Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
elbv2: NetworkLoadBalancer can't be fully configured
See original GitHub issueThis is a continuation of #4268 (I am not able to re-open that issue)
@rix0rrr - The issue #1490 is probably a better location for the discussion around security groups. However, I still feel there are discrepancies with the current NetworkLoadBalancer.
In the cases where there are missing attributes reported, it is still possible to add them through a generic addAttribute function on the shared object. However, they are highlighted because the equivalent on the application-load-balancer side has specific support for the same attribute.
If you still feel like the workarounds are acceptable, please close this issue. 🔐
Again, the point of this issue is to highlight the discrepancies between the ApplicationLoadBalancer and NetworkLoadBalancer families.
NetworkLoadBalancer
Missing Attributes
- access_logs.s3.enabled - Indicates whether access logs are enabled. The value is true or false. The default is false.
- access_logs.s3.bucket - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.
- access_logs.s3.prefix - The prefix for the location in the S3 bucket for the access logs. [From: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattributes.html]
NetworkListener
- Only 1 certificate is supported, and it does not use the same resource construct (CfnListenerCertificate) as the application listener [From: https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html]
NetworkTargetGroup
- No support for adding metrics
Missing Attributes:
- deregistration_delay.timeout_seconds - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from draining to unused. The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported. [From: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-targetgroupattribute.html]
Additionally, the number and types of metrics offered on each side of the network / application load balancer seem to be duplicative and inconsistent.
Issue Analytics
- State:
- Created 4 years ago
- Comments:6 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Apologies for the low traction on this issue.
In the meantime, all of the originally listed gaps have been addressed:
NetworkLoadBalancer.logAccessLogswas created in #6197 and fixed in #8114The only gap not addressed already is supporting subnetMappings. I’ve created #10242 to track that.
Is there a way to assign existing elastic IP address to NLB via CDK? subnetMappings is not available via construct.