ACG Cliff Notes: ELB 101
The magic of web-scale
What is it?
Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses.
History: Back in the mid-1990’s, a load balancers was its own bare metal device. With a round-robin scheme, it distributed calls across individual servers or entire networks using bi-directional network address translation (NAT). Hypervisors were born, and suddenly these load balancing devices were virtual.
Side note: if you want it straight from the source, check out AWS’s docs, specifically this FAQ page.
What are the types?
There are:
- Application Load Balancers — layer 7 traffic. (docs here)
- Network Load Balancers — layer 4 traffic (docs here)
- Classic Load Balancers — legacy ELB, does layer 7 & 4 (docs here)
Here’s another view:
A quick side note: if you’re load balancer ever fails and you’re using Classic Load Balancer, you’ll likely see a 504 HTTP error (see left).
This means the app is having issues, either at the data/web/application layer (ie 🤷)
Another side note: the X-Forwarder-For
HTTP header is meant to pass the IP from the client through the load balancer, so it gets to the underlying EC2 instance running whatever service it’s destined for. This way, you can still get the Public IP (and then use 3rd Parties to identify who exactly is visiting your site, down to the company name 😱).
And then I have a (big) diagram for you:
OK, so let’s do it ourselves! 🤓💪🔨
How To Set Up Your Own Classic Load Balancer
- ssh onto an EC2 host and make sure
httpd
is working (see my EC2 Baby Step post for help). - add a
healthcheck.html
file to the/var/www/html
directory. - In the Console, click “Load Balancers” in the lefthand menu, then “Create Load Balancer”. You’ll see this screen next:
4. Under “Classic Load Balancer”, click “Create”. You’ll see this screen:
5. Enter a name, then click “Next: Assign Security Groups”, and make a new Security Group as follows:
6. Click “Next: Configure Security Settings”, then click “Next: Configure Health Check” (ignore the below warning)
7. Now, enter /healthcheck.html
into your Ping Path so that the Load Balancer requests this file from all EC2 instances (in this case, only 1) on Port 80.
With this configuration, our Load Balancer will:
- Declare an instance “Healthy” after 10 successful checks in a row
- Declare it “Unhealthy” after 2 unsuccessful attempts
- Wait 30 seconds between each attempt
- For each attempt, wait 5 seconds before declaring a Pass/Fail
8. Now, attach your instance by checking the box (then click “Next: Add Tags”)!
9. Tags are great because it’ll allow you to track your resources via “Resource Groups”. Just add a simple “ELB:ON” tag, like this:
10. Click “Review and create”, then “Create”. 👏 You’re done! (if you see the below green box)
And your console will look like this:
Make your Health Check Fail!
This is easy. Just do sudo rm -rf /var/www/html/healthcheck.html
and look at the console (it will fail after trying in vain 2 times, with 30 seconds in between each check…so wait like 60 seconds):
How To Set Up Your Own Application Load Balancer
Wait…what’s an ALB?
You might say the ALB is version 2.0 of the Classic Load Balancer. It’s way more intelligent — that is, you can route traffic in a many more nuanced ways across a more complex network topology. If you’re working with microservices and especially containers, you’ll probably want to use ALB over Classic. (here’s the specs comparison).
The backstory
ALB looks like this:
How does it work?
An Application Load Balancer functions at the application layer (layer 7):
- load balancer receives HTTP/HTTPS request
- it figures out which rules (aka “listener rules”) to apply
- it finds the target group where it’ll apply to rule and/or route request
A dialogue:
External IP: “Hey! I want that home page. Please with sugar on top”.
ALB: “Gotcha! Rules, what say you?”
Listener Rule: “Lemme check…OK, this one’s for the Koala Petsitting Tips page. Send it to the Petsitting target group. Hope he’s not busy”. [sends to target group]
Petsitting Target Group [receiving it]: “Thanks! Forwarding to Host #23. He’s registered, and he’s not busy” [sends to target host].
Target: “Alrighty. Here’s your page!”
The steps
OK, so I have a website with cat photos.
- Create 3 EC2 instances, each in a different region
- On each, boot Apache and embed a JPEG of a unique cat into a `/var/www/index.html` file
- Create a Application Load Balancer with a target group, then register the instances to that target group
Now, paste the DNS of the ALB into your browser and refresh to cycle the cats!