High Availability and Scalability: ELB & ASG

Question 1

Horizontal Scalability

Answer 1

Elasticity. Increasing the number of instances, systems for your application. Horizontal scaling implies distributed systems.

Question 2

Vertical Scalability

Answer 2

Increasing the size of the instance. common for non distributed systems such as database. RDS and ElastiCache are services that can scale vertically.

Question 3

High Availability

Answer 3

running application, system in at least 2 data centers. the goal of high availability is to survive data center loss.

Question 4

Load Balancing

Answer 4

Load Balancers are Servers that forward traffic to multiple servers downstream.

Question 5

Why use Load Balancers?

Answer 5

• Spread load across multiple downstream instances
• Expose a single point of access (DNS) to your application * Seamlessly handle failures of downstream instances
• Do regular health checks to your instances
• Provide SSL termination (HTTPS) for your websites
• Enforce stickiness with cookies
• High availability across zones
• Separate public traffic from private traffic

Question 6

Types of Load Balancers?

Answer 6

1)Classic Load Balancer (v1 - old generation) – 2009 – CLB * HTTP, HTTPS,TCP,SSL(secureTCP)

2) Application Load Balancer (v2 - new generation) – 2016 – ALB * HTTP, HTTPS,WebSocket

3) Network Load Balancer (v2 - new generation) – 2017 – NLB * TCP,TLS(secureTCP),UDP

4) Gateway Load Balancer – 2020 – GWLB
Operates at layer 3 (Network layer) – IP Protocol

Question 7

Application Load Balancer

Answer 7

• Application load balancers is Layer 7 (HTTP)
• Load balancing to multiple HTTP applications across machines (target groups)
• Load balancing to multiple applications on the same machine (ex: containers)
• Suppor t for HTTP/2 and WebSocket
• Support redirects (from HTTP to HTTPS for example)

Question 8

Scalability

Answer 8

application/system can handle greater loads by adapting.

Question 9

Health Checks

Answer 9

Way to verify if EC2 instance is properly working.

Enable load balancer to know if instances it forwards traffic to are available to reply to requests.

supports HTTP , HTTPS, and TCP protocols

Question 10

Target Groups

Answer 10

Target groups route requests to individual registered targets, such as EC2 instances, using the protocol and port number that you specify.

1) EC2 instances managed by Auto Scaling Group

2) ECS tasks

3) lambda functions

4)IP Addresses

5) IP addresses- must be private APs

Question 11

Network Load Balancer

Answer 11

Forwards TCPC and UDP traffic to your instances.

handles millions of requests/second

ultra low latency

Has one static IP/AZ and supports assigning Elastic IP

Question 12

Gateway Load Balancer

Answer 12

Deploy, scale and manage a fleet of 3rd party network virtual appliances in AWS

Examples: firewalls, intrusion detection and prevention systems, deep packet inspection systems, payload manipulation.

Question 13

Sticky Sessions

Answer 13

client is always redirected to the same instances behind a load balancer.

can be enabled for ALB and NLB

use case: make sure user doesn’t lose session data.

uses application or duration based cookies.

Question 14

Cross-Zone Load Balancing

Answer 14

each load balancer instance distributes evenly across all registered instances in all AZ.

no charges for inter AZ data

NLB/GLB:
Disabled by default
you pay charges for inter AZ data.

Question 15

SSL/TLS Certificate

Answer 15

Allows traffic between your clients and your load balancer to be encrypted in transit.

secure sockets layer, used to encrypt connections

TLS transport layer certificate, which is newer version and mainly used

Question 16

SNI

Answer 16

Server Name Indication.

solves problem of loading multiple SSL certificates onto one web server.

client indicates the hostname of the target server in the initial SSL handshake, the server will then find the correct certificate, or return the default one.

only works for ALB, NLB, cloudfront.

example: You have an Application Load Balancer that is configured to redirect traffic to 3 Target Groups based on the following hostnames: users.example.com, api.external.example.com, and checkout.example.com. You would like to configure HTTPS for each of these hostnames. How do you configure the ALB to make this work? use SNI

Question 17

ELB Connection Draining

Answer 17

Deregistration Delay.

it gives time for instances to complete “in-flight requests” while the instance is de-registering or unhealthy.

stops sending new requests to the EC2 instance which is de-registering.

Question 18

Auto Scaling Group

Answer 18

Scale out (add Ec2 instances) to match an increased load.

Scale in (remove EC2 instances) to match a decreased load.

Re-create an EC2 instance in case a previous one is terminated.

ASG are free (you only pay for underlying EC2 instances)

Question 19

Dynamic Scaling

Answer 19

1) Target Tracking Scaling- i want average ASG CPU to stay at around 40%
2) Simple / Step Scaling- when a cloudwatch alarm is triggered ( CPU > 70%) then add 2 units

Question 20

Scheduled Scaling

Answer 20

anticipate a scaling based on known usage patterns. increase the min capacity to 10 at 5pm on Fridays.

Question 21

Predictive Scaling

Answer 21

continuously forecast load and schedule scaling ahead.

Question 22

Static DNS

Answer 22

static domain name system. Elastic Load Balancers provide static DNS name we can use in application. AWS wants your ELB to be accessible using a static endpoint, even if underlying infrastructure that AWS manages changes.

Question 23

When using an Application Load Balancer to distribute traffic to your EC2 instances, the IP address you’ll receive requests from will be the…

to get the client’s IP address…

Answer 23

ALB’s private IP addresses.

ALB adds an additional header called “X-Forwarded-For” contains the client’s IP address.

Question 24

Application Load Balancers can route traffic to different Target Groups based on

Answer 24

Hostname, request URL path, source IP address.

Question 25

Cookie names reserved by ELB

Answer 25

AWSALB
AWSALBAPP
AWSALBTG

Question 26

what happens to instance when you run a health check and it fails

Answer 26

instance is terminated. ASG will generate a new EC2 instance.

Question 27

ALB Routing

Answer 27

1) routing based on path in URL. ex: example.com/users and example.com/posts
2) routing based on hostname in url (one.example.com and other.example.com)
3) routing based on query strings, headers. example.com/users?id=123@order=false)

Question 28

Application servers don’t see the IP of the client directly. what do they see?

Answer 28

IP of client is inserted in the header X-Forwarded-For. X-forwarded-port. X-forwarded-proto.