ACG Cliff Notes: ELB 101

The magic of web-scale

What is it?

Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses.

History: Back in the mid-1990’s, a load balancers was its own bare metal device. With a round-robin scheme, it distributed calls across individual servers or entire networks using bi-directional network address translation (NAT). Hypervisors were born, and suddenly these load balancing devices were virtual.

Side note: if you want it straight from the source, check out AWS’s docs, specifically this FAQ page.

What are the types?

There are:

1. Application Load Balancers — layer 7 traffic. (docs here)
2. Network Load Balancers — layer 4 traffic (docs here)
3. Classic Load Balancers — legacy ELB, does layer 7 & 4 (docs here)

Here’s another view:

A quick side note: if you’re load balancer ever fails and you’re using Classic Load Balancer, you’ll likely see a 504 HTTP error (see left).

This means the app is having issues, either at the data/web/application layer (ie 🤷‍)

Another side note: the X-Forwarder-For HTTP header is meant to pass the IP from the client through the load balancer, so it gets to the underlying EC2 instance running whatever service it’s destined for. This way, you can still get the Public IP (and then use 3rd Parties to identify who exactly is visiting your site, down to the company name 😱).

And then I have a (big) diagram for you:

OK, so let’s do it ourselves! 🤓💪🔨

How To Set Up Your Own Classic Load Balancer

1. ssh onto an EC2 host and make sure httpdis working (see my EC2 Baby Step post for help).
2. add a healthcheck.html file to the /var/www/html directory.
3. In the Console, click “Load Balancers” in the lefthand menu, then “Create Load Balancer”. You’ll see this screen next:

4. Under “Classic Load Balancer”, click “Create”. You’ll see this screen:

5. Enter a name, then click “Next: Assign Security Groups”, and make a new Security Group as follows:

6. Click “Next: Configure Security Settings”, then click “Next: Configure Health Check” (ignore the below warning)

7. Now, enter /healthcheck.html into your Ping Path so that the Load Balancer requests this file from all EC2 instances (in this case, only 1) on Port 80.

With this configuration, our Load Balancer will:

• Declare an instance “Healthy” after 10 successful checks in a row
• Declare it “Unhealthy” after 2 unsuccessful attempts
• Wait 30 seconds between each attempt
• For each attempt, wait 5 seconds before declaring a Pass/Fail

8. Now, attach your instance by checking the box (then click “Next: Add Tags”)!

9. Tags are great because it’ll allow you to track your resources via “Resource Groups”. Just add a simple “ELB:ON” tag, like this:

10. Click “Review and create”, then “Create”. 👏 You’re done! (if you see the below green box)

And your console will look like this:

Side note: AWS will never auto-assign a Public IP to your load balancer. Why? To remove the temptation to hardcode that Public IP into the apps supported by that ELB, because that IP will eventually change and break everything. Use DNS name instead.

Make your Health Check Fail!

This is easy. Just do sudo rm -rf /var/www/html/healthcheck.html and look at the console (it will fail after trying in vain 2 times, with 30 seconds in between each check…so wait like 60 seconds):

“OutOfService” means the checks failed (see bottom of screenshot).

How To Set Up Your Own Application Load Balancer

Wait…what’s an ALB?

You might say the ALB is version 2.0 of the Classic Load Balancer. It’s way more intelligent — that is, you can route traffic in a many more nuanced ways across a more complex network topology. If you’re working with microservices and especially containers, you’ll probably want to use ALB over Classic. (here’s the specs comparison).

The backstory

Just read this.

ALB looks like this:

How does it work?

An Application Load Balancer functions at the application layer (layer 7):

1. load balancer receives HTTP/HTTPS request
2. it figures out which rules (aka “listener rules”) to apply
3. it finds the target group where it’ll apply to rule and/or route request

A dialogue:

External IP: “Hey! I want that home page. Please with sugar on top”.

ALB: “Gotcha! Rules, what say you?”

Listener Rule: “Lemme check…OK, this one’s for the Koala Petsitting Tips page. Send it to the Petsitting target group. Hope he’s not busy”. [sends to target group]

Petsitting Target Group [receiving it]: “Thanks! Forwarding to Host #23. He’s registered, and he’s not busy” [sends to target host].

Target: “Alrighty. Here’s your page!”

The steps

OK, so I have a website with cat photos.

1. Create 3 EC2 instances, each in a different region
2. On each, boot Apache and embed a JPEG of a unique cat into a `/var/www/index.html` file
3. Create a Application Load Balancer with a target group, then register the instances to that target group

Now, paste the DNS of the ALB into your browser and refresh to cycle the cats!