We have deployed our arcgis enterprise suite to AWS using the cloud formation templates (CF) provided by Esri. We have a high availability system. The only component of the enterprise suite that was not deployed by a CF template are the vpc itself and the load balancer. The entire site works just fine, and I can connect via hostname without issue, however, recently I noticed one of the nodes on the arcgis server component failed and the autoscaling group attempted to recover it. When that happened, the ArcGIS Server installation failed because it cannot seem to connect to the remaining node via IP:Port (I found the powershell code in the SSM documents created by the CF template). Indeed, when trying to connect to any existing instances of my enterprise components by server IP and their respective port (7443,6443,2443) fails.
This brings me to the main issue: when that node failed, a few days later, another AWS outage caused the remaining node to fail and the site could not recover. We lost literally everything and had not employed the webgisdr utility on the back end. I am attempting to back up our enterprise system, but I still cannot connect to the components using IP:Port, so running the utility fails as well. I have reviewed our infrastructure pretty thoroughly and I can't find anything that might be blocking access via port. In fact, I have another geoserver instance behind this load balancer that has no issues being accessed via port.
So, in conclusion, I am wondering if there is some setting in portal/server somewhere that basically denies access to the arc enterprise components in this manner or if this is more than likely on the AWS configuration side.
Thanks, and much appreciated!
