cbishop-elsevier
commented
3 years ago @edjumacator
A couple of suggestions on how to begin troubleshooting, and if these don't steer you in the direction of a fix, please share event logs etc from same after properly sanitizing for any sensitive information:
- If you log in to your AWS Account's ECS Console for the AWS Region you are provisioning your infrastructure in, do you see the provisioned ECS Cluster, ECS Services, ECS Tasks, etc running there, post terraform apply?
- https://console.aws.amazon.com/ecs/home?region=us-east-1#/clusters
- If you log in to your AWS Account's EC2 Console for the AWS Region you are provisioning your infrastructure in, do you see the provisioned ALB (Application Load Balancer) used to route requests from the web to your ECS Services listed and running there?
- https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#LoadBalancers:sort=loadBalancerName
- Have you whitelisted the Public IPv4 Address your requests from browser are outbound on in the ALB's associated Security Group's Ingress (Inbound) Rules for HTTPS Port 443 (and HTTP Port 80 if you enable HTTP, however I would advise restricting to HTTPS)? You can find your ALB's associated Security Groups listed on the ALB's Description tab. You can view the Inbound and Outbound Rules for your ALBs associated Security Groups by clicking on the link for the Security Group from the same location to launch the VPC Console for your Security Group.
- If you do see your ALB listed and running there, does it show the appropriate Listener (select your ALB in top grid, bottom dock, Listeners tab)?
- If you do see your ALB listed and running there, and it has the appropriate Listener, do the Listener's Request Routing Rules (Listeners tab, view/edit rules link in Rules column) look correct and forward traffic to your Jenkins Controller's Dashboard (your controller container instance, Jenkins web server, port, etc)?
- Any obvious insights to be gleaned from the telemetry graphs on the ALB's Monitoring tab?
That should give you a sufficient troubleshooting starting point.
Beyond that, I would suggest taking a look at the full output from your terraform plan and apply operations, see if anything obvious jumps out there.
If your ECS Cluster and ECS Services are up and Green, you may also consider enabling CloudWatch Container Insights - however keep in mind this option incurs additional charges, so use at your own discretion:
FWIW - In my experience 503 Service Unavailable Errors typically mean that your client request has at least been received and acknowledged by your web server, proxy server, or load balancer (whichever endpoint serves as the initial entry point), and the server either currently can not continue routing your request (because downstream services / endpoints are down or "partitioned" somehow in your network layer), or the server does not "understand" how to continue routing your request (routing / proxy rules do not provide a sufficient routing solution).
If you are still stuck - please share any additional information you can securely share on this ticket, I will try to assist as best I can.
Good hunting!
Cheers,
edjumacator
apogorielov
Hey Guys,
I'm having issues deploying the example, I've created the required prerequisites (VPC, 2 private & public subnets, a route53 domain, with s3 bucket & dynamoDB bootstrapped) prior to executing it, and then I've properly changed the vars.sh file to use the newly created parameters but after successfully executing the script and seeing this:
However, when I try to access the alias domain I'm getting a 503 error. I'm not exactly sure how to proceed.