Elastic Load Balancing and Autoscaling Flashcards
Auto Scaling
automatically launches and terminates instances within a Region
maintains availability and horizontally scales (scale out) capacity
provides elasticity and scalability
works with EC2, EKS, ECS
What services does Auto Scaling integrate with and how?
CloudWatch for monitoring and scaling
ELB for distributed connections
EC2 Spot Instances for cost optimization
VPC for deploying instances across AZs
Use cases for auto scaling
automatic scaling
maintain availability
What triggers autoscaling
scaling policies based on demand/performance e.g. (EC2 status checks, CloudWatch metrics) or schedule
What is a launch template?
specified EC2 instance configuration for autoscaling:
AMI
Instance type
EBS volumes
Security Group
key pair
IAM instance profile
User data
Shutdown behavior
termination protection
placement group name
capacity reservation
tenancy
purchasing option (e.g. spot)
Launch Config
specified EC2 instance configuration for autoscaling:
AMI
Instance type
EBS volumes
Security Group
key pair
IAM instance profile
User data
purchasing option (e.g. spot)
replaced by launch templates and have fewer features
immutable - if you need to modify you have to create new
What do you configure for auto scaling
Launch template or config
Purchase options (on demand or spot)
Configure VPC and Subnets
Attach load balancer
configure health checks for EC2 and ELB
Group size and scaling policies
What types of health checks are possible with autoscaling
EC2 - EC2 health checks
ELB - ELB health checks in addition to EC2 health checks
Health Check Grace Period
how long to wait before checking the health status of the instance
autoscaling does not act on health checks until the grace period expires
Types of Auto Scaling
Manual - makes changes to ASG size manually
Dynamic - automatically scale based on demand
Predictive - uses ML to predict
Scheduled - scales based on schedule
What do scaling policies do?
define how to respond to changes in demand
Autoscaling Group
defines collections of EC2 instances that are scaled and managed together
What types of monitoring are available for ASG?
Group
Basic (Instance)
Detailed (Instance)
How often does ASG produce metrics? Is there a charge? How are they configured?
1 minute granularity
No Charge
Must be enabled
How often does an EC2 instance produce metrics? Is there a charge?
5 minute granularity
No Charge
How often does an EC2 instance produce detailed metrics? Is there a charge?
1 minute granularity
Yes, charges apply
What are Cooldowns? What is the default?
Used with simple scaling policy to prevent Autoscaling from launching or terminating before effects of previous activities are visible. default is 300 seconds (5 mins)
Termination Policy
Controls which instances to terminate first when a scale in event occurs
Why do you use the Standby State?
Used to put an instance in the InService state into the Standby state to update or troubleshoot the instance
Lifecycle Hooks
Used to perform custom actions by pausing instances as the ASG launches or terminates them
Lifecycle Hooks use cases
Run a script to download and install software after launch
Pause an instance to process data before a scale in (termination)
ELB
Elastic Load Balancer
distributes incoming application traffic across multiple targets
distributes incoming traffic within a single AZ or across multiple AZs
provides fault tolerance for applications
What can be targeted by ELB
EC2
Containers
IP addresses
Lambda functions
What is the smallest subnet and the minimum number of available IPs required in order for ELB to scale?
/27
8 IP addresses
Are there any limitations on how to configure ELB with respect to AZ?
What ways can ELBs be exposed to network traffic?
only 1 subnet per AZ can be enabled for each ELB
Internal only or internet facing
Characteristics of Internet Facing ELB
ELB nodes have public IPs
Routes traffic to the private IP addresses of the EC2 instances
Need one public subnet in each AZ where the ELB is defined
Characteristics of Internal Only ELB
ELB nodes have private IPs
Routes traffic to the private IP of the EC2 instances
What are the different types of ELBs?
Application Load Balancer (ALB)
Network Load Balancer (NLB)
Gateway Load Balancer (GLB)
Use cases for ALB
Web applications with L7 routing (HTTP/HTTPS)
Microservices architecture (e.g. Docker containers)
Lambda targets
Use cases for NLB
TCP and UDP (L4) based applications
Ultra-low latency
Static IP addresses
VPC endpoint services
Use cases for GLB
Layer 3 applications (virtual appliances)
Listens for all IP packets across all ports
GLB and virtual appliances exchange application traffic using the GENEVE protocol on 6081
What types of systems are GLBs used to load balance?
Virtual applicances such as:
Firewalls
Intrusion detection systems (IDS)
Intrusion protection systems (IPS)
Deep packet inspection systems (DPI)
What happens when cross zone load balancing is enabled?
Each load balancer node distributes traffic across the registered targets in all enabled AZs
What happens when cross zone load balancing is disabled?
Each load balancer node distributes traffic only across the registered targets in its AZ
When is cross zone load balancing enabled, disabled?
With ALB it is always enabled
With NLB and GLB it is disabled by default
What kind of autoscaling policies are there?
What policies does AWS recommend?
Simple
Step
Target Tracking
Scheduled
Target tracking is recommended over simple and step
Target Tracking
scales the capacity of your ASG based on a target metric value
Warm Up Time
IN a target tracking policy instance metrics are not counted until the warm up time has expired - time provided for the instance to warm up
AWS recommendation for metrics used in target tracking policy
AWS recommends scaling on metrics with a one minute frequency
Simple Scaling
Set an alarm (e.g. CPU>= 60%)
When cloud watch reports the alarm is reached to the ASG and the ASG will scale out and will wait another 300 seconds (5 mins) before allowing another scaling activity
Step Scaling
similar to simple scaling but the amount of instances launched will depend on the alarm breached (e.g. 10% over nets one new instance, while 20% over nets two)
Scheduled Scaling
set a schedule to scale out or in
Amazon CloudWatch
AWS service that provides a near-real
-time stream of system events - events describe changes to AWS resources
(Think Metrics - aws or custom)
CloudWatch Alarms
send notifications or automatically make changes to the
resources that you are monitoring based on rules that you define
metric alarm
watches a single CloudWatch metric. The alarm performs one or more actions based on the
value of the metric relative to a threshold over a number of time periods.
A CloudWatch metric includes the following components
A namespace is a container for CloudWatch metrics.
A metric represents a time-ordered set of data points that are published to CloudWatch.
A dimension is a name-value pair that uniquely identifies a metric.
Types of AWS Logs
CloudWatch Logs
Cloud Trail
VPC Flow Logs
Custom logs
Amazon CloudWatch Logs
monitor, store, and access your log files from EC2 instances, CloudTrail, Route 53, and other resources.
AWS CloudTrail
provides event history of your account activity, including actions taken through the console, AWS SDK, command line interface (CLI), and AWS services
facilitates governance, compliance, and operational and risk auditing
You turn on CloudTrail on a per Region basis; Saves logs in S3 bucket you designate
(think auditing)
What do CloudTrail logs include
the source IP address and identity of the API caller
It also includes the time of the
call, the request parameters, and the response elements that the AWS service returns.
CloudWatch Alarm States
OK–The metric is within the defined threshold; not exceeded
ALARM–The metric is outside the defined threshold.
INSUFFICIENT_DATA–The alarm has started, the metric is not available, or not enough data is available for
the metric to determine the alarm state. (ex depth of empty SQS queue)
This state could indicate there is something wrong in your system
