AWS ALB Service map

Go to solution
Kody
Tera Expert

‎06-21-2023 03:16 AM

Hello,


I created an application load balancer on my AWS account and it is discovered as an cloud load balancer CI record on my ServiceNow instance.

Some EC2 instances are connected to the ALB and they also exist as CI records.

Is it possible to run top-down discovery from All > Service Mapping > Serivces > Application Serivces etc and configure them as a Service Map?

What should be the entry point when it is possible?

Do you already have that experience?

Labels:
0 Helpfuls
  • 1,992 Views
1 ACCEPTED SOLUTION

Go to solution
SiD2
ServiceNow Employee
ServiceNow Employee
In response to Kody

‎06-22-2023 12:56 AM

Hi @Kody 

 

Any service is accessible through some URL; for example, a finance service in your org that manages emp payrolls has an associated portal and URL. So given that URL as an entry point for a service, there can be an LB or web server immediately behind that which hosts or exposes the payroll service. Further, it would discover all the way to the DB this service is made up of.

 

So you need to select the "HTTPS Endpoint" entry point and add your URL of the service, and it should map to the LB CI ideally, provided the URL is mapped so.

 

I hope you understand; please let me know if you have any questions.

 

Please mark Helpful / Accept Solution so that it helps others with similar questions.

View solution in original post

11 REPLIES 11

Go to solution
SiD2
ServiceNow Employee
ServiceNow Employee
In response to MBannis

‎06-05-2024 11:00 AM

Hi @MBannis 

 

So do you mean the LB was discovered on map and further no other CIs are coming up OR if the LB itself didn't come up?

 

You can share a screenshot of the service map. There must be some node on map where it has issue and right click on it and we need to check the logs and see which pattern is causing issue.

 

Please mark Helpful / Accept Solution so that it helps others with similar questions.
0 Helpfuls

Go to solution
MBannis
Tera Contributor
In response to SiD2

‎06-05-2024 11:39 AM

Hi Sid2, 

 

It's moreso the latter, the map can't get past the LB which is the first point of contact from the actual website..(see screenshots attached) yet I know that LB is discovered and is in our LB and LB Services table (See screenshot for example) as part of regular horizontal discovery. 

 

Now I'm told by the cloud team, these AWS ELBs do not have dedicated static IPs but ar given IP Ranges to work from. In this example, for the LB I highlighted (again screenshots provided) has an IP range of 10.68.52.0/27 meaning it can respond to any IP in that range which it is. However, I'm also told these ELBs unlike physical load balancers do not have an SSH port yet service mapping first attempts to identify this LB via SSH port 22 which obviously fails.. and may be why it's getting stuck at that point and can't move forward?

 

I'm curious, as a secondary question, whether having Kubernetes / Container Based / Micro Service Based discovery enabled in AWS might be contributing to all of this (we are currently working with the cloud team to get this enabled) but we do have regular horizontal discovery in place using cross-assumed credentials in AWS. 

Preview file
72 KB
Preview file
9 KB
Preview file
204 KB
0 Helpfuls

Go to solution
SiD2
ServiceNow Employee
ServiceNow Employee
In response to MBannis

‎06-07-2024 03:32 AM

Hi @MBannis 

 

Its bit complex for me to understand about the deployment but from what I get...

 

It looks like the mid server you use for service mapping discovery couldn't be able to communicate properly with the LB on AWS, these get complex when we try to map something in the cloud.

You need to check all the traffic rules or firewall etc etc to make this communication happen.

 

You can also right click on the node as per your screenshot and check the discovery log and see which pattern being triggered and what are the failures there and can take it up with your discovery team or raise a case with us.

 

As you mentioned your deployment model is related to K8S and also on AWS, I would even suggest to go with alternative way of service mapping i.e. tag based mapping feature which is more relevant for cloud use cases.

 

 

Please mark Helpful / Accept Solution so that it helps others with similar questions.
0 Helpfuls

Go to solution
Kody
Tera Expert

‎06-22-2023 05:56 PM

Hi @SiD2 ,

 

Thank you for your reply.

 

-Discoverable by Service Mapping
-Web Application
-URL: http://internal....elb.amazonaws.com
The above Entity point setting is now displayed as "HTTP(S) Endpint".
I think it matches the information in your reply.
Now the Service Map is displayed like the attached screenshot.
I mark this question as solved.
However, if anyone has successfully built a Service Map with a combination of ELB and EC2 instances, please share the screenshots and overall steps etc.

Preview file
46 KB
0 Helpfuls

Go to solution
SiD2
ServiceNow Employee
ServiceNow Employee
In response to Kody

‎06-23-2023 05:21 AM

Hi @Kody 

 

I see you mentioned that your cloud disco already had inserted the ALB and EC2 CIs in your CMDB; in that case, this service map should be able to pick up and map it.

 

However, according to your screenshot, I see some errors; you can right-click on the node and check the disco logs to see what's happening.

 

Please mark Helpful / Accept Solution so that it helps others with similar questions.