I am running an application with a client and server component in AWS. The client talks to the server over a classic ELB.
Specifically, I am running JupyterHub that is deployed to a managed kubernetes cluster (EKS).
My requirement: get HTTP logs that show the request URL.
Currently, I cannot do this because:
The ELB listens for secure traffic over TCP (on 443), and ELB access logs for load balancers that listen over TCP don't include a URL. (Only a load balancer that listens over HTTP will show URL.)
The ELB needs to listen over TCP because some parts of the application uses websocket communication. Since the secure TCP (websocket) traffic and the https traffic both go over port 443, and you can only listen on one protocol for a single port, I can't listen to the http traffic, and therefore can't get HTTP elb access logs that show URL.
For the sake of this question let's assume the application is a black box and not configurable. With the current setup described above, is there any way for me to get HTTP request logs that will show the URL?
I'm framing this question as an AWS configuration question (to keep the scope of the question simple and narrow) -- however I'm also open to a solution that let's me configure which port jupyterhub notebook servers use for the websocket communication to the /api/kernel
endpoint. If I could configure the port to be something other than 443, then I could have two listeners on my ELB.
Switch to an Application Load Balancer. They support HTTPS with websockets on a single listener.
ELB Classic in TCP mode is completely unaware of the payload passing through it, so it has no concept of URLs.