I Set Up a Load Balancer on AWS — But My App Was Still Slow and Sometimes Unreachable

Ruchika GurbaxaniRuchika Gurbaxani
2 min read

🔍 Context

I wanted to use a Load Balancer (ALB) to make my app faster and more reliable. But instead, I ended up confused when my app started randomly timing out or showing errors — even though the EC2 instance was working fine.

💻 What I Was Trying to Do

As a beginner exploring AWS, I followed tutorials to:

  • Launch a Node.js app on EC2

  • Place an Application Load Balancer (ALB) in front of it

  • Make it look “production-ready” with better reliability

The idea was to eventually support multiple EC2s, even though I only had one right now (because I’m on the Free Tier).

🧨 What Went Wrong

At first, the app worked.

But after a few minutes, I noticed:

  • Long page load times

  • Sometimes, requests failed with 504 Gateway Timeout

  • ALB's health check was failing

So I opened up the EC2 logs and realized… the app was fine. I could curl it internally.

The problem?

I forgot to open the correct port in the EC2 security group for the health check and incoming traffic.

By default, I had allowed port 3000 (which the app used), but I forgot the Load Balancer needed access to it from within the security group, not just my browser.

🛠️ What Fixed It

Here’s what I did to fix the issue:

  1. Updated Security Group of EC2
    Allowed inbound traffic from the Load Balancer’s security group, not just my IP.

  2. Changed App Port to 80
    Or adjusted the ALB’s target group to match my app’s custom port (3000).

  3. Verified Health Checks
    Adjusted health check path (e.g., /health) and verified with logs.

📚 What I Learned

  • Load Balancers don’t just work automatically — you have to connect the networking dots.

  • Security Groups matter more than I expected

  • 504 Gateway Timeout can mean that the Load Balancer can’t reach your app, not that your app is broken

💡 Beginner Tips

  • Make sure your Target Group health check matches your actual app path and port

  • Always test connectivity with curl inside the EC2 and from a browser

  • ALB needs permission in Security Groups — treat it like another app

1
Subscribe to my newsletter

Read articles from Ruchika Gurbaxani directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AWSaws lambdaAWS Certified Solutions Architect AssociateCloud Computingnetworking

Written by

Ruchika Gurbaxani
Ruchika Gurbaxani

AWS Cloud Enthusiast | Cybersecurity Aware Cloud-savvy and security-conscious, I'm a tech enthusiast with a strong foundation in Python, C, Networking, and Cloud Computing. Currently preparing for AWS certifications, I’ve completed the Mastercard Cybersecurity Virtual Experience and hold the ZTCA (Zscaler Zero Trust Certified Associate) certification. My projects reflect a passion for secure, scalable cloud solutions—notably SilentWhisper, an anonymous communication app. Recognized for achievements in NASA’s Scientist for a Day, Smart India Hackathon, and creative competitions like painting at Raman Science Center. I'm also active on LeetCode, HackerRank, and GitHub, where I regularly enhance my problem-solving and development skills.