AWS ALB Health Check 404 Errors: Causes, Troubleshooting & Best Practices

AWS Application Load Balancer (ALB) health check 404 errors occur when the health check request to a target (like an EC2 instance) receives a “404 Not Found” response. This typically means the requested resource or endpoint isn’t available on the target. Common causes include misconfigured health check paths, the application not running, or network/security group issues.

Common Causes

Here are some common causes of AWS ALB health check 404 errors:

1. Misconfigured Target Groups: If the target group is not correctly configured, the health check might not reach the intended targets. Ensure that the targets are properly registered and that the security groups allow traffic on the health check port.

2. Incorrect Health Check Paths: A 404 error often occurs when the health check path is incorrect or doesn’t exist. Double-check the path specified in the health check configuration to ensure it matches the actual path on the target.

3. Application Issues: The application running on the target might not be responding correctly to the health check requests. Verify that the application is running and accessible on the specified path and port.

4. Network Configuration: Issues with network configuration, such as incorrect security group settings or network ACLs, can prevent the health check from reaching the target.

5. Instance Configuration: Differences in configuration between instances in different Availability Zones can lead to inconsistent health check results. Ensure that all instances are configured identically.

Troubleshooting Steps

Sure, here are the detailed troubleshooting steps to resolve AWS ALB health check 404 errors:

1. Check Target Group Settings:

   • Verify Target Registration: Ensure all targets (instances) are registered with the target group.
   • Check Target Health: In the AWS Management Console, navigate to the target group and check the health status of each target. Look for any targets marked as unhealthy.

2. Verify Health Check Path:

   • Correct Path: Ensure the health check path is correctly configured. It should match the path your application uses to serve health check responses (e.g., /health).
   • HTTP Response: Ensure the application responds with a 200 OK status code for the health check path.

3. Security Group and Network ACLs:

   • Allow Traffic: Ensure the security group associated with the instances allows traffic from the load balancer on the health check port and protocol.
   • Network ACLs: Verify that network ACLs allow the necessary traffic.

4. Application Configuration:

   • Service Running: Confirm that the application or service is running on the instances. For Linux, use systemctl status <service-name>; for Windows, check the Services tab in Task Manager.
   • Correct Port: Ensure the application is listening on the correct port specified in the target group.

5. Logs and Metrics:

   • ALB Logs: Enable access logs for the ALB to capture detailed information about the requests and responses.
   • CloudWatch Metrics: Check CloudWatch metrics for any anomalies or patterns that might indicate issues.

6. Connectivity:

   • Ping Instances: From the ALB, try to ping the instances to ensure they are reachable.
   • Curl Command: Use curl from within the instance to hit the health check URL and verify the response.

7. Update Health Check Settings:

   • Interval and Timeout: Adjust the health check interval and timeout settings to ensure they are appropriate for your application’s response time.
   • Healthy Threshold: Increase the healthy threshold to ensure the target is marked healthy only after multiple successful checks.

8. Review Application Logs:

   • Error Logs: Check the application logs on the instances for any errors or issues that might be causing the 404 responses.

By following these steps, you should be able to identify and resolve the 404 errors in your AWS ALB health checks.

Best Practices

Here are some best practices to avoid AWS ALB health check 404 errors:

1. Correct Health Check Path: Ensure the health check path is correctly configured and matches the endpoint your application uses.
2. Application Running: Verify that your application is running and accessible on the target instances.
3. Security Groups: Configure security groups to allow traffic from the ALB to the target instances on the health check port.
4. Health Check Port: Ensure the target is listening on the health check port.
5. Response Codes: Configure the health check to expect the correct HTTP response codes.
6. Instance Status: Regularly monitor the status of your instances and ensure they are healthy.
7. Logs and Metrics: Use CloudWatch logs and metrics to monitor health check results and troubleshoot issues.
8. Timeout and Interval Settings: Adjust health check timeout and interval settings to suit your application’s response time.

Implementing these practices can help maintain the health and availability of your applications.

To Resolve AWS Application Load Balancer (ALB) Health Check 404 Errors

Identify common causes such as:

• Misconfigured target groups
• Incorrect health check paths
• Application issues
• Network configuration problems
• Instance configuration differences

Follow detailed troubleshooting steps to verify:

1. Target group settings
2. Health check path
3. Security group and network ACLs
4. Application configuration
5. Logs and metrics
6. Connectivity
7. Update health check settings
8. Review application logs

Implement best practices such as:

• Correct health check path
• Running applications
• Secure groups
• Health check port
• Response codes
• Instance status monitoring
• Adjusting timeout and interval settings

Maintain application availability by following these steps and best practices.