使用 AWS API Gateway 和 VPC Link 时如何避免配置错误? [英] How to avoid the configuration error while using AWS API Gateway with VPC Link?
问题描述
我已按照 AWS 文档使用网络负载均衡器 (NLB) 创建了 VPC 链接,并将其附加到 API 网关资源/方法中.但它在访问调用 URL"时抛出内部服务器错误",并在测试时显示此错误:由于配置错误,执行失败:执行您的请求时出现内部错误".
我遵循的程序:
1) 创建网络负载均衡器:
- 负载均衡器方案:内部
- 负载均衡器协议/端口:TCP/80
- 可用区:创建了具有 CIDR10.0.0.0/16"的 VPC 和具有 CIDR1XX.XX.0.0/16"的公有子网.
- 目标组:协议/端口/目标类型 - TCP/80/实例
- 没有目标注册.
- 启动 NLB.
2) 使用新创建的 NLB 在 API Gateway 中创建 VPC 链接.
3) 创建新的 API :
- 方法:获取
- 集成类型:VPC 链接
- 使用代理集成:正确
- VPC 链接:${stageVariables.vpcLinkId}
- 端点 URL:带有端口的我的 ec2 实例 URL"(例如:
其他值得注意的点:
- 在具有安全策略的 EC2 实例中,将允许所有 TCP 端口.
- EC2 实例是使用 ECS/ECR(Docker 容器)启动的.
- 从 API Gateway 阶段启用 Cloud Watch 日志,但它什么也没产生.
如果需要,我很乐意提供其他信息.
编辑 1
根据 JNY 的 (jny) 输入,我已将 API 网关端点更改为 NLB,并将我的 EC2 实例添加为 NLB 中的目标.我仍然面临同样的问题.下面的图片将显示我所做的所有配置.
负载均衡器配置:
负载均衡器目标组设置:
目标组端口设置:
- 这里我提供了 3000 作为端口来检查实例运行状况,因为我的应用程序(节点)侦听 3000 端口.
- 在安全策略中启用端口号 80 和 3000.
API 网关设置:
- 最后我将端点 API 网关更改为 NLB
结果相同:
我仍然不确定我在这里犯了什么错误.
解决方案你做对了,但也许会对某人有所帮助:
我的错是在 api 网关中将 HTTPS 用于端点 url.它必须是 HTTP.
正确:
http://myLoadBalancer.elb.us-east-1.amazonaws.com文本字段太短,无法显示整个网址,所以我没看到.
I have created the VPC Link using the Network Load Balancer (NLB) as per the AWS documentation and attached the same with the API Gateway resource / method. But it throws "Internal Server Error" when accessing the "Invoke URL" and displays this error while testing: "Execution failed due to configuration error: There was an internal error while executing your request".
Procedure I followed:
1) Created Network Load Balancer :
- Load Balancer Scheme: Internal
- Load Balancer Protocol / port : TCP / 80
- Availability Zone : Created VPC with CIDR "10.0.0.0/16" and public subnet with CIDR "1XX.XX.0.0/16".
- Target Group : Protocol / Port / Target Type - TCP / 80 / Instance
- No Target Registration.
- Launched NLB.
2) Created VPC Link in API Gateway using the newly created NLB.
3) Created new API :
- Method : Get
- Integration Type : VPC Link
- Use Proxy Integration : True
- VPC Link : ${stageVariables.vpcLinkId}
- Endpoint URL : "My ec2 instance URL with port" (Ex: http://ec2-XX-XXX-XXX-XXX.compute-1.amazonaws.com:3000)
- Created API resource.
4) Deployed the selected API using the "Deploy API" action and newly created stage.
5) Configured the "vpcLinkId" in the "Stage Variables" section.
Now if I hit the "Invoke URL", the web page displays " {"message": "Internal server error"} ".
Note: If I use the same EC2 url with the "Integration Type : HTTP", the "Invoke URL" works. Same is not working with the VPC Link.
Error:
Other Points Worth Noting:
- In EC2 instance with security policy will allow all TCP ports.
- EC2 instance was launched by using ECS / ECR (Docker Container).
- Enabled the Cloud Watch logs from API Gateway stage, but it produces nothing.
I'm happy to provide additional information, if required.
EDIT 1
Based on JNY's (jny) input I have changed the API gateway end point to the NLB and added my EC2 instance as Target in the NLB. Still I'm facing the same issue. Below images will show all the configurations that I have done.
Load Balancer Config:
Load Balancer Target Group settings:
Target Group Port Settings:
- Here I have given 3000 as port to check the instance health as my application (Node) listens on 3000 port.
- Enabled the port numbers 80 and 3000 in the security policy.
API Gateway Settings:
- Finally I changed the Endpoint the API Gateway to NLB
Result of the same:
Still I'm not sure what is the mistake I'm making here.
解决方案You did it correctly, but maybe it will help someone:
My fault was to use HTTPS for the endpoint url in the api gateway. It must be HTTP.
Correct:
http://myLoadBalancer.elb.us-east-1.amazonaws.comThe textfield was too short to show the whole url, so I didn't see it.
这篇关于使用 AWS API Gateway 和 VPC Link 时如何避免配置错误?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
