High Availability and Scalability: ELB & ASG Flashcards
Horizontal Scalability
Elasticity. Increasing the number of instances, systems for your application. Horizontal scaling implies distributed systems.
Vertical Scalability
Increasing the size of the instance. common for non distributed systems such as database. RDS and ElastiCache are services that can scale vertically.
High Availability
running application, system in at least 2 data centers. the goal of high availability is to survive data center loss.
Load Balancing
Load Balancers are Servers that forward traffic to multiple servers downstream.
Why use Load Balancers?
- Spread load across multiple downstream instances
- Expose a single point of access (DNS) to your application * Seamlessly handle failures of downstream instances
- Do regular health checks to your instances
- Provide SSL termination (HTTPS) for your websites
- Enforce stickiness with cookies
- High availability across zones
- Separate public traffic from private traffic
Types of Load Balancers?
1)Classic Load Balancer (v1 - old generation) – 2009 – CLB * HTTP, HTTPS,TCP,SSL(secureTCP)
2) Application Load Balancer (v2 - new generation) – 2016 – ALB * HTTP, HTTPS,WebSocket
3) Network Load Balancer (v2 - new generation) – 2017 – NLB * TCP,TLS(secureTCP),UDP
4) Gateway Load Balancer – 2020 – GWLB
Operates at layer 3 (Network layer) – IP Protocol
Application Load Balancer
- Application load balancers is Layer 7 (HTTP)
- Load balancing to multiple HTTP applications across machines (target groups)
- Load balancing to multiple applications on the same machine (ex: containers)
- Suppor t for HTTP/2 and WebSocket
- Support redirects (from HTTP to HTTPS for example)
Scalability
application/system can handle greater loads by adapting.
Health Checks
Way to verify if EC2 instance is properly working.
Enable load balancer to know if instances it forwards traffic to are available to reply to requests.
supports HTTP , HTTPS, and TCP protocols
Target Groups
Target groups route requests to individual registered targets, such as EC2 instances, using the protocol and port number that you specify.
1) EC2 instances managed by Auto Scaling Group
2) ECS tasks
3) lambda functions
4)IP Addresses
5) IP addresses- must be private APs
Network Load Balancer
Forwards TCPC and UDP traffic to your instances.
handles millions of requests/second
ultra low latency
Has one static IP/AZ and supports assigning Elastic IP
Gateway Load Balancer
Deploy, scale and manage a fleet of 3rd party network virtual appliances in AWS
Examples: firewalls, intrusion detection and prevention systems, deep packet inspection systems, payload manipulation.
Sticky Sessions
client is always redirected to the same instances behind a load balancer.
can be enabled for ALB and NLB
use case: make sure user doesn’t lose session data.
uses application or duration based cookies.
Cross-Zone Load Balancing
each load balancer instance distributes evenly across all registered instances in all AZ.
no charges for inter AZ data
NLB/GLB:
Disabled by default
you pay charges for inter AZ data.
SSL/TLS Certificate
Allows traffic between your clients and your load balancer to be encrypted in transit.
secure sockets layer, used to encrypt connections
TLS transport layer certificate, which is newer version and mainly used
SNI
Server Name Indication.
solves problem of loading multiple SSL certificates onto one web server.
client indicates the hostname of the target server in the initial SSL handshake, the server will then find the correct certificate, or return the default one.
only works for ALB, NLB, cloudfront.
example: You have an Application Load Balancer that is configured to redirect traffic to 3 Target Groups based on the following hostnames: users.example.com, api.external.example.com, and checkout.example.com. You would like to configure HTTPS for each of these hostnames. How do you configure the ALB to make this work? use SNI
ELB Connection Draining
Deregistration Delay.
it gives time for instances to complete “in-flight requests” while the instance is de-registering or unhealthy.
stops sending new requests to the EC2 instance which is de-registering.
Auto Scaling Group
Scale out (add Ec2 instances) to match an increased load.
Scale in (remove EC2 instances) to match a decreased load.
Re-create an EC2 instance in case a previous one is terminated.
ASG are free (you only pay for underlying EC2 instances)
Dynamic Scaling
1) Target Tracking Scaling- i want average ASG CPU to stay at around 40%
2) Simple / Step Scaling- when a cloudwatch alarm is triggered ( CPU > 70%) then add 2 units
Scheduled Scaling
anticipate a scaling based on known usage patterns. increase the min capacity to 10 at 5pm on Fridays.
Predictive Scaling
continuously forecast load and schedule scaling ahead.
Static DNS
static domain name system. Elastic Load Balancers provide static DNS name we can use in application. AWS wants your ELB to be accessible using a static endpoint, even if underlying infrastructure that AWS manages changes.
When using an Application Load Balancer to distribute traffic to your EC2 instances, the IP address you’ll receive requests from will be the…
to get the client’s IP address…
ALB’s private IP addresses.
ALB adds an additional header called “X-Forwarded-For” contains the client’s IP address.
Application Load Balancers can route traffic to different Target Groups based on
Hostname, request URL path, source IP address.
Cookie names reserved by ELB
AWSALB
AWSALBAPP
AWSALBTG
what happens to instance when you run a health check and it fails
instance is terminated. ASG will generate a new EC2 instance.
ALB Routing
1) routing based on path in URL. ex: example.com/users and example.com/posts
2) routing based on hostname in url (one.example.com and other.example.com)
3) routing based on query strings, headers. example.com/users?id=123@order=false)
Application servers don’t see the IP of the client directly. what do they see?
IP of client is inserted in the header X-Forwarded-For. X-forwarded-port. X-forwarded-proto.
