How to debug why the AWS ALB health checks are failing?

Question

I have a ECS service running a container with a given image. When I run this container locally it works fine and I am able to get a 200 status response code when performing an HTTP request to "/v1/health" endpoint of the container.

However, in AWS this does not seem to work, as it fails when it tries to register a target for the ALB, reporting "Health checks fails" after three consecutive health check failures. No more information is given and I am totally clueless on how to debug it.

Many thanks in advance.

Answer 1

After being stuck on this for many hours on the same error on 2 of my target groups I found the solution as below:

1. The port my target group was receiving traffic from was not allowed on the security group assigned to the load balancer. After adding the port the health check passed.
2. On the 2nd target group the port was allowed on the security group but the health check was still failing which was puzzling. Upon cross checking again I found I had assigned the wrong security group to my ecs service. One that had not allowed the port. So I recreated the service with the correct security group and the health check passed.

Note: For this to work the assumption is you have a /health endpoint that returns status 200 on you ecs service running on that target group.

Answer 2

I have only been able to see the return code IIRC in the ECS service Events. You can also check your app logs and see the health checks calls. In your app, you can log all you need to troubleshoot the issue.