Elastic Load Balancers help you to distribute traffic across multiple instances and thus give you the capabilities to design a fault tolerant solution. You can distribute traffic evenly across instances in multiple availability zones. This article, Elastic Load Balancers Exam Tips provides core concepts that you need to know for both the Certified Solutions Architect Associate Exam and the Certified Developer Associate Exam.
There are two types of load balancers as follows:
- Classic Load Balancers that require you to register instances with the load balancer
- Application Load Balancers that require you to register instances as targets in a target group and route traffic to the target group
You can use Amazon Elastic Load Balancers to improve availability and scalability of the following core AWS services:
- Amazon EC2 – enable you to distribute traffic to your front end web servers or between your web servers and back-end application layer servers
- Amazon ECS – Run, stop and manage Docker containers on EC2 clusters
- Auto Scaling – Enable you to provide the correct number of instances as required by parameters you specify. Enable auto scaling with elastic load balancing to ensure that instances launched by auto-scaling are automatically registered with the load balancers. This will also ensure that instances which are terminated by auto-scaling are removed from the load balancer
- Amazon CloudWatch – you can monitor your load balancers
- Amazon Route 53 – Map domain names to your Load Balancer’s URL to enable more easy to remember end point names
Elastic Load Balancing supports routing and load balancing of the following types of traffic:
Placement of Load Balancers
Internet Facing Load Balancers – The load balancer takes inbound requests from the Internet and distributes them among your EC2 Instances that are registered with the load balancer. Internet Load Balancers get a public DNS name that clients can send requests to. DNS servers then resolve the DNS name to the load balancer’s IP address.
Internal Load Balancers – Used for multi-tier application, you can load balance traffic between tiers of applications. This is particularly useful if you need to route traffic to instances that are located in the Private subnet of a VPC.
HTTPS Load Balancers – Using Secure Sockets Layer, SSL, you can encrypt traffic from your clients and your load balancer as well as for connections between the load balancer and the back end servers. You have to install SSL certificates on your load balancers for this to work. Note that Elastic Load Balancers do not support Server Name Indication and if you wish to host multiple websites behind your load balancers you will need an SSL certificate with Subject Alternative Names (SAN).
Note: Elastic Load Balancers support Layer 4 of the OSI layer which relates to the TCP connection and Layer 7 of the OSI layer which relates to the application layer.
A listener checks for connection requests. It is configured with a protocol and port number for connections from clients to the load balancer and a protocol and port number for connections from the load balancer to the instances. Note The following ports are supported:
- EC2-VPC – 1-65535
- EC2-Classic – 25, 80, 443, 465, 587, 1024-65535
By enabling multiple Availability Zones with your load balancers and registering with the AZ, if one of the Availability Zone becomes unavailable or has no healthy instances, the load balancer can continue to route traffic to the healthy registered instances in another Availability Zone.
- With a Classic Load Balancer, the load balancer node receiving the request selects a registered instance using round robin and the least outstanding requests routing algorithm for HTTP and HTTPS listeners.
- With an Application Load Balancer, the load balancer node receiving the request selects a registered target from the target group using the round robin. Routing is performed independently for each target group, even when a target is registered with multiple target groups
Configuring Elastic Load Balancers
Idle Connection Timeout – A load balancer maintains two connection; one with the client and the other with the back-end instance. An idle timeout is triggered when no data is transmitted for a specified period of time and the load balancer then closes the connection. The default timeout period if 60 seconds. You can choose to enable a keep-aline option on your web servers which will allow load balancers to connections to your back-end servers and this helps reduce CPU utilisation.
Cross-Zone Load Balancing – If you have back-end instances across multiple availability zones, you can enable cross-zone load balancing which reduces the need to maintain an equivalent number of back-end servers in each Availability Zone and handles the loss of one or more back-end instances better. Also, Cross Zone Load Balancing can help spread requests across all back-end instances and avoid situations when cache DNS lookup may cause a lot of traffic to be directed to a single availability zone.
Connection Draining – Connection Draining helps to ensure that load balancers stop sending new traffic to instances that are de-registering or unhealthy while keeping existing connections open to complete transactions. The maximum timeout value can be set between 1 and 3600 seconds after which the load balancer will force connections to close on a deregistering instance.
Proxy Protocol – When using SSL/TCP, the load balancers will forward requests to back-end servers without modifying headers. A proxy protocol contains header information such as source IP, destination IP and port numbers.
Sticky Sessions – Load Balancers will route traffic to instances with the smallest load. With Sticky Sessions, you can bind a user’s session to a specific instance. This ensures that all traffic from a user is sent to one instance only for a specific session. If the application does not have session cookie configured, you can configure the load balancer to create a session cookie which is named as AWSELB to enable the mapping of sessions to an instance.
Health Checks- You can perform health checks to test the status on an EC2 instance behind an ELB. Status of the instance that is healthy at the time of health check is In-service and if there are any instances that unhealthy, the status is then set to Out-of-Service. Health Checks works by pinging periodically and checking the response. You can set the following parameters:
- Response Timeout
- Health Check Interval – time between health checks
- Unhealthy Threshold
- Healthy Threshold – number of times to check before it brings it into service
Key Points and Exam Tips
- Cross-zone load balancing is always enabled for an Application Load Balancer and is disabled by default for a Classic Load Balancer
- The Classic Load Balancer supports Amazon EC2 instances with any operating system currently supported by the Amazon EC2 service
- Using Amazon Virtual Private Cloud, you can configure security groups for the front-end of your Classic Load Balancers.
- You can obtain a history of Classic Load Balancer API calls made on your account by using Cloudtrail
- You will never be assigned an IP address for the Elastic Load Balancer – you will be given a DNS name
- Load Balancers can be in Service or Out of Service based on Health Check configuration
- Elastic Load Balancers are charged by the hour and on a per GB basis of usage
180 Practice Exam Questions – Get Prepared for your Exam Day!
Our Exam Simulator with 180 practice exam questions comes with comprehensive explanations that will help you prepare for one of the most sought-after IT Certifications of the year. Register Today and start preparing for your AWS Certified Solutions Architect – Associate Exam.