AWS health check

Health check function checks whether the load balancer and the target server are connected. It check every certain time whether we can see the website via load balancer.

For AWS, it is judged whether it can access the health check URL set on the console screen. It is OK if the HTTP status 200 is returned from the URL. If inadvertent 404 comes back, even if you access the URL set by the load balancer, the the site will not displayed.

It seems that it becomes OutOfService somewhat when restarting the EC2 instance in the state attached to the ELB. Also, as it is said that 200 should be returned by health check, if you do not do BASIC certification naturally, it will be OutOfService. 401 error comes back. If you are using ELB and need to make Basic authentication, only URLs for health checks must be in a state where authentication is ineffective.

AWS ec2で複数ドメインを管理する



NameVirtualHost *:80

ServerName hoge # 今まで使っていたドメイン
DocumentRoot “/var/www/html”

ServerName hogehoge # 新しいドメイン
DocumentRoot “/var/www/dev/html”

$ sudo service httpd restart
Starting httpd: AH00548: NameVirtualHost has no effect and will be removed in the next release

なんじゃこりゃー どないなってんねん。
do not stop, keep going

/etc/resolv.conf ではなさそう。

Elastic Load Balancer


Amazon Elastic Load Balancer
An Amazon Elastic Load Balancer (Amazon ELB) is a service that automatically distributes incoming application traffic across multiple Amazon EC2 instances. It enables you to achieve even greater fault tolerance in your applications, seamlessly providing the amount of load balancing capacity needed in response to incoming application traffic. Elastic Load Balancing detects unhealthy instances within a pool and automatically reroutes traffic to healthy instances until the unhealthy instances have been restored.

select instance

load balancer 負荷分散



Amazon Route 53
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications by translating names like into the numeric IP addresses like that computers use to connect to each other, often using a process called recursion.

CNAME Record
A Canonical Name record (CNAME) is a type of resource record in the Domain Name System (DNS) used to specify that a domain name is an alias for another domain, the “canonical” domain. All information, including subdomains, IP addresses, etc. are defined by the canonical domain.

Canonical Domain
Canonical Domain is another name for the CNAME DNS record type. The CNAME record is used to create an alias for the canonical domain.

Alias Record
Alias resource record sets provide an Amazon Route 53 specific extension to DNS functionality. Instead of an IP address or a domain name, an alias resource record set contains a pointer to a CloudFront distribution, an ELB load balancer, an Amazon S3 bucket that is configured as a static website, or another Amazon Route 53 resource record set in the same hosted zone. When Amazon Route 53 receives a DNS query that matches the name and type in an alias resource record set, Amazon Route 53 follows the pointer and responds with the applicable value.

Resource Record Set
Resource record sets are the basic information elements of the domain name system. Each record set includes the name of a domain or a subdomain, a record type, and other information applicable to the record type.

The Name Server (NS) Resource Record Set
Amazon Route 53 automatically creates a name server (NS) resource record set when you create a new hosted zone with the same name as your hosted zone. It lists the four name servers that are the authoritative name servers for your hosted zone. Do not add, change, or delete name servers in this resource record set.

For Example:


Health check

AWS ELB(ロードバランサ)を設定していく

1. Application Load Balancer
2. Network Load Balancer
3. Classic Load Balancer

TCPとは? ->IPと同様にインターネットにおいて標準的に利用されている プロトコルです。TCPは、IPの上位プロトコルでトランスポート層で動作するプロトコル。


きゃ~ わ~い、わ~い。 これは嬉しいぞ。

azureも簡単だったが、AWSも簡単だ! これは凄い!

AWS Certificate Manager

コンソールにログインし、Certificate Managerへ行きます。

証明書のプロビジョニング を押下します。
>お客様のサイトの名前を指定し、ID を設定してください。残りの手順は ACM が行います。ACM は Amazon またはお客様のプライベート認証機関が発行する SSL/TLS 証明書の更新を管理します。


>新しい証明書をリクエストするのではなく既存の証明書をインポートするには、[証明書のインポート] を選択します。
> プライベート証明書のリクエスト





Route 53のhosted zoneで、ドメインに、CNAMEが追加されていればOKです。




1.AWSの証明書管理サービスであるACM(AWS Certificate Manager)発行のもの

セキュリティ、アイデンティティ、コンプライアンスに、Certificate Managerがありますね。

1. Route 53にサブドメイン作成
2. ACM証明書設定
2.1. ACMから証明書発行
3. EC2インスタンス作成
4. ELB作成
5. 動作確認

一応、Elastic IPを設定して、EC2とRoute 53は既に作成済みです。

Elastic Load Balancingですね。