Health checks for your VPC Lattice target groups - Amazon VPC Lattice

Health checks for your VPC Lattice target groups

Your service periodically sends requests to its registered targets to test their status. These tests are called health checks.

Each VPC Lattice service routes requests only to the healthy targets. Each service checks the health of each target, using the health check settings for the target groups with which the target is registered. After your target is registered, it must pass one health check to be considered healthy. After each health check is completed, the service closes the connection that was established for the health check.

Limitations and considerations

  • When the target group protocol version is HTTP1, health checks are enabled by default.

  • When the target group protocol version is HTTP2, health checks are not enabled by default. However, you can enable health checks, and manually set the protocol version to HTTP1 or HTTP2.

  • Health checks do not support gRPC target group protocol versions. However, if you enable health checks, you must specify the health check protocol version as HTTP1 or HTTP2.

  • Health checks do not support Lambda target groups.

  • Health checks do not support Application Load Balancer target groups. However, you can enable health checks for the targets of your Application Load Balancer using Elastic Load Balancing. For more information, see Target group health checks in the User Guide for Application Load Balancers.

Health check settings

You configure health checks for the targets in a target group as described in the following table. The setting names used in the table are the names used in the API. The service sends a health check request to each registered target every HealthCheckIntervalSeconds seconds, using the specified port, protocol, and ping path. Each health check request is independent and the result lasts for the entire interval. The time that it takes for the target to respond does not affect the interval for the next health check request. If the health checks exceed UnhealthyThresholdCount consecutive failures, the service takes the target out of service. When the health checks exceed HealthyThresholdCount consecutive successes, the service puts the target back in service.

Setting Description

HealthCheckProtocol

The protocol the service uses when performing health checks on targets. The possible protocols are HTTP and HTTPS. The default is the HTTP protocol.

HealthCheckPort

The port the service uses when performing health checks on targets. The default is to use the port on which each target receives traffic from the service.

HealthCheckPath

The destination for health checks on the targets.

If the protocol version is HTTP1 or HTTP2, specify a valid URI (/path?query). The default is /.

HealthCheckTimeoutSeconds

The amount of time, in seconds, during which no response from a target means a failed health check. The range is 1–120 seconds. The default is 5 seconds if the target type is INSTANCE or IP. Specify 0 to reset this setting to its default value.

HealthCheckIntervalSeconds

The approximate amount of time, in seconds, between health checks of an individual target. The range is 5–300 seconds. The default is 30 seconds if the target type is INSTANCE or IP. Specify 0 to reset this setting to its default value.

HealthyThresholdCount

The number of consecutive successful health checks required before an unhealthy target is considered healthy. The range is 2–10. The default is 5. Specify 0 to reset this setting to its default value.

UnhealthyThresholdCount

The number of consecutive health check failures required before considering a target unhealthy. The range is 2–10. The default is 2. Specify 0 to reset this setting to its default value.

Matcher

The codes to use when checking for a successful response from a target. These are called Success codes in the console.

If the protocol version is HTTP1 or HTTP2, the possible values are from 200 to 499. You can specify multiple values (for example, "200,202") or a range of values (for example, "200-299"). The default value is 200.

Health check protocol version for gRPC is not currently supported. However, if your target group protocol version is gRPC, you can specify HTTP1 or HTTP2 protocol versions in your health check configuration.

Check the health of your targets

You can check the health status of the targets registered with your target groups.

To check the health of your targets using the console
  1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. On the navigation pane, under VPC Lattice, choose Target groups.

  3. Choose the name of the target group to open its details page.

  4. On the Targets tab, the Health status column indicates the status of each target. If the status is any value other than Healthy, the Health status details column contains more information.

To check the health of your targets using the AWS CLI

Use the list-targets command. The output of this command contains the target health state. If the status is any value other than Healthy, the output also includes a reason code.

To receive email notifications about unhealthy targets

Use CloudWatch alarms to initiate a Lambda function to send details about unhealthy targets.

Modify the health check settings

You can modify the health check settings for your target group at any time.

To modify the health check settings using the console
  1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. On the navigation pane, under VPC Lattice, choose Target groups.

  3. Choose the name of the target group to open its details page.

  4. On the Health checks tab, in the Health check settings section, choose Edit.

  5. Modify the health check settings as needed.

  6. Choose Save changes.

To modify the health check settings using the AWS CLI

Use the update-target-group command.