https://pulumi.com logo
#aws
Title
# aws
i

incalculable-dream-27508

02/09/2020, 4:16 PM
Huh, I can't really find any examples on how to add to
awsx.lb.ApplicationLoadBalancer
any health checks
r

rhythmic-camera-25993

02/09/2020, 7:05 PM
load balancer health checks go on 'target groups', which can be created easily from an
ApplicationLoadBalancer
instance.
when I was hosting a few Fargate services from a shared ALB, I made different target groups for each separate service I had, then set up appropriate healthchecks on each target group, then used each target group as the
portMappings
for the service it matched to
i

incalculable-dream-27508

02/09/2020, 7:32 PM
That's what I have right now. When looking through the console, there is a health check, but all it does is check
/
and expect
200
return code
r

rhythmic-camera-25993

02/09/2020, 7:38 PM
what about making the target group explicitly (ie one of these: https://github.com/pulumi/pulumi-awsx/blob/master/nodejs/awsx/lb/targetGroup.ts) and adding the instance to that?
i

incalculable-dream-27508

02/09/2020, 7:43 PM
Yeah, trying to figure out how the syntax of that works
r

rhythmic-camera-25993

02/09/2020, 8:02 PM
something like:
Copy code
const tg = alb.createTargetGroup("my-tg", {
    port: 80,
    protocol: "HTTP",
    healthCheck: {
        path: "/",
        port: "80",
        protocol: "HTTP",
        matcher: "200",
    }
});

tg.attachTarget("server-attach", server);
?
i

incalculable-dream-27508

02/09/2020, 8:03 PM
Nice, thank you! Let me try that out
r

rhythmic-camera-25993

02/09/2020, 8:04 PM
you can of course tweak the check for whatever parameters you need
i

incalculable-dream-27508

02/09/2020, 8:07 PM
What's that
"server-attach"
in the
attachTarget
?
r

rhythmic-camera-25993

02/09/2020, 8:08 PM
you've got to give a name to the
targetgroupattachment
that is created as part of the
attachTarget
call
Copy code
public attachTarget(name: string, args: mod.LoadBalancerTarget, opts: pulumi.CustomResourceOptions = {}) {
        return new mod.TargetGroupAttachment(name, this, args, opts);
    }
(from the source code)
i

incalculable-dream-27508

02/09/2020, 8:09 PM
OK, thanks.
Ah, I see, it complained at me about duplicate entries, I see now what's happening 👍
Apparently I need to attach that target group to the listener, any idea how to do that? I wasn't able to find that yet. There appears to be
listener.defaultTargetGroup
but I wasn't able to figure out yet how to use it
r

rhythmic-camera-25993

02/09/2020, 8:37 PM
oh, yes. you make a listener on the alb (alb.CreateListener), add a rule for the new listener via
listener.addListenerRule
, and in tha rule set an
action
of
type
"forward", and
targetGroupArn
of your new target group
something like
Copy code
// listen for https traffic. by default returns 404, will have rules added to forward to the requisite groups
const listener = alb.createListener("http-traffic", {
    port: 80,
    protocol: "HTTP",
    external: true,
    defaultAction: {
        type: "fixed-response",
        fixedResponse: {
            contentType: "text/plain",
            statusCode: "404"
        }
    },
});

/// this listener forwards all traffic to the identity server
listener.addListenerRule("plain-traffic-to-server", {
    priority: 49999, // priority goes from 1 to 50000 with lower numbers going first, so this makes the rule always eval last
    conditions: [{ httpRequestMethod: { values: ["GET", "PUT", "POST", "HEAD", "OPTIONS"] } } as aws.types.output.lb.ListenerRuleCondition], // all HTTP methods
    actions: [
        {
            type: "forward",
            targetGroupArn: tg.targetGroup.arn // targetgroups in pulumi have a 'targetGroup' property with the arn on it
        }
    ]
});
this makes a listener with a default-reject rule, and then makes another rule to allow all methods to the target group
i

incalculable-dream-27508

02/09/2020, 8:43 PM
Yeah, so far by going from https://github.com/pulumi/infrastructure-as-code-workshop/blob/master/labs/02-app-arch/code/01-provisioning-vms/step4.ts I had
Copy code
const listener = alb.createListener("web-listener", { port: 80 });
Apparently I need much more :P
r

rhythmic-camera-25993

02/09/2020, 8:44 PM
yeah 🙂 I got to this pattern when I needed to start doing path-based routing, not just port forwarding
i

incalculable-dream-27508

02/09/2020, 9:04 PM
Seems to work, thank you!
r

rhythmic-camera-25993

02/09/2020, 9:12 PM
glad to hear it! I got to this point starting from the code samples and then checking out the source code to see what the 'defaults' were, then changing them to my needs
3 Views