Load Balancing and Auto Scaling Flashcards
How does Load Balancing in AWS work?
o Load Balancing is a method used to distribute incoming connections across a group of servers or services
o Incoming connections are made to the load balancer, which distributes them to associated services
o Elastic Load Balancing (ELB) is a service that provides a set of highly available and scalable load balancers in one of three versions:
Classic (CLB)
Application (ALB)
Network (NLB)
o ELBs can be paired with auto scaling groups to enhance high availability and fault tolerance, automating scaling / elasticity
o An ELB has a DNS record, which allows access to the external side
o A node is placed in each AZ the LB is active in; each node gets 1/N of the traffic, where N is the number of nodes
o Historically, each node could only load balance to instances in the same AZ, resulting in uneven traffic distribution; Cross-zone LB allows each node to distribute traffic to all instances
o An ELB can be public-facing (accepting traffic from the internet) or internal (only accessible from inside a VPC, often used between application tiers)
o An ELB accepts traffic via listeners, using protocol and ports combination (e.g. HTTP/80), defined through Security Groups. It can strip HTTPS at this point, handling encryption / decryption, reducing CPU usage on instances (SSL Offloading)
What are Classic Load Balancers?
o Classic Load Balancers (CLB) are the oldest type of load balancer and generally should be avoided for new projects (use only if you have an application running in the EC2-Classic network)
o Supports Layer 3 & 4 (TCP and SSL) and some HTTP/S features
o It isn’t a Layer 7 device, so no real HTTP/S
o One SSL certificate per CLB – can get expensive for complex projects
o Can offload SSL connections – HTTPS to the LB and HTTP to the instance (lower CPU and admin overhead on instances)
o Can be associated with Auto Scaling groups
o DNS A record is used to connect to the CLB
How do Health Checks work for Load Balancers?
o The LB will automatically perform Health Checks on your EC2 instances, and only route traffic to the ones passing it (healthy instance). If an instance fails the HC (unhealthy instance), it is automatically removed from the LB. HCs can be customised to meet specific needs
o Note: through SG configuration, it is possible to enable connection to the applications only through the LB (by allowing HTTP/S connection from the LB SG only, rather than from the internet)
How do Application Load Balancers work?
o Application Load Balancers (ALB) operate at Layer 7 of the OSI model. They understand HTTP / HTTPS and can load balance based on this protocol layer
o ALBs are now recommended as the default LB for VPCs. They perform better than CLBs and are almost always cheaper
o Content rules can direct certain traffic to specific target groups:
Host-based rules: Route traffic based on host used
Path-based rules: Route traffic based on URL path
o ALBs support EC2, ECS, EKS, Lambda, HTTPS, HTTP/2 and WebSockets, and they can be integrated with AWS Web Application Firewall (WAF)
o Use an ALB if you need to use containers or microservices
o Targets -> Target Groups -> Content Rules
o An ALB can host multiple SSL certificates using SNI
How do Network Load Balancers work?
o Network Load Balancers (NLBs) are the newest type of LB, and operate at Layer 4 of the OSI network model. Benefits over ALB:
Can support protocols other than HTTP/S, because it forwards upper layers unchanged
Less latency, because no processing above Layer 4 is required
IP addressable – static address
Best load balancing performance within AWS
Source IP address preservation – packets unchanged
Targets can be addressed using IP address
What are Launch Templates and Launch Configurations?
o Launch Templates and Launch Configurations allow you to configure various configuration attributes that can be used to launch EC2 instances. Typical configurations include: AMI to use for EC2 launch Instance type Storage Key Pair IAM role User Data Purchase options Network configuration Security groups o Launch templates address some of the weakness of the legacy launch configuration and add the following features: Versioning and inheritance Tagging More advanced purchasing options New instance features (Elastic graphics, T2/T3 unlimited settings, placement groups, capacity reservations, tenancy options) o Launch templates should be used over Launch configurations where possible. Neither can be edited after creation – a new version has to be created
What are Autoscaling Groups?
o Autoscaling Groups use launch configurations or launch templates and allow automatic scale out/in based on configurable metrics. They are often paired with ELBs
o Autoscaling Groups can be configured to use multiple AZs to improve High Availability. Unhealthy instances are terminated and recreated. ELB health checks or EC2 status can be used
o Autoscaling Groups use Minimum Size, Desired Capacity (target for the AG), Maximum Size (cost control value)
o Metrics such as CPU Utilisation or network transfer can be used to scale out or scale in, using scaling policies
o Scaling can be manual, scheduled or dynamic
o Cooldowns can be defined to ensure rapid in/out events don’t occur
o Scaling policies can be simple (e.g. if the CPU utilization on average is above 70%, then add one instance), step scaling (similar to simple, but allows for multiple entries/steps) or target tracking (e.g. keep the average CPU at 50% utilization)