Load Balancers Flashcards
Elastic Load Balancer (ELB)
automatically distributes incoming application traffic across multiple targets
- can be done across multiple AZs
ELB Health Checks
- all load balancers can be configured with health checks
- sees which instances are healthy or unhealthy
- stops sending requests to unhealthy requests (until they become healthy)
Application Load Balancer
- http & https
- INTELLIGENT
- layer 7
Network Load Balancer
- layer 4 (connection level)
- millions of requests per second
- ultra-low latencies
Classic Load Balancer
- legacy
- http/https
- deprecated
- EOL Aug 2022
ALB - listeners
check for connection requests from clients using the protocol and port you configure
- http: port 80
- https: port 443 w/ SSL certificate
ALB - rules
when conditions are met, then actions are performed
- each listener requires you to provide a default rule
ALB - target groups
route requests to one or more registered targets, such as EC2 instances, using the protocol and port you specify
How does https load balancing work?
- uses port 443
- you must deploy at least one SSL/TLS certificate on your load balancer
- Load balancer uses a server certificate to terminate the front end connection, then decrypts requests from clients before sending them to the targets *
ALB Path-based routing - common exam scenario
Application Load balancer can determine which instance (target) to send user to based on path or url using path patterns
ex:
- send www.myurl.com to us-east-1a
- send www.myurl.com/images to us-east-1b
Network Load Balancers Protocols
TCP, TLS, UDP, TCP_UDP
Network Load Balancer Ports
1 - 65535
How many requests per second can Network Load Balancer handle?
millions
How are listeners different on NLBs than ALBs?
- ALB listeners are intelligent and can check rules
- NLB listeners do not have rules, they are not intelligent, they only forward the request to the target group
Network Load Balancer Encryption
- can use a TLS listener to offload the work of encryption and decryption to your load balancer
- if the listener protocol is TLS, you must deploy exactly 1 SSL certificate on the listener
Layer 4 Exam tips
- layer 4 = extreme performance
- other cases for ports other than 80 and 443
- can decrypt traffic, but must install certificate on the NLB
Classic Load Balancer
- you can choose layer 7 or Layer 4
X-Forwarded-For (Classic Load Balancer)
header used to see the IP v4 where original request came from
Classic Load Balancer Gateway Timeouts
- 504 error
load balancer is running, but can’t connect to the web or database layer
Sticky Sessions for Classic Load Balancer
- Classic Load Balancer
- allows you to bind a user session to a specific Ec2 instance
- ensures all requests are sent to same instance so you can store data locally to that instance
Problems of Sticky Sessions on Classic Load Balancer
- if the instance is unhealthy or terminated, the user still gets routed there. To solve this, disable sticky sessions
Difference of Sticky Sessions on ALBs rather than CLBs
- ALBs have sticky sessions, but they route to the target group, not to individual instances
Deregistration Delay/Connection Draining
allows load balancers to keep existing connections open if the EC2 instance is de-registered or becomes unhealthy
- lets the load balncer complete in-flight requests made to unhealthy instances
- can be disabled if you want connections immediately closed*
