Load Balancer
- Before creating a load balancer, you must plan its region, type, protocol, and backend servers. For details, see Preparations for Creating a Load Balancer.
- The size of files that a load balancer can forward:
- Layer 4 listeners: any
- Layer 7 listeners: 10 GB or smaller
Listener
- The listener of a dedicated load balancer can be associated with a maximum of 50 backend server groups.
- An HTTPS listener can have up to 30 SNI certificates.
- Once set, the frontend protocol and port of the listener cannot be modified.
Listener
- The listener of a dedicated load balancer can be associated with a maximum of 50 backend server groups.
- An SNI certificate can have up to 100 domain names separated by commas (,).
- SNI certificates of a dedicated load balancer's listener can have up to 200 domain names.
- SNI certificates of a shared load balancer's listener can have up to 30 domain names.
- An HTTPS listener can have up to 30 SNI certificates.
- Once set, the frontend protocol and port of the listener cannot be modified.
Forwarding Policy
- Forwarding policies can be configured only for HTTP and HTTPS listeners.
- Forwarding policies must be unique.
- A maximum of 100 forwarding policies can be configured for a listener. If the number of forwarding policies exceeds the quota, the excess forwarding policies will not be applied.
- Forwarding conditions:
- If the advanced forwarding policy is not enabled, each forwarding rule has only one forwarding condition.
- If the advanced forwarding policy is enabled, each forwarding rule has up to 10 forwarding conditions.
2024-07-22
+2024-08-30
+Modified the following sections:
+- An SNI certificate can have up to 100 domain names.
- SNI certificates of a dedicated load balancer's listener can have up to 200 domain names.
- SNI certificates of a shared load balancer's listener can have up to 30 domain names.
2024-07-22
Modified the following content:
Added Access Logging.
diff --git a/docs/elb/umn/elb_ug_zs_0004.html b/docs/elb/umn/elb_ug_zs_0004.html index c548e8b3..94a9d643 100644 --- a/docs/elb/umn/elb_ug_zs_0004.html +++ b/docs/elb/umn/elb_ug_zs_0004.html @@ -33,7 +33,7 @@ Content of the private key private- If the created certificate will be used for SNI, you can specify a domain name for each certificate, and the domain name must be the same as that in the certificate.-
- A domain name can contain only letters, digits, and hyphens (-) and cannot start or end with a hyphen (-).
- A domain name consists of more than one label separated by periods. Each label can contain a maximum of 63 characters, and a domain name can contain a maximum of 100 characters.
- You can also specify multiple domain names for each certificate if the certificate will be used for SNI. The domain names must be the same as those in the certificate.
- You can specify up to 30 domain names for each certificate and separate the domain names using commas.
- A domain name can contain only letters, digits, and hyphens (-) and cannot start or end with a hyphen (-).
- A domain name consists of more than one label separated by periods. Each label can contain a maximum of 63 characters.
- A domain name can contain a maximum of 100 characters, and the total length of domain names cannot exceed 1024 characters.
- You can also specify multiple domain names for each certificate if the certificate will be used for SNI. The domain names must be the same as those in the certificate.
- An SNI certificate can have up to 100 domain names separated by commas (,).
- SNI certificates of a dedicated load balancer's listener can have up to 200 domain names.
- SNI certificates of a shared load balancer's listener can have up to 30 domain names.
- A domain name can contain only letters, digits, and hyphens (-) and cannot start or end with a hyphen (-).
- A domain name consists of more than one label separated by periods. Each label can contain a maximum of 63 characters.
- A domain name can contain a maximum of 100 characters, and the total length of domain names cannot exceed 10,000 characters.
- Description
@@ -42,7 +42,7 @@ Content of the private key privateModifying a Certificate
- Log in to the management console.
- In the upper left corner of the page, click
and select the desired region and project. - Click
in the upper left corner to display Service List and choose Network > Elastic Load Balancing. - In the navigation pane on the left, choose Certificates.
- Locate the certificate and click Modify in the Operation column.
- Modify the parameters as required.
- Click OK.
Deleting a Certificate
Only certificates that are not in use can be deleted.
-- Log in to the management console.
- In the upper left corner of the page, click and select the desired region and project.
- Click in the upper left corner to display Service List and choose Network > Elastic Load Balancing.
- In the navigation pane on the left, choose Certificates.
- Locate the certificate and click Delete in the Operation column.
- Click Yes.
- Log in to the management console.
- In the upper left corner of the page, click and select the desired region and project.
- Click in the upper left corner to display Service List and choose Network > Elastic Load Balancing.
- In the navigation pane on the left, choose Certificates.
- Locate the certificate and click Delete in the Operation column.
- Click Yes.
diff --git a/docs/elb/umn/en-us_topic_0150301848.html b/docs/elb/umn/en-us_topic_0150301848.html index 71683d38..8a943ddd 100644 --- a/docs/elb/umn/en-us_topic_0150301848.html +++ b/docs/elb/umn/en-us_topic_0150301848.html @@ -1,370 +1,370 @@ - +Access Logging
-Scenarios
ELB logs HTTP and HTTPS requests received by load balancers, including the time when the request was sent, client IP address, request path, and server response.
-With Log Tank Service (LTS), you can view logs of requests to load balancers at Layer 7 and analyze response status codes to quickly locate unhealthy backend servers.
- - ELB displays operations data, such as access logs, on the LTS console. Do not transmit private or sensitive data through fields in access logs. Encrypt your sensitive data if necessary.
- Currently, access logging is not supported in the eu-nl region.
-Scenarios
ELB logs HTTP and HTTPS requests received by load balancers, including the time when the request was sent, client IP address, request path, and server response.
+With Log Tank Service (LTS), you can view logs of requests to load balancers at Layer 7 and analyze response status codes to quickly locate unhealthy backend servers.
+ - ELB displays operations data, such as access logs, on the LTS console. Do not transmit private or sensitive data through fields in access logs. Encrypt your sensitive data if necessary.
- Currently, access logging is not supported in the eu-nl region.
Notes and Constraints
- Access logs can be configured only for application (Layer 7) load balancers.
- The access logs do not contain requests whose return code is 400 Bad Request. This is because such requests do not comply with HTTP specification and cannot be processed properly.
-Notes and Constraints
- Access logging can be configured only for application (Layer 7) load balancers.
- The access logs do not contain requests whose return code is 400 Bad Request. This is because such requests do not comply with HTTP specification and cannot be processed properly.
Prerequisites
- You have created a load balancer that can work at Layer 7. For details, see Creating a Dedicated Load Balancer.
- You have enabled LTS.
- You have created a backend server group, added backend servers to the group, and deployed services on the backend servers. For details, see Creating a Backend Server Group (Dedicated Load Balancers).
- You have add an HTTP or HTTPS listener to the load balancer. For details, see Adding an HTTP Listener or Adding an HTTPS Listener.
-Prerequisites
- You have created a load balancer that can work at Layer 7. For details, see Creating a Dedicated Load Balancer.
- You have enabled LTS.
- You have created a backend server group, added backend servers to the group, and deployed services on the backend servers. For details, see Creating a Backend Server Group (Dedicated Load Balancers).
- You have add an HTTP or HTTPS listener to the load balancer. For details, see Adding an HTTP Listener or Adding an HTTPS Listener.
Flowchart
Figure 1 Process for locating an unhealthy backend server+
-Flowchart
Figure 1 Process for locating an unhealthy backend serverCreating a Log Group
- Log in to the management console.
- In the upper left corner of the page, click
and select the desired region and project. - In the upper left corner of the page, click
and select Log Tank Service under Management & Deployment. - In the navigation pane on the left, choose Log Management.
- Click Create Log Group. In the displayed dialog box, enter a name for the log group.Figure 2 Creating a log group-
- Click OK.
-Creating a Log Group
- Log in to the management console.
- In the upper left corner of the page, click and select the desired region and project.
- In the upper left corner of the page, click and select Log Tank Service under Management & Deployment.
- In the navigation pane on the left, choose Log Management.
- Click Create Log Group. In the displayed dialog box, enter a name for the log group.Figure 2 Creating a log group+
- Click OK.
Creating a Log Stream
- On the LTS console, click
on the left of the target log group. - Click Create Log Stream. In the displayed dialog box, enter a name for the log stream.Figure 3 Creating a log stream-
- Click OK.
-Creating a Log Stream
- On the LTS console, click on the left of the target log group.
- Click Create Log Stream. In the displayed dialog box, enter a name for the log stream.Figure 3 Creating a log stream+
- Click OK.
Configuring Access Logging
- Click
in the upper left corner to display Service List and choose Network > Elastic Load Balancing. - Locate the load balancer and click its name.
- Under Access Logs, click Configure Access Log.
- Enable access logging and select the log group and log stream you created.Figure 4 Configuring access logging-
- Click OK.
Ensure that the log group is in the same region as the load balancer.
+-Configuring Access Logging
- Click in the upper left corner to display Service List and choose Network > Elastic Load Balancing.
- Locate the load balancer and click its name.
- Under Access Logs, click Configure Access Log.
- Enable access logging and select the log group and log stream you created.Figure 4 Configuring access logging+
- Click OK.
Ensure that the log group is in the same region as the load balancer.
Viewing Access Logs
You can view details about access logs on the:
-- ELB console: Click the name of the load balancer and click Access Logs to view logs.
- (Recommended) LTS console: Locate the target log group and click its name. On the displayed page, locate the target log stream and click Real-Time Logs tab.
The log format is as follows, which cannot be modified:
-$msec $access_log_topic_id [$time_iso8601] $log_ver $remote_addr:$remote_port $status "$request_method $scheme://$host$router_request_uri $server_protocol" $request_length $bytes_sent $body_bytes_sent $request_time "$upstream_status" "$upstream_connect_time" "$upstream_header_time" "$upstream_response_time" "$upstream_addr" "$http_user_agent" "$http_referer" "$http_x_forwarded_for" $lb_name $listener_name $listener_id +
Viewing Access Logs
You can view details about access logs on the:
+- ELB console: Click the name of the load balancer and click Access Logs to view logs.
- (Recommended) LTS console: Locate the target log group and click its name. On the displayed page, locate the target log stream and click Real-Time Logs tab.
The log format is as follows, which cannot be modified:
+$msec $access_log_topic_id [$time_iso8601] $log_ver $remote_addr:$remote_port $status "$request_method $scheme://$host$router_request_uri $server_protocol" $request_length $bytes_sent $body_bytes_sent $request_time "$upstream_status" "$upstream_connect_time" "$upstream_header_time" "$upstream_response_time" "$upstream_addr" "$http_user_agent" "$http_referer" "$http_x_forwarded_for" $lb_name $listener_name $listener_id $pool_name "$member_name" $tenant_id $eip_address:$eip_port "$upstream_addr_priv" $certificate_id $ssl_protocol $ssl_cipher $sni_domain_name $tcpinfo_rtt $self_defined_header
-The following is a log example:
-1644819836.370 eb11c5a9-93a7-4c48-80fc-03f61f638595 [2024-02-14T14:23:56+02:00] elb_01 192.168.1.1:888 200 "POST https://www.test.com/example/ HTTP/1.1" 1411 251 3 0.011 "200" "0.000" "0.011" "0.011" "192.168.1.2:8080" "okhttp/3.13.1" "-" "-" loadbalancer_295a7eee-9999-46ed-9fad-32a62ff0a687 listener_20679192-8888-4e62-a814-a2f870f62148 3333fd44fe3b42cbaa1dc2c641994d90 pool_89547549-6666-446e-9dbc-e3a551034c46 "-" f2bc165ad9b4483a9b17762da851bbbb 121.64.212.1:443 "10.1.1.2:8080" - TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 www.test.com 56704 -
-Table 1 describes the fields in the log.
+The following is a log example:
+1644819836.370 eb11c5a9-93a7-4c48-80fc-03f61f638595 [2024-02-14T14:23:56+02:00] elb_01 192.168.1.1:888 200 "POST https://www.test.com/example/ HTTP/1.1" 1411 251 3 0.011 "200" "0.000" "0.011" "0.011" "192.168.1.2:8080" "okhttp/3.13.1" "-" "-" loadbalancer_295a7eee-9999-46ed-9fad-32a62ff0a687 listener_20679192-8888-4e62-a814-a2f870f62148 3333fd44fe3b42cbaa1dc2c641994d90 pool_89547549-6666-446e-9dbc-e3a551034c46 "-" f2bc165ad9b4483a9b17762da851bbbb 121.64.212.1:443 "10.1.1.2:8080" - TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 www.test.com 56704 -
+Table 1 describes the fields in the log.
-Table 1 Parameter description Parameter
+-Table 1 Parameter description Parameter
Description
+Description
Value Description
+Value Description
Example Value
+Example Value
msec
+msec
Time when the log is written, in seconds with a milliseconds resolution.
+Time when the log is written, in seconds with a milliseconds resolution.
Floating-point data
+Floating-point data
1644819836.370
+1644819836.370
access_log_topic_id
+access_log_topic_id
Log stream ID.
+Log stream ID.
uuid
+uuid
eb11c5a9-93a7-4c48-80fc-03f61f638595
+eb11c5a9-93a7-4c48-80fc-03f61f638595
time_iso8601
+time_iso8601
Local time in the ISO 8601 standard format.
+Local time in the ISO 8601 standard format.
N/A
+N/A
[2022-02-14T14:23:56+08:00]
+[2024-02-14T14:23:56+02:00]
log_ver
+log_ver
Log format version.
+Log format version.
Fixed value: elb_01
+Fixed value: elb_01
elb_01
+elb_01
remote_addr: remote_port
+remote_addr: remote_port
IP address and port number of the client.
+IP address and port number of the client.
Records the IP address and port of the client.
+Records the IP address and port of the client.
192.168.1.1:888
+192.168.1.1:888
status
+status
HTTP status code.
+HTTP status code.
Records the request status code.
+Records the request status code.
200
+200
request_method scheme://host request_uri server_protocol
+request_method scheme://host request_uri server_protocol
Request method Protocol://Host name: Request URI Request protocol
+Request method Protocol://Host name: Request URI Request protocol
- request_method: request method
- scheme: HTTP or HTTPS
- host: host name, which can be a domain name or an IP address
- request_uri:
indicates the native URI initiated by the browser without any modification and it does not include the protocol and host name.
+- request_method: request method
- scheme: HTTP or HTTPS
- host: host name, which can be a domain name or an IP address
- request_uri:
indicates the native URI initiated by the browser without any modification and it does not include the protocol and host name.
"POST https://www.test.com/example/ HTTP/1.1"
+"POST https://www.test.com/example/ HTTP/1.1"
request_length
+request_length
Length of the request received from the client, including the header and body.
+Length of the request received from the client, including the header and body.
Integer
+Integer
1411
+1411
bytes_sent
+bytes_sent
Number of bytes sent to the client.
+Number of bytes sent to the client.
Integer
+Integer
251
+251
body_bytes_sent
+body_bytes_sent
Number of bytes sent to the client (excluding the response header).
+Number of bytes sent to the client (excluding the response header).
Integer
+Integer
3
+3
request_time
+request_time
Request processing time in seconds from the time when the load balancer receives the first request packet from the client to the time when the load balancer sends the response packet.
+Request processing time in seconds from the time when the load balancer receives the first request packet from the client to the time when the load balancer sends the response packet.
Floating-point data
+Floating-point data
0.011
+0.011
upstream_status
+upstream_status
Response status code returned by the backend server.
-- When the load balancer attempts to retry a request, there will be multiple response status codes.
- If the request is not correctly routed to the backend server, a hyphen (-) is displayed as a null value for this field.
Response status code returned by the backend server.
+- When the load balancer attempts to retry a request, there will be multiple response status codes.
- If the request is not correctly routed to the backend server, a hyphen (-) is displayed as a null value for this field.
HTTP status code returned by the backend server to the load balancer
+HTTP status code returned by the backend server to the load balancer
"200"
+"200"
upstream_connect_time
+upstream_connect_time
Time taken to establish a connection with the server, in seconds, with a milliseconds resolution.
-- When the load balancer attempts to retry a request, there will be multiple connection times.
- If the request is not correctly routed to the backend server, a hyphen (-) is displayed as a null value for this field.
Time taken to establish a connection with the server, in seconds, with a milliseconds resolution.
+- When the load balancer attempts to retry a request, there will be multiple connection times.
- If the request is not correctly routed to the backend server, a hyphen (-) is displayed as a null value for this field.
Floating-point data
+Floating-point data
"0.000"
+"0.000"
upstream_header_time
+upstream_header_time
Time taken to receive the response header from the server, in seconds, with a milliseconds resolution.
-- When the load balancer attempts to retry a request, there will be multiple response times.
- If the request is not correctly routed to the backend server, a hyphen (-) is displayed as a null value for this field.
Time taken to receive the response header from the server, in seconds, with a milliseconds resolution.
+- When the load balancer attempts to retry a request, there will be multiple response times.
- If the request is not correctly routed to the backend server, a hyphen (-) is displayed as a null value for this field.
Floating-point data
+Floating-point data
"0.011"
+"0.011"
upstream_response_time
+upstream_response_time
Time taken to receive the response from the server, in seconds, with a milliseconds resolution.
-- When the load balancer attempts to retry a request, there will be multiple response times.
- If the request is not correctly routed to the backend server, a hyphen (-) is displayed as a null value for this field.
Time taken to receive the response from the server, in seconds, with a milliseconds resolution.
+- When the load balancer attempts to retry a request, there will be multiple response times.
- If the request is not correctly routed to the backend server, a hyphen (-) is displayed as a null value for this field.
Floating-point data
+Floating-point data
"0.011"
+"0.011"
upstream_addr
+upstream_addr
IP address and port number of the backend server. There may be multiple values separated by commas and spaces, and each value is in the format of {IP address}:{Port number} or -.
+IP address and port number of the backend server. There may be multiple values separated by commas and spaces, and each value is in the format of {IP address}:{Port number} or -.
IP address and port number
+IP address and port number
"192.168.1.2:8080"
-
+"192.168.1.2:8080"
+http_user_agent
+http_user_agent
http_user_agent in the request header received by the load balancer, indicating the system model and browser information of the client.
+http_user_agent in the request header received by the load balancer, indicating the system model and browser information of the client.
Records the browser-related information.
+Records the browser-related information.
"okhttp/3.13.1"
+"okhttp/3.13.1"
http_referer
+http_referer
http_referer in the request header received by the load balancer, indicating the page link of the request.
+http_referer in the request header received by the load balancer, indicating the page link of the request.
Request for a page link
+Request for a page link
"-"
+"-"
http_x_forwarded_for
+http_x_forwarded_for
http_x_forwarded_for in the request header received by the load balancer, indicating the IP address of the proxy server that the request passes through.
+http_x_forwarded_for in the request header received by the load balancer, indicating the IP address of the proxy server that the request passes through.
IP address
+IP address
"-"
+"-"
lb_name
+lb_name
Load balancer name in the format of loadbalancer_load balancer ID
+Load balancer name in the format of loadbalancer_load balancer ID
String
+String
loadbalancer_295a7eee-9999-46ed-9fad-32a62ff0a687
+loadbalancer_295a7eee-9999-46ed-9fad-32a62ff0a687
listener_name
+listener_name
Listener name in the format of listener_listener ID.
+Listener name in the format of listener_listener ID.
String
+String
listener_20679192-8888-4e62-a814-a2f870f62148
+listener_20679192-8888-4e62-a814-a2f870f62148
listener_id
+listener_id
Listener ID. This field can be ignored.
+Listener ID. This field can be ignored.
String
+String
3333fd44fe3b42cbaa1dc2c641994d90
+3333fd44fe3b42cbaa1dc2c641994d90
pool_name
+pool_name
Backend server group name in the format of pool_backend server group ID
+Backend server group name in the format of pool_backend server group ID
String
+String
pool_89547549-6666-446e-9dbc-e3a551034c46
+pool_89547549-6666-446e-9dbc-e3a551034c46
member_name
+member_name
Backend server name in the format of member_server ID. This field is not supported yet. There may be multiple values separated by commas and spaces, and the value can be member_id) or -.
+Backend server name in the format of member_server ID. This field is not supported yet. There may be multiple values separated by commas and spaces, and the value can be member_id) or -.
String
+String
"-"
-
+"-"
+tenant_id
+tenant_id
Tenant ID.
+Tenant ID.
String
+String
f2bc165ad9b4483a9b17762da851bbbb
+f2bc165ad9b4483a9b17762da851bbbb
eip_address:eip_port
+eip_address:eip_port
EIP of the load balancer and frontend port that were set when the listener was added.
+EIP of the load balancer and frontend port that were set when the listener was added.
EIP of the load balancer and frontend port that were set when the listener was added.
+EIP of the load balancer and frontend port that were set when the listener was added.
121.64.212.1:443
+121.64.212.1:443
upstream_addr_priv
+upstream_addr_priv
IP address and port number of the backend server. There may be multiple values separated by commas and spaces, and each value is in the format of {IP address}:{Port number} or -.
+IP address and port number of the backend server. There may be multiple values separated by commas and spaces, and each value is in the format of {IP address}:{Port number} or -.
IP address and port number
+IP address and port number
"-" (Dedicated load balancers)
-
+"-" (Dedicated load balancers)
+certificate_id
+certificate_id
[HTTPS listener] Certificate ID used for establishing an SSL connection. This field is not supported yet.
+[HTTPS listener] Certificate ID used for establishing an SSL connection. This field is not supported yet.
String
+String
-
+-
ssl_protocol
+ssl_protocol
[HTTPS listener] Protocol used for establishing an SSL connection. For a non-HTTPS listener, a hyphen (-) is displayed as a null value for this field.
+[HTTPS listener] Protocol used for establishing an SSL connection. For a non-HTTPS listener, a hyphen (-) is displayed as a null value for this field.
String
+String
TLSv1.2
+TLSv1.2
ssl_cipher
+ssl_cipher
[HTTPS listener] Cipher suite used for establishing an SSL connection. For a non-HTTPS listener, a hyphen (-) is displayed as a null value for this field.
+[HTTPS listener] Cipher suite used for establishing an SSL connection. For a non-HTTPS listener, a hyphen (-) is displayed as a null value for this field.
String
+String
ECDHE-RSA-AES256-GCM-SHA384
+ECDHE-RSA-AES256-GCM-SHA384
sni_domain_name
+sni_domain_name
[HTTPS listener] SNI domain name provided by the client during SSL handshakes. For a non-HTTPS listener, a hyphen (-) is displayed as a null value for this field.
+[HTTPS listener] SNI domain name provided by the client during SSL handshakes. For a non-HTTPS listener, a hyphen (-) is displayed as a null value for this field.
String
+String
www.test.com
+www.test.com
tcpinfo_rtt
+tcpinfo_rtt
TCP Round Trip Time (RTT) between the load balancer and client in microseconds.
+TCP Round Trip Time (RTT) between the load balancer and client in microseconds.
Integer
+Integer
56704
+56704
self_defined_header
+self_defined_header
This field is reserved. The default value is -.
+This field is reserved. The default value is -.
String
+String
-
+-
Log analysis
-At 14:23:56 GMT+02:00 on Feb 14, 2024, the load balancer receives an HTTP/1.1 POST request from a client whose IP address and port number are 192.168.1.1 and 888, then routes the request to a backend server whose IP address and port number are 100.64.0.129 and 8080, and finally returns 200 OK to the client after receiving the status code from the backend server.
-Analysis results
-The backend server responds to the request normally.
+Log analysis
+At 14:23:56 GMT+02:00 on Feb 14, 2024, the load balancer receives an HTTP/1.1 POST request from a client whose IP address and port number are 192.168.1.1 and 888, then routes the request to a backend server whose IP address and port number are 100.64.0.129 and 8080, and finally returns 200 OK to the client after receiving the status code from the backend server.
+Analysis results
+The backend server responds to the request normally.
-Locating an Unhealthy Backend Server
The following is a log that records an exception:
-1554944564.344 - [2024-04-11T09:02:44+02:00] elb 10.133.251.171:51527 500 "GET http://10.154.73.58/lrange/guestbook HTTP/1.1" 411 3726 3545 19.028 "500" "0.009" "19.028" "19.028" "172.17.0.82:3000" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" "http://10.154.73.58:5971/" "-" loadbalancer_ed0f790b-e194-4657-9f97-53426227099e listener_b21dd0a9-690a-4945-950e-b134095c6bd9 6b6aaf84d72b40fcb2d2b9b28f6a0b83
-Log analysis
-At 09:02:44 GMT+02:00 of April 11, 2024, the load balancer received a GET/HTTP/1.1 request from the client whose IP address and port number are 10.133.251.171 and 51527 respectively and then routed the request to a backend server that uses 172.17.0.82 and port 3000 to receive requests. The load balancer then received 500 Internal Server Error from the backend server and returned the status code to the client.
-Analysis results
-The backend server was unhealthy and failed to respond to the request.
- diff --git a/docs/elb/umn/en-us_topic_0162009773.html b/docs/elb/umn/en-us_topic_0162009773.html index 19f8c1e0..218fea10 100644 --- a/docs/elb/umn/en-us_topic_0162009773.html +++ b/docs/elb/umn/en-us_topic_0162009773.html @@ -3,8 +3,8 @@172.17.0.82:3000 is the private IP address of the backend server.
+- +Locating an Unhealthy Backend Server
The following is a log that records an exception:
+1554944564.344 - [2024-04-11T09:02:44+02:00] elb 10.133.251.171:51527 500 "GET http://10.154.73.58/lrange/guestbook HTTP/1.1" 411 3726 3545 19.028 "500" "0.009" "19.028" "19.028" "172.17.0.82:3000" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" "http://10.154.73.58:5971/" "-" loadbalancer_ed0f790b-e194-4657-9f97-53426227099e listener_b21dd0a9-690a-4945-950e-b134095c6bd9 6b6aaf84d72b40fcb2d2b9b28f6a0b83
+Log analysis
+At 09:02:44 GMT+02:00 of April 11, 2024, the load balancer received a GET/HTTP/1.1 request from the client whose IP address and port number are 10.133.251.171 and 51527 respectively and then routed the request to a backend server that uses 172.17.0.82 and port 3000 to receive requests. The load balancer then received 500 Internal Server Error from the backend server and returned the status code to the client.
+Analysis results
+The backend server was unhealthy and failed to respond to the request.
+ 172.17.0.82:3000 is the private IP address of the backend server.
Creating a Custom Policy
Custom policies can be created as a supplement to the system policies of ELB. For the actions supported for custom policies, see "Permissions Policies and Supported Actions" in the Elastic Load Balance API Reference.
You can create custom policies in either of the following ways:
-- Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy syntax.
- JSON: Edit JSON policies from scratch or based on an existing policy.
For details, see Creating a Custom Policy. The following section contains examples of common ELB custom policies.
+- Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy syntax.
- JSON: Create a JSON policy or edit an existing one.
For details, see Creating a Custom Policy. The following page describes how to create a custom policy on the console using the IAM service.
Example Custom Policies
- Example 1: Allowing users to update a load balancer
{ "Version": "1.1", "Statement": [