF all transferred to THEN target group
・ Priority 2: IF, all return the stop screen with THEN fixed response
・ Priority 1: IF all, return stop screen with THEN fixed response
・ Priority 2: Transfer all IF to THEN target group
You can change the priority with SetRulePriorities.
Answer # 2
If you are using ALB, you can manipulate the response contents with just ALB.
This article on the class method blog might be helpful
In this case, I think that the purpose is to "transition to a page that knows when the server is intentionally dropped".
So, should we return a response that tells us that it's intentional that we can't connect to the service?
If "Transition to error page at error response" is used, it cannot be determined whether the failure to connect to the service is intentional or due to a failure.
Answer # 3
It is better to use CloudFront's Custom Error Response, as in this article on class methods.
The page is automatically displayed when switching, and the domain can be set the same as ALB.
- aws - unicorn error log location
- aws - about nxdomain error when issuing ssl certificate in bitnami
- aws - i don't know how to save lightsail with cron editor
- aws - aws:about server construction
- aws - every time when uploading laravel application with aws codedeploy, error occurs in env
- aws - i want to pull docker image with aws cli (no basic auth credential error)
- aws - is there a way to exclude the "aws-sdk" module when deploying to lambda from cloud9?
- aws - aws authentication error for serverless framework
- aws - [aws] i want to connect to an rds instance using an ec2 instance as a springboard with ssh
- aws - i want to connect to an aws instance with ssh, but it times out
- aws - acm certificate cannot be linked to aws cloudfront
- aws - i want to calculate the processing time on aws
- aws - should i change session management from default cookie to redis when using laravel 6x for redundancy with elb?
- aws - i don't know the identity of aws rds
- aws - about aws login
- aws - i can't access the eks sample guestbook
- aws - about errors in aws waf
- aws - i have a question about aws lambda
- aws - [aws ses] i want to know why e-mail cannot be sent to the docomo e-mail address