High Availability & Scalability

Question 1

_______ are crucial for load balancers and they enable the load balancer to know if instances it forwards traffic to are available to reply to requests and health check is done on a port and a route (/health is common) and if the response is not 200 (OK) the the instance is unhealthy

Answer 1

Health checks

Question 2

What are the different types of load balancer on AWS?

Answer 2

1. Classics load balancer
2. application load balancer (HTTP, HTTPS, TCP, SSL (secure TCP)
3. Network load balancer (TCP, TLS (secure TCP), UDP)
4. Gateway load balancer (operates at layer 3)

Question 3

Application load balance is a __________ (HTTP)

Answer 3

Layer 7

Question 4

_____________ load balancing to multiple HTTPS applications across machines (target groups) and multiple applications on the same machine (ex containers) and it support for HTTP/2 and websocket and support redirects (from HTTP to HTTPS for example)

Answer 4

Application load balancer

Question 5

Application load balancer supports __________

Answer 5

Route routing ( routing based on path in URL, host name in URL, query string, headers)

Question 6

ALB (Application load balancer) are a great fit for ___________ applications

Answer 6

Micro services & container based application (ex. Docket & Amazon ECS)

Question 7

What are the different target groups for application load balancer?

Answer 7

1. EC2 instance (can be managed by an auto scaling group)- HTTP
2. ECS task (managed by ECS itself)- HTTP
3. Lambda functions - HTTP request is translated into a JSON event
4. IP addresses- must be private IPs

ALB can route multiple target groups & health checks are at the target group level

Question 8

What are some features should know about application load balancer?

Answer 8

• Fixed host and (XXX.region.elb.amazonaws.com)
• The application servers don’t see the IP of the client directly (the true IP of the client is inserted in the header X-forwarded-For)

Question 9

Network load balancer (layer 4) allows you to do what?

Answer 9

1. Forward TCP & UDP traffic to your instances
2. Handle millions of request per seconds
3. Less latency - 100ms (vs 400 ms for ALB)

Question 10

Network load balancer (NLB) has _____________ per AZ and supports assigning elastic IP(helpful for whitelisting specific IP)

Answer 10

one static IP per AZ

Question 11

What are the target groups for network load balancer?

Answer 11

1. EC2 instances
2. IP Addresses (must be private IP)
3. Application load balancer
4. Health checks supports the TCP, HTTP, and HTTPS protocols

Question 12

___________ is used to deploy, scale, and manage a fleet of 3rd party network virtual appliances in AWS

Answer 12

Gateway Load Balancer

Question 13

What are some features of gateway load balancer?

Answer 13

• Operates at layer 3 (Network layer) - IP packets
• Combines the following functions:
  1. Transparent network gateway- single entry/exit for all traffic

2. Load balancer- distributes traffic to your virtual appliances
3. Uses the GENEVE protocol on port 6081

Question 14

What are the target groups for gateway load balancer?

Answer 14

1. EC2 instances
2. IP addresses (must be private IPs)

Question 15

How does a gateway load balancer work?

Answer 15

1. Users (source) use route table
2. That route table sends traffic to the gateway load balancer
3. The gateway load balancer send that traffic to your target group
4. Target groups sends the traffic back to gateway load balancer
5. The gateway load balancer sends traffic to your application

Question 16

It’s possible to implement ___________ so that the same client is always redirected to the same instance behind a load balancer

Answer 16

stickiness (sticky sessions)

Question 17

__________ works for classic load balancer, application load balancer, and network load balancer

Answer 17

Sticky session (the cookie used for stickiness has an expiration date you control) (NLB can work without cookies)

Question 18

What are the use case for sticky sessions?

Answer 18

To make sure the user doesn’t lose his session data

Question 19

What are the two types of cookies you can have for sticky sessions?

Answer 19

1. Application- based cookies
   - Custom cookie that is generated by the target & dont use AWSALB, AWSALBAPP, or AWSALBTG when naming your cookie (it’s reserved for use by the ELB)
2. Duration - based cookie
   - Cookie generated by the load balancer
   - Cookie name is AWSALB for ALB, AWSELB for CLB

Question 20

With __________ each load balancer instance distribute evenly across all registered instances in all AZ

Answer 20

Cross - Zone load balancing

Question 21

Without _________ request are distributed in the instance of the node of the elastic load balancer

Answer 21

Without cross zone balancer

Question 22

With the ________ by default the cross zone load balancing is enabled (but can be disabled at the target group level) & no charges for inter AZ data

Answer 22

Application load balancer

Question 23

With ____________ cross zone balancing is disabled by default and if enabled will have to pay for inter AZ

Answer 23

Network load balancer and & gateway load balancer

Question 24

An _____________ allows traffic between your client and your load balancer to be encrypted in transit ( in flight encryption)

Answer 24

SSL certificate

Question 25

__________ refers to secure socket layer, used to encrypt connections

Answer 25

SSL

Question 26

__________ refers to transport layer security, which is a newer version& nowadays it’s mainly used but people still refer as SSL

Answer 26

TLS

Question 27

Clients use ______ to specify the host name they reach

Answer 27

SNI (server Name indication)

Question 28

_______ solves the problem of loading multiple SSL certificates onto one web server (to serve multiple websites) & it’s a “newer” protocol & requires the client to Indi image the host name of the target server in the initial SSL handshake

Answer 28

SNI (only works for ALB & NLB)

Question 29

________ support only one SSL certificate and must use multiple CLB for multiple hostname with multiple SSL certificates

Answer 29

Classic load balancer (v1)

Question 30

____________ supports multiple listeners with multiple SSL certificates & uses server name indication (SNI) to make it work

Answer 30

Application load balancer (v2)

Question 31

___________ supports multiple listeners with multiple SSL certificates & uses SNI to make it work

Answer 31

Network load balancer (v2)

Question 32

When using a CLB connection draining is called __________

Answer 32

Connection draining

Question 33

When using an ALB & NLB connection draining is called what?

Answer 33

Deregistration delay

Question 34

___________ gives time to complete “in flight request” while the instance is De-registering or unhealthy and once it’s done the ELB will stop sending new request to the EC2 jbstance which is De-registering (can setup parameters for 5 mind & can be fisabled by setting the vsl you e to 0)

Answer 34

Connection draining

Question 35

How does connection draining work?

Answer 35

1. When an instance is in draining mode, the users that are connected with the ELB are waiting for existing connections to be completed
2. If new users try to connect to the ELB then the ELB will only establish new connections with other EC2 instances

Question 36

With connection draining with you set it to a _______ value your request must be short

Answer 36

Low value

Question 37

Auto scaling groups (ASG) are __________

Answer 37

Free (only pay for the underlying EC2 instance)

Question 38

What are the auto scaling group attributes?

Answer 38

1. Launch template
   - AMI + instance type
   - EC2 user data
   - EBS volumes
   - security groups
   - SSH key pair
   - IAM roles for your EC2 instances
   - Network + subnets information
   - Load balancer information
2. Min size / Max size / initial capacity
3. Scaling policies

Question 39

It’s possible to scamjng an ASG based on ____________ alarms

Answer 39

Cloudwatch alarms

Question 40

An alarm is a ________ (such as avg CPU or custom metric) so for example if the avg CPU as a whole for your ASG is too high then need to add EC2 instance which will trigger the alarm & scaling activity in your scaling group

Answer 40

metric

Question 41

Related to ASG and cloudestch alarms, based on the alarms what can you create?

Answer 41

• Can create scale - out policies (increase the number of instances)
• Can create scale - in policies (decrease the number of instances)

Question 42

What are the different types of scaling policies?

Answer 42

1. Dynamic scaling
   - Which has target tracking scaling (define a metric and target value and the ASG will scale out or in to keep your target metric)
2. Simple/ step scaling
   - when a cloudwatch alarm is triggered (when your metric is higher than your target) then adds 2 units

• when a cloudwatch alarm is trigger ( when metric is below your target) then it removes one

3. Schedules scaling
   - aniticioae a scaling based on knownusage patterns (ex increase the min capacity to 10 at 5pm on Fridays bc u know you will get new users)
4. Predictive scaling
   - Continuously forecast load and schedule scaling ahead of time

Question 43

What are some good metrics to scale on?

Answer 43

1. CPU Utilization (avg CPU)
2. Request count per target: to make sure the number of request per EC2 instance is table
3. Average network in/out (if you’re application is network bound)
4. Any custom metric (that you push using cloudwatch)

Question 44

After a scaling activity happens your are in the ______________

Answer 44

Cool down period (default 300 seconds)

Question 45

What occurs in the ASG scaljnc cooldowns?

Answer 45

During the cooldown period, the ASG wil not launch lr terminate additional instance (to allow for metrics to stabilize)

• So you would wanna use a ready to use AMI to reduce configuration time in order to be serving request faster and reduce the cooldown period