{"id":4755,"date":"2022-08-12T15:21:06","date_gmt":"2022-08-12T13:21:06","guid":{"rendered":"https:\/\/blog.besharp.it\/?p=4755"},"modified":"2022-08-19T10:57:49","modified_gmt":"2022-08-19T08:57:49","slug":"aws-elastic-load-balancing-tips-and-tricks-from-basic-to-pro","status":"publish","type":"post","link":"https:\/\/blog.besharp.it\/aws-elastic-load-balancing-tips-and-tricks-from-basic-to-pro\/","title":{"rendered":"AWS Elastic Load Balancing tips and tricks: from basic to pro"},"content":{"rendered":"\n
An old Italian commercial claimed: “Two is better than one.”<\/p>\n\n\n\n
When it comes to application availability<\/strong>, having multiple instances available makes a business more resilient: this can help you achieve fault tolerance<\/strong> for applications and infrastructures. You know: “Everything can fail, all the time”.<\/p>\n\n\n\n Load balancing<\/strong> is the fundamental building block that can make us achieve better uptime and application availability: redistributing traffic on different instances in auto scaling and checking their healthiness isn’t always as easy as it seems.<\/p>\n\n\n\n In my past career as a system administrator, I always struggled to find a resilient, redundant, and elastic solution. After a lot of work and automation, I could have a decent night of sleep!<\/p>\n\n\n\n Using managed services, as always, can help us reduce the amount of work required to achieve our goals.<\/p>\n\n\n\n When it comes to load-balancing, AWS gives us a lot of flexibility: under the “Elastic Load Balancing (ELB)” umbrella, many options are available.<\/p>\n\n\n\n This article will explain ELB fundamentals and deep dive into not-so-common use cases.<\/p>\n\n\n\n Three managed load balancer types are available: Application<\/strong>, Network<\/strong>, and Gateway<\/strong>.<\/p>\n\n\n\n In this article, we’ll focus on Application Load Balancers <\/strong>and Network Load Balancers<\/strong>, while we will not consider the Classic Load balancer, as it is a mix of application and network load balancers with some missing features (check this page<\/a> for comparison), and Gateway Load Balancers. We will write about them in a dedicated article.<\/p>\n\n\n\n Every type of ELB can span multiple Availability Zones and relies on three main components: <\/p>\n\n\n\n ELB can be public (internet facing) or private (so that only private routed resources can access them).<\/p>\n\n\n\n A listener <\/strong>is a small portion of the ELB configuration that defines the entry point of the traffic. If our application uses the HTTP protocol on port 8080, the listener configuration will route traffic to the same protocol and port.<\/p>\n\n\n\n A target group<\/strong> is the set of computational resources that handle application traffic distributed by the load balancer. <\/p>\n\n\n\n A target group can use EC2 instances, ECS containers, IP addresses, lambda functions, or even another application load balancer! <\/p>\n\n\n\n Note that not every ELB type can use all the targets: for example, only an Application Load Balancer can have lambda functions as a target.<\/p>\n\n\n\n A health check<\/strong> is a test used by the target group to determine if the target is healthy, so failing compute resources are excluded and will not receive any traffic. For example, if our application receives TCP traffic on port 31337, the health check verifies that the service is listening.<\/p>\n\n\n\n The application load balancer (ALB) operates at ISO\/OSI level 7, thus the name.<\/p>\n\n\n\n It’s the most commonly used because it balances HTTP and HTTPS traffic and can perform redirection, authentication, and SSL offloading<\/strong> using Amazon Certificate Manager (ACM) certificates. <\/p>\n\n\n\n The network load balancer (NLB) operates at ISO\/OSI level 4 (network or connection level). It can handle any traffic based on TCP or UDP without specialization for a specific application protocol. TLS offloading is supported, offering static IP addresses to use (for both internal and external load balancers).<\/p>\n\n\n\n Gateway load balancers are the last addition to the ELB family. It routes level 3 traffic using GENEVE encapsulation, enabling usage of third-party and custom network and security appliances. <\/p>\n\n\n\n Suppose you want to deploy a custom IDS solution to analyze traffic in transit: Gateway load balancing helps achieve high availability, using multiple instances in different availability zones instead of a single one.<\/p>\n\n\n\n So far so good. And straightforward. Let’s now dive deep into five (+1)<\/strong> less common configuration scenarios that can make your day<\/strong>: how to configure load balancers like a pro!<\/strong><\/p>\n\n\n\n Refactoring applications and adapting them to use the Cloud efficiently isn’t always an option when you are in a rush. <\/p>\n\n\n\nBasic Key Concepts<\/h2>\n\n\n\n
Application Load Balancer<\/h2>\n\n\n\n
Network Load Balancer<\/h2>\n\n\n\n
Gateway Load Balancer<\/h2>\n\n\n\n
1. Use ALB to secure WordPress<\/h2>\n\n\n\n