SlideShare a Scribd company logo

Application Load Balancer and the integration with AutoScaling and ECS - Pop-up Loft TLV 2017

Download as PPTX, PDF
Amazon Web Services
Amazon Web Services

- Elastic Load Balancing automatically distributes application traffic across multiple EC2 instances to improve availability and scalability. - The Application Load Balancer provides advanced request routing features like path-based routing and integration with containers. It also offers improved security, performance, and monitoring capabilities compared to the Classic Load Balancer. - Key components of Application Load Balancing include listeners, target groups, targets, rules, health checks, and metrics in CloudWatch. These components work together to route traffic, monitor instances, and scale capacity as needed.

Technology
1 of 78
Iftach Ragoler, Head of Engineering, Elastic Load Balancing 03/23/2017 Elastic Load Balancing Deep Dive
EC2 Instance
Load Balancer used to route incoming requests to multiple EC2 instances. ELB EC2 Instance EC2 Instance EC2 Instance
Elastic Load Balancing automatically distributes incoming application traffic across multiple applications, microservices and containers hosted on Amazon EC2 instances.
SecureElastic Integrated Cost Effective
Elastic Load Balancing provides high availability by utilizing multiple Availability Zones
Customer VPC EC2 Instance EC2 Instance us-west-1aus-west-1b Amazon Route 53 ELB VPC ELB ELB
Layer 7 (application)Layer 4 (network) Supports TCP and SSL Incoming client connection bound to server connection No header modification Proxy Protocol prepends source and destination IP and ports to request Supports HTTP and HTTPS Connection terminated at the load balancer and pooled to the server Headers may be modified X-Forwarded-For header contains client IP address
Application Load Balancer Advanced request routing with support for microservices and container-based applications.
Classic Application Protocol TCP, SSL, HTTP, HTTPS HTTP, HTTPS Platforms EC2-Classic, EC2-VPC EC2-VPC Health checks ✔ Improved CloudWatch metrics ✔ Improved Path-based routing ✔ Container support ✔ WebSockets & HTTP/2 ✔
New, feature rich, layer 7 load balancing platform Fully-managed, scalable and highly available load balancing platform Content-based routing allows requests to be routed to different applications behind a single load balancer Application Load Balancer
Application Load Balancer allows for multiple applications to be hosted behind a single load balancer
EC2 instances registered behind a Classic Load Balancer ELB EC2 Instance EC2 Instance EC2 Instance
Running two separate applications with Classic Load Balancer requires multiple load balancers ELB EC2 Instance EC2 Instance EC2 Instance EC2 Instance EC2 Instance ELB EC2 Instance orders.example.com images.example.com
ELB /orders example.com EC2 Instance EC2 Instance EC2 Instance EC2 Instance EC2 Instance EC2 Instance /images Application Load Balancer allows for multiple applications to be hosted behind a single load balancer
Multiple applications behind a single load balancer provides a significant cost saving
Consider blast radius and isolation when grouping applications behind a single load balancer
Application Load Balancer provides native support for microservice and container-based architectures
Instances can be registered with multiple ports, allowing for requests to be routed to multiple containers on a single instance ECS will automatically register tasks with the load balancer using a dynamic port mapping Can also be used with other container technologies Application Load Balancer
ELB /orders example.com EC2 Instance EC2 Instance EC2 Instance /images Application Load Balancer allows containers to be registered with the load balancerECS Container ECS Container ECS Container
Microservice and container-based architectures provide further cost savings by improving resource utilization
New API version provided for creating, configuring and managing Application Load Balancers Follows latest AWS best practices for resource identifiers and API design Provides several new resource types, including target groups, targets and rules Application Load Balancer
Load Balancer Listener Listener
Define the protocol and port on which the load balancer listens for incoming connections Each load balancer needs at least one listener to accept incoming traffic, and can support up to 10 listeners Routing rules are defined on listeners Listeners
Load Balancer Listener Listener Target Group #1 Health Check Health Check Health Check Target Group #2 Target Group #3
Logical grouping of targets behind a load balancer Target groups can be exist independently from the load balancer, and be associated with a load balancer when needed Regional construct that can be associated with AutoScaling group Target Groups
Load Balancer Target Group #1 Health Check Health Check Health Check EC2 EC2 EC2 EC2 EC2 EC2 ECS ECS ECS Listener Listener Target Group #2 Target Group #3
Logical load balancing target, which can be an EC2 instances, micro-service or container-based application EC2 instances can be registered with the same target group using multiple ports A single target can be registered with multiple target groups Targets
Load Balancer Target Group #1 Health Check Health Check Health Check EC2 EC2 EC2 EC2 EC2 EC2 ECS ECS ECS Listener Listener Target Group #2 Target Group #3 Rule (default) Rule (*/img/*) Rule (default)
Provide the link between listeners and target groups and consist of conditions and actions When a request meets the condition of the rule, the associated action is taken Today, rules can forward requests to a specified target group Rules
Conditions can be specified in path pattern format A path pattern is case sensitive, can be up to 128 characters in length, and can contain any of the following characters: • A-Z, a-z, 0-9 • _ - . $ / ~ " ' @ : + • & (using &) • * (matches 0 or more characters) • ? (matches exactly 1 character) Rules (continued)
Load Balancer Target Group #1 Health Check Health Check Health Check EC2 EC2 EC2 EC2 EC2 EC2 ECS ECS ECS Listener Rule (default) Rule (*/img/*) Listener Rule (default) Target Group #2 Target Group #3
Today, load balancers support up to 10 rules
Support for up to 100 rules coming soon to Application Load Balancers
Use API deletion protection to prevent a load balancer from being erroneously deleted
Application Load Balancer provides improved performance for Internet applications
Native support for WebSockets, supporting full-duplex communication channels over a single TCP connection Support for HTTP/2 provides improved page load times from most of today’s browsers Improved performance for real-time and streaming applications Application Load Balancer
No additional configuration is required to enable WebSockets or HTTP/2
Classic Load Balancers have offered IPv6 support for some time
Native support for IPv6 is supported now in Application Load Balancers
Improvements to application availability and scalability
EC2 Instance
Health checks allow for traffic to be shifted away from impaired or failed instances
ELB EC2 Instance EC2 Instance EC2 Instance Health checks ensure that request traffic is shifted away from a failed instance.
HTTP and HTTPS health checks Customize the frequency, failure thresholds, and list of successful response codes Detailed reasons for health check failures are now returned via the API and displayed in the Management Console Health Checks
Application Load Balancer will fail open should all back-ends fail the health check
Always use multiple Availability Zones
ELB VPC Customer VPC EC2 InstanceELB ELB EC2 Instance us-west-1aus-west-1b Amazon Route 53
ELB VPC Customer VPC EC2 InstanceELB ELB us-west-1aus-west-1b Amazon Route 53
6 1 Available Zone Risks Availability 2 Available Zones 6 6 100% Extra Capacity 3 Available Zones 3 3 3 50% Extra Capacity
Using multiple Availability Zones can bring a few challenges
Imbalanced Instance Capacity ELB VPC Customer VPC EC2 InstanceELB ELB us-west-1aus-west-1b Amazon Route 53 EC2 Instances
Cross-Zone Load Balancing ELB VPC Customer VPC EC2 InstanceELB ELB us-west-1aus-west-1b Amazon Route 53 EC2 Instances
Distributes requests evenly across multiple Availability Zones. Absorbs impact of DNS caching and eliminates imbalances in backend instance utilization No additional bandwidth charge for cross-zone traffic. Cross-Zone Load Balancing
Cross Zone Load Balancing enabled by default on all Application Load Balancers
Auto Scaling now supports the scaling of applications at the target group level
Application Load Balancer integrates with Auto Scaling to manage the scaling of each target group independently ELB /orders example.com EC2 Instance EC2 Instance EC2 Instance EC2 Instance /images EC2 Instance
When using Auto Scaling, keep in mind that your application may be under load during quiet times
Continued support for advanced application security features
SSL Negotiation Policies provide selection of ciphers and protocols that adhere to the latest industry best practices Optimized for balance between security and client connectivity, as testing with Amazon.com traffic New: TLSv2, TLSv3 and WinXP policies SSL Offloading
Application Load Balancer supports security groups to limit access to specified ranges
Web Application Firewall support to Application Load Balancers
SSL Negotiation Policies provide selection of ciphers and protocols that adhere to the latest industry best practices Optimized for balance between security and client connectivity, as testing with Amazon.com traffic Website Application Firewall
Improved load balancer and application monitoring
CloudWatch metrics provided for each load balancer Provide detailed insight into the health of the load balancer and application stack All metrics provided at the 1-minute granularity Amazon CloudWatch Metrics
Metrics provided at both the load balancer and target group level CloudWatch alarms can be configured to notify or take action should any metric go outside of the acceptable range Auto Scaling can use these metrics for scaling of the back-end fleet. Amazon CloudWatch Metrics
HealthyHostCount The count of the number of healthy instances in each Availability Zone Most common cause of unhealthy hosts is health check exceeding the allocated timeout Test by making repeated requests to the backend instance from another EC2 instance View at the zonal dimension
Latency Measures the elapsed time, in seconds, from when the request leaves the load balancer until the response is received Test by sending requests to the backend instance from another instance Using min, average, and max CloudWatch stats, provide upper and lower bounds for latency Debug individual requests using access logs
Rejected Connection Count The number of connections that were rejected because the load balancer could not establish a connection with a healthy target in order to route the request This replaces surge queue metrics which are used by the Classic Load Balancer Surge queues often impact client applications, which fast request rejection improves Normally a sign of an under-scaled application
Target Group Metrics The following metrics are now provided at the target group level, allowing for individual applications to be closely monitored: • RequestCount • HTTPCode_Target_2XX_Count • HTTPCode_Target_3XX_Count • HTTPCode_Target_4XX_Count • HTTPCode_Target_5XX_Count • TargetResponseTime (Latency) • UnHealthyHostCount • HealthyHostCount
Load balancer request response times are now provided with percentile dimensions Provides visibility into the 90th, 95th, 99th or 99.9th percentile of response times Allows for more meaningful, and aggressive, performance targets for applications CloudWatch Percentiles
CloudWatch Percentiles
Provide detailed information on each request processed by the load balancer Includes request time, client IP address, latencies, request path, server responses, ciphers and protocols, and user-agents Delivered to an S3 bucket every 5 or 60 minutes Access Logs
Application Load Balancers insert a unique trace identifier into each request using a custom header: X-Amzn-Trace-ID Trace identifiers are preserved through the request chain to allow for request tracing Trace identifiers are included in access logs and can also be logged by applications themselves Request Tracing
When should I use Application Load Balancer?
Classic Application Protocol TCP, SSL, HTTP, HTTPS HTTP, HTTPS Platforms EC2-Classic, EC2-VPC EC2-VPC Health checks ✔ Improved CloudWatch metrics ✔ Improved Path-based routing ✔ Container support ✔ WebSockets & HTTP/2 ✔
For TCP/SSL or EC2-Classic, use Classic Load Balancer; all other use-cases, use Application Load Balancer
Thank you!

Recommended

Amazon S3 Masterclass
Amazon S3 MasterclassAmazon S3 Masterclass
Amazon S3 Masterclass
Amazon Web Services
 
AWS Elastic Compute Cloud (EC2)
AWS Elastic Compute Cloud (EC2) AWS Elastic Compute Cloud (EC2)
AWS Elastic Compute Cloud (EC2)
zekeLabs Technologies
 
Amazon EMR Masterclass
Amazon EMR MasterclassAmazon EMR Masterclass
Amazon EMR Masterclass
Amazon Web Services
 
(DAT401) Amazon DynamoDB Deep Dive
(DAT401) Amazon DynamoDB Deep Dive(DAT401) Amazon DynamoDB Deep Dive
(DAT401) Amazon DynamoDB Deep Dive
Amazon Web Services
 
AWS CloudFormation Masterclass
AWS CloudFormation MasterclassAWS CloudFormation Masterclass
AWS CloudFormation Masterclass
Amazon Web Services
 
Cost Optimisation on AWS
Cost Optimisation on AWSCost Optimisation on AWS
Cost Optimisation on AWS
Amazon Web Services
 
Introduction to Amazon DynamoDB
Introduction to Amazon DynamoDBIntroduction to Amazon DynamoDB
Introduction to Amazon DynamoDB
Amazon Web Services
 
Elastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech TalkElastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech Talk
Amazon Web Services
 

Recommended

Amazon S3 Masterclass
Amazon S3 MasterclassAmazon S3 Masterclass
Amazon S3 Masterclass
Amazon Web Services
 
AWS Elastic Compute Cloud (EC2)
AWS Elastic Compute Cloud (EC2) AWS Elastic Compute Cloud (EC2)
AWS Elastic Compute Cloud (EC2)
zekeLabs Technologies
 
Amazon EMR Masterclass
Amazon EMR MasterclassAmazon EMR Masterclass
Amazon EMR Masterclass
Amazon Web Services
 
(DAT401) Amazon DynamoDB Deep Dive
(DAT401) Amazon DynamoDB Deep Dive(DAT401) Amazon DynamoDB Deep Dive
(DAT401) Amazon DynamoDB Deep Dive
Amazon Web Services
 
AWS CloudFormation Masterclass
AWS CloudFormation MasterclassAWS CloudFormation Masterclass
AWS CloudFormation Masterclass
Amazon Web Services
 
Cost Optimisation on AWS
Cost Optimisation on AWSCost Optimisation on AWS
Cost Optimisation on AWS
Amazon Web Services
 
Introduction to Amazon DynamoDB
Introduction to Amazon DynamoDBIntroduction to Amazon DynamoDB
Introduction to Amazon DynamoDB
Amazon Web Services
 
Elastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech TalkElastic Load Balancing Deep Dive - AWS Online Tech Talk
Elastic Load Balancing Deep Dive - AWS Online Tech Talk
Amazon Web Services
 
Intro to Amazon ECS
Intro to Amazon ECSIntro to Amazon ECS
Intro to Amazon ECS
Amazon Web Services
 
AWS Route53
AWS Route53AWS Route53
AWS Route53
zekeLabs Technologies
 
AWS Lambda
AWS LambdaAWS Lambda
AWS Lambda
Scott Leberknight
 
AWS RDS
AWS RDSAWS RDS
AWS RDS
Mahesh Raj
 
Deep Dive on AWS Lambda
Deep Dive on AWS LambdaDeep Dive on AWS Lambda
Deep Dive on AWS Lambda
Amazon Web Services
 
AWS for Backup and Recovery
AWS for Backup and RecoveryAWS for Backup and Recovery
AWS for Backup and Recovery
Amazon Web Services
 
AWS Webcast - Disaster Recovery
AWS Webcast - Disaster RecoveryAWS Webcast - Disaster Recovery
AWS Webcast - Disaster Recovery
Amazon Web Services
 
Amazon RDS Proxy 집중 탐구 - 윤석찬 :: AWS Unboxing 온라인 세미나
Amazon RDS Proxy 집중 탐구 - 윤석찬 :: AWS Unboxing 온라인 세미나Amazon RDS Proxy 집중 탐구 - 윤석찬 :: AWS Unboxing 온라인 세미나
Amazon RDS Proxy 집중 탐구 - 윤석찬 :: AWS Unboxing 온라인 세미나
Amazon Web Services Korea
 
Intro to AWS Lambda
Intro to AWS Lambda Intro to AWS Lambda
Intro to AWS Lambda
Amazon Web Services
 
Introduction to Amazon DynamoDB
Introduction to Amazon DynamoDBIntroduction to Amazon DynamoDB
Introduction to Amazon DynamoDB
Amazon Web Services
 
Deep Dive: AWS CloudFormation
Deep Dive: AWS CloudFormationDeep Dive: AWS CloudFormation
Deep Dive: AWS CloudFormation
Amazon Web Services
 
Serverless computing with AWS Lambda
Serverless computing with AWS Lambda Serverless computing with AWS Lambda
Serverless computing with AWS Lambda
Apigee | Google Cloud
 
Amazon Cognito
Amazon CognitoAmazon Cognito
Amazon Cognito
Amazon Web Services
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Web Services
 
Amazon DocumentDB - Architecture 및 Best Practice (Level 200) - 발표자: 장동훈, Sr. ...
Amazon DocumentDB - Architecture 및 Best Practice (Level 200) - 발표자: 장동훈, Sr. ...Amazon DocumentDB - Architecture 및 Best Practice (Level 200) - 발표자: 장동훈, Sr. ...
Amazon DocumentDB - Architecture 및 Best Practice (Level 200) - 발표자: 장동훈, Sr. ...
Amazon Web Services Korea
 
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM
Amazon Web Services
 
AWS CloudFront 가속 및 DDoS 방어
AWS CloudFront 가속 및 DDoS 방어AWS CloudFront 가속 및 DDoS 방어
AWS CloudFront 가속 및 DDoS 방어
Kyle(KY) Yang
 
Amazon Relational Database Service (Amazon RDS)
Amazon Relational Database Service (Amazon RDS)Amazon Relational Database Service (Amazon RDS)
Amazon Relational Database Service (Amazon RDS)
Amazon Web Services
 
Introduction to CloudFront
Introduction to CloudFrontIntroduction to CloudFront
Introduction to CloudFront
Amazon Web Services
 
Amazon EMR Deep Dive & Best Practices
Amazon EMR Deep Dive & Best PracticesAmazon EMR Deep Dive & Best Practices
Amazon EMR Deep Dive & Best Practices
Amazon Web Services
 
SRV417 Deep Dive on Elastic Load Balancing
SRV417 Deep Dive on Elastic Load BalancingSRV417 Deep Dive on Elastic Load Balancing
SRV417 Deep Dive on Elastic Load Balancing
Amazon Web Services
 
SRV417 Deep Dive on Elastic Load Balancing
SRV417 Deep Dive on Elastic Load BalancingSRV417 Deep Dive on Elastic Load Balancing
SRV417 Deep Dive on Elastic Load Balancing
Amazon Web Services
 

More Related Content

What's hot

AWS Route53
AWS Route53AWS Route53
AWS Route53
zekeLabs Technologies
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Web Services
 

What's hot (20)

Intro to Amazon ECS
Intro to Amazon ECSIntro to Amazon ECS
Intro to Amazon ECS
 
AWS Route53
AWS Route53AWS Route53
AWS Route53
 
AWS Lambda
AWS LambdaAWS Lambda
AWS Lambda
 
AWS RDS
AWS RDSAWS RDS
AWS RDS
 
Deep Dive on AWS Lambda
Deep Dive on AWS LambdaDeep Dive on AWS Lambda
Deep Dive on AWS Lambda
 
AWS for Backup and Recovery
AWS for Backup and RecoveryAWS for Backup and Recovery
AWS for Backup and Recovery
 
AWS Webcast - Disaster Recovery
AWS Webcast - Disaster RecoveryAWS Webcast - Disaster Recovery
AWS Webcast - Disaster Recovery
 
Amazon RDS Proxy 집중 탐구 - 윤석찬 :: AWS Unboxing 온라인 세미나
Amazon RDS Proxy 집중 탐구 - 윤석찬 :: AWS Unboxing 온라인 세미나Amazon RDS Proxy 집중 탐구 - 윤석찬 :: AWS Unboxing 온라인 세미나
Amazon RDS Proxy 집중 탐구 - 윤석찬 :: AWS Unboxing 온라인 세미나
 
Intro to AWS Lambda
Intro to AWS Lambda Intro to AWS Lambda
Intro to AWS Lambda
 
Introduction to Amazon DynamoDB
Introduction to Amazon DynamoDBIntroduction to Amazon DynamoDB
Introduction to Amazon DynamoDB
 
Deep Dive: AWS CloudFormation
Deep Dive: AWS CloudFormationDeep Dive: AWS CloudFormation
Deep Dive: AWS CloudFormation
 
Serverless computing with AWS Lambda
Serverless computing with AWS Lambda Serverless computing with AWS Lambda
Serverless computing with AWS Lambda
 
Amazon Cognito
Amazon CognitoAmazon Cognito
Amazon Cognito
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015
 
Amazon DocumentDB - Architecture 및 Best Practice (Level 200) - 발표자: 장동훈, Sr. ...
Amazon DocumentDB - Architecture 및 Best Practice (Level 200) - 발표자: 장동훈, Sr. ...Amazon DocumentDB - Architecture 및 Best Practice (Level 200) - 발표자: 장동훈, Sr. ...
Amazon DocumentDB - Architecture 및 Best Practice (Level 200) - 발표자: 장동훈, Sr. ...
 
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM
 
AWS CloudFront 가속 및 DDoS 방어
AWS CloudFront 가속 및 DDoS 방어AWS CloudFront 가속 및 DDoS 방어
AWS CloudFront 가속 및 DDoS 방어
 
Amazon Relational Database Service (Amazon RDS)
Amazon Relational Database Service (Amazon RDS)Amazon Relational Database Service (Amazon RDS)
Amazon Relational Database Service (Amazon RDS)
 
Introduction to CloudFront
Introduction to CloudFrontIntroduction to CloudFront
Introduction to CloudFront
 
Amazon EMR Deep Dive & Best Practices
Amazon EMR Deep Dive & Best PracticesAmazon EMR Deep Dive & Best Practices
Amazon EMR Deep Dive & Best Practices
 

Similar to Application Load Balancer and the integration with AutoScaling and ECS - Pop-up Loft TLV 2017

使用 AWS 負載平衡服務讓您的應用程式規模化
使用 AWS 負載平衡服務讓您的應用程式規模化使用 AWS 負載平衡服務讓您的應用程式規模化
使用 AWS 負載平衡服務讓您的應用程式規模化
Amazon Web Services
 

Similar to Application Load Balancer and the integration with AutoScaling and ECS - Pop-up Loft TLV 2017 (20)

SRV417 Deep Dive on Elastic Load Balancing
SRV417 Deep Dive on Elastic Load BalancingSRV417 Deep Dive on Elastic Load Balancing
SRV417 Deep Dive on Elastic Load Balancing
 
SRV417 Deep Dive on Elastic Load Balancing
SRV417 Deep Dive on Elastic Load BalancingSRV417 Deep Dive on Elastic Load Balancing
SRV417 Deep Dive on Elastic Load Balancing
 
Deep Dive on Elastic Load Balancing
Deep Dive on Elastic Load BalancingDeep Dive on Elastic Load Balancing
Deep Dive on Elastic Load Balancing
 
AWS re:Invent 2016: Elastic Load Balancing Deep Dive and Best Practices (NET403)
AWS re:Invent 2016: Elastic Load Balancing Deep Dive and Best Practices (NET403)AWS re:Invent 2016: Elastic Load Balancing Deep Dive and Best Practices (NET403)
AWS re:Invent 2016: Elastic Load Balancing Deep Dive and Best Practices (NET403)
 
使用 AWS 負載平衡服務讓您的應用程式規模化
使用 AWS 負載平衡服務讓您的應用程式規模化使用 AWS 負載平衡服務讓您的應用程式規模化
使用 AWS 負載平衡服務讓您的應用程式規模化
 
(SDD423) Elastic Load Balancing Deep Dive and Best Practices | AWS re:Invent ...
(SDD423) Elastic Load Balancing Deep Dive and Best Practices | AWS re:Invent ...(SDD423) Elastic Load Balancing Deep Dive and Best Practices | AWS re:Invent ...
(SDD423) Elastic Load Balancing Deep Dive and Best Practices | AWS re:Invent ...
 
Meetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practicesMeetup #4: AWS ELB Deep dive & Best practices
Meetup #4: AWS ELB Deep dive & Best practices
 
Elastic Load Balancing Deep Dive and Best Practices - Pop-up Loft Tel Aviv
Elastic Load Balancing Deep Dive and Best Practices - Pop-up Loft Tel AvivElastic Load Balancing Deep Dive and Best Practices - Pop-up Loft Tel Aviv
Elastic Load Balancing Deep Dive and Best Practices - Pop-up Loft Tel Aviv
 
Deep Dive on Elastic Load Balancing
Deep Dive on Elastic Load BalancingDeep Dive on Elastic Load Balancing
Deep Dive on Elastic Load Balancing
 
Delivering High-Availability Web Services with NGINX Plus on AWS
Delivering High-Availability Web Services with NGINX Plus on AWSDelivering High-Availability Web Services with NGINX Plus on AWS
Delivering High-Availability Web Services with NGINX Plus on AWS
 
AWS Elastic Load Balancing for AWS Architect & SysOps Certification
AWS Elastic Load Balancing for AWS Architect & SysOps CertificationAWS Elastic Load Balancing for AWS Architect & SysOps Certification
AWS Elastic Load Balancing for AWS Architect & SysOps Certification
 
AWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancingAWS Atlanta meetup load-balancing
AWS Atlanta meetup load-balancing
 
AWS_ELB_ppt.pptx
AWS_ELB_ppt.pptxAWS_ELB_ppt.pptx
AWS_ELB_ppt.pptx
 
(CMP401) Elastic Load Balancing Deep Dive and Best Practices
(CMP401) Elastic Load Balancing Deep Dive and Best Practices(CMP401) Elastic Load Balancing Deep Dive and Best Practices
(CMP401) Elastic Load Balancing Deep Dive and Best Practices
 
Deep Dive on Elastic Load Balancing
Deep Dive on Elastic Load BalancingDeep Dive on Elastic Load Balancing
Deep Dive on Elastic Load Balancing
 
AWS re:Invent 2016: From EC2 to ECS: How Capital One uses Application Load Ba...
AWS re:Invent 2016: From EC2 to ECS: How Capital One uses Application Load Ba...AWS re:Invent 2016: From EC2 to ECS: How Capital One uses Application Load Ba...
AWS re:Invent 2016: From EC2 to ECS: How Capital One uses Application Load Ba...
 
E301 Elastic Beanstalk PaaS
E301 Elastic Beanstalk PaaSE301 Elastic Beanstalk PaaS
E301 Elastic Beanstalk PaaS
 
AWS ELB
AWS ELBAWS ELB
AWS ELB
 
Aws elastic beanstalk
Aws elastic beanstalkAws elastic beanstalk
Aws elastic beanstalk
 
Scalable Web Apps - Journey Through the Cloud
Scalable Web Apps - Journey Through the CloudScalable Web Apps - Journey Through the Cloud
Scalable Web Apps - Journey Through the Cloud
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Amazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 

Recently uploaded (20)

Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Application Load Balancer and the integration with AutoScaling and ECS - Pop-up Loft TLV 2017

  • 1. Iftach Ragoler, Head of Engineering, Elastic Load Balancing 03/23/2017 Elastic Load Balancing Deep Dive
  • 3. Load Balancer used to route incoming requests to multiple EC2 instances. ELB EC2 Instance EC2 Instance EC2 Instance
  • 4. Elastic Load Balancing automatically distributes incoming application traffic across multiple applications, microservices and containers hosted on Amazon EC2 instances.
  • 6. Elastic Load Balancing provides high availability by utilizing multiple Availability Zones
  • 8. Layer 7 (application)Layer 4 (network) Supports TCP and SSL Incoming client connection bound to server connection No header modification Proxy Protocol prepends source and destination IP and ports to request Supports HTTP and HTTPS Connection terminated at the load balancer and pooled to the server Headers may be modified X-Forwarded-For header contains client IP address
  • 9. Application Load Balancer Advanced request routing with support for microservices and container-based applications.
  • 10. Classic Application Protocol TCP, SSL, HTTP, HTTPS HTTP, HTTPS Platforms EC2-Classic, EC2-VPC EC2-VPC Health checks ✔ Improved CloudWatch metrics ✔ Improved Path-based routing ✔ Container support ✔ WebSockets & HTTP/2 ✔
  • 11. New, feature rich, layer 7 load balancing platform Fully-managed, scalable and highly available load balancing platform Content-based routing allows requests to be routed to different applications behind a single load balancer Application Load Balancer
  • 12. Application Load Balancer allows for multiple applications to be hosted behind a single load balancer
  • 13. EC2 instances registered behind a Classic Load Balancer ELB EC2 Instance EC2 Instance EC2 Instance
  • 14. Running two separate applications with Classic Load Balancer requires multiple load balancers ELB EC2 Instance EC2 Instance EC2 Instance EC2 Instance EC2 Instance ELB EC2 Instance orders.example.com images.example.com
  • 16. Multiple applications behind a single load balancer provides a significant cost saving
  • 17. Consider blast radius and isolation when grouping applications behind a single load balancer
  • 18. Application Load Balancer provides native support for microservice and container-based architectures
  • 19. Instances can be registered with multiple ports, allowing for requests to be routed to multiple containers on a single instance ECS will automatically register tasks with the load balancer using a dynamic port mapping Can also be used with other container technologies Application Load Balancer
  • 20. ELB /orders example.com EC2 Instance EC2 Instance EC2 Instance /images Application Load Balancer allows containers to be registered with the load balancerECS Container ECS Container ECS Container
  • 21. Microservice and container-based architectures provide further cost savings by improving resource utilization
  • 22. New API version provided for creating, configuring and managing Application Load Balancers Follows latest AWS best practices for resource identifiers and API design Provides several new resource types, including target groups, targets and rules Application Load Balancer
  • 24. Define the protocol and port on which the load balancer listens for incoming connections Each load balancer needs at least one listener to accept incoming traffic, and can support up to 10 listeners Routing rules are defined on listeners Listeners
  • 25. Load Balancer Listener Listener Target Group #1 Health Check Health Check Health Check Target Group #2 Target Group #3
  • 26. Logical grouping of targets behind a load balancer Target groups can be exist independently from the load balancer, and be associated with a load balancer when needed Regional construct that can be associated with AutoScaling group Target Groups
  • 27. Load Balancer Target Group #1 Health Check Health Check Health Check EC2 EC2 EC2 EC2 EC2 EC2 ECS ECS ECS Listener Listener Target Group #2 Target Group #3
  • 28. Logical load balancing target, which can be an EC2 instances, micro-service or container-based application EC2 instances can be registered with the same target group using multiple ports A single target can be registered with multiple target groups Targets
  • 29. Load Balancer Target Group #1 Health Check Health Check Health Check EC2 EC2 EC2 EC2 EC2 EC2 ECS ECS ECS Listener Listener Target Group #2 Target Group #3 Rule (default) Rule (*/img/*) Rule (default)
  • 30. Provide the link between listeners and target groups and consist of conditions and actions When a request meets the condition of the rule, the associated action is taken Today, rules can forward requests to a specified target group Rules
  • 31. Conditions can be specified in path pattern format A path pattern is case sensitive, can be up to 128 characters in length, and can contain any of the following characters: • A-Z, a-z, 0-9 • _ - . $ / ~ " ' @ : + • & (using &) • * (matches 0 or more characters) • ? (matches exactly 1 character) Rules (continued)
  • 32. Load Balancer Target Group #1 Health Check Health Check Health Check EC2 EC2 EC2 EC2 EC2 EC2 ECS ECS ECS Listener Rule (default) Rule (*/img/*) Listener Rule (default) Target Group #2 Target Group #3
  • 33. Today, load balancers support up to 10 rules
  • 34. Support for up to 100 rules coming soon to Application Load Balancers
  • 35. Use API deletion protection to prevent a load balancer from being erroneously deleted
  • 36. Application Load Balancer provides improved performance for Internet applications
  • 37. Native support for WebSockets, supporting full-duplex communication channels over a single TCP connection Support for HTTP/2 provides improved page load times from most of today’s browsers Improved performance for real-time and streaming applications Application Load Balancer
  • 38. No additional configuration is required to enable WebSockets or HTTP/2
  • 39. Classic Load Balancers have offered IPv6 support for some time
  • 40. Native support for IPv6 is supported now in Application Load Balancers
  • 43. Health checks allow for traffic to be shifted away from impaired or failed instances
  • 44. ELB EC2 Instance EC2 Instance EC2 Instance Health checks ensure that request traffic is shifted away from a failed instance.
  • 45. HTTP and HTTPS health checks Customize the frequency, failure thresholds, and list of successful response codes Detailed reasons for health check failures are now returned via the API and displayed in the Management Console Health Checks
  • 46. Application Load Balancer will fail open should all back-ends fail the health check
  • 48. ELB VPC Customer VPC EC2 InstanceELB ELB EC2 Instance us-west-1aus-west-1b Amazon Route 53
  • 49. ELB VPC Customer VPC EC2 InstanceELB ELB us-west-1aus-west-1b Amazon Route 53
  • 50. 6 1 Available Zone Risks Availability 2 Available Zones 6 6 100% Extra Capacity 3 Available Zones 3 3 3 50% Extra Capacity
  • 51. Using multiple Availability Zones can bring a few challenges
  • 52. Imbalanced Instance Capacity ELB VPC Customer VPC EC2 InstanceELB ELB us-west-1aus-west-1b Amazon Route 53 EC2 Instances
  • 53. Cross-Zone Load Balancing ELB VPC Customer VPC EC2 InstanceELB ELB us-west-1aus-west-1b Amazon Route 53 EC2 Instances
  • 54. Distributes requests evenly across multiple Availability Zones. Absorbs impact of DNS caching and eliminates imbalances in backend instance utilization No additional bandwidth charge for cross-zone traffic. Cross-Zone Load Balancing
  • 55. Cross Zone Load Balancing enabled by default on all Application Load Balancers
  • 56. Auto Scaling now supports the scaling of applications at the target group level
  • 57. Application Load Balancer integrates with Auto Scaling to manage the scaling of each target group independently ELB /orders example.com EC2 Instance EC2 Instance EC2 Instance EC2 Instance /images EC2 Instance
  • 58. When using Auto Scaling, keep in mind that your application may be under load during quiet times
  • 59. Continued support for advanced application security features
  • 60. SSL Negotiation Policies provide selection of ciphers and protocols that adhere to the latest industry best practices Optimized for balance between security and client connectivity, as testing with Amazon.com traffic New: TLSv2, TLSv3 and WinXP policies SSL Offloading
  • 61. Application Load Balancer supports security groups to limit access to specified ranges
  • 62. Web Application Firewall support to Application Load Balancers
  • 63. SSL Negotiation Policies provide selection of ciphers and protocols that adhere to the latest industry best practices Optimized for balance between security and client connectivity, as testing with Amazon.com traffic Website Application Firewall
  • 64. Improved load balancer and application monitoring
  • 65. CloudWatch metrics provided for each load balancer Provide detailed insight into the health of the load balancer and application stack All metrics provided at the 1-minute granularity Amazon CloudWatch Metrics
  • 66. Metrics provided at both the load balancer and target group level CloudWatch alarms can be configured to notify or take action should any metric go outside of the acceptable range Auto Scaling can use these metrics for scaling of the back-end fleet. Amazon CloudWatch Metrics
  • 67. HealthyHostCount The count of the number of healthy instances in each Availability Zone Most common cause of unhealthy hosts is health check exceeding the allocated timeout Test by making repeated requests to the backend instance from another EC2 instance View at the zonal dimension
  • 68. Latency Measures the elapsed time, in seconds, from when the request leaves the load balancer until the response is received Test by sending requests to the backend instance from another instance Using min, average, and max CloudWatch stats, provide upper and lower bounds for latency Debug individual requests using access logs
  • 69. Rejected Connection Count The number of connections that were rejected because the load balancer could not establish a connection with a healthy target in order to route the request This replaces surge queue metrics which are used by the Classic Load Balancer Surge queues often impact client applications, which fast request rejection improves Normally a sign of an under-scaled application
  • 70. Target Group Metrics The following metrics are now provided at the target group level, allowing for individual applications to be closely monitored: • RequestCount • HTTPCode_Target_2XX_Count • HTTPCode_Target_3XX_Count • HTTPCode_Target_4XX_Count • HTTPCode_Target_5XX_Count • TargetResponseTime (Latency) • UnHealthyHostCount • HealthyHostCount
  • 71. Load balancer request response times are now provided with percentile dimensions Provides visibility into the 90th, 95th, 99th or 99.9th percentile of response times Allows for more meaningful, and aggressive, performance targets for applications CloudWatch Percentiles
  • 73. Provide detailed information on each request processed by the load balancer Includes request time, client IP address, latencies, request path, server responses, ciphers and protocols, and user-agents Delivered to an S3 bucket every 5 or 60 minutes Access Logs
  • 74. Application Load Balancers insert a unique trace identifier into each request using a custom header: X-Amzn-Trace-ID Trace identifiers are preserved through the request chain to allow for request tracing Trace identifiers are included in access logs and can also be logged by applications themselves Request Tracing
  • 75. When should I use Application Load Balancer?
  • 76. Classic Application Protocol TCP, SSL, HTTP, HTTPS HTTP, HTTPS Platforms EC2-Classic, EC2-VPC EC2-VPC Health checks ✔ Improved CloudWatch metrics ✔ Improved Path-based routing ✔ Container support ✔ WebSockets & HTTP/2 ✔
  • 77. For TCP/SSL or EC2-Classic, use Classic Load Balancer; all other use-cases, use Application Load Balancer

Editor's Notes

  1. We’ve all started here, a single instance serving a basic application. It does not take much to realize that this is not an architecture you’d want to take into production. From an availability point of view, you don’t have much hope. From a scalability point of view, you’re down to what a single EC2 instance can support with no plan to add capacity if required.
  2. Elastic Load Balancing allows you to route application request traffic over 1 to many EC2 instances and ensures that any failed instances does not impact your customers by removing them from service. This is how you want your application to look
  3. Elastic: scales dynamically as request load increases, we watch all different metrics, throughput CPU, memory, and scale accordingly Secure: support for end-to-end traffic encryption using latest protocols and ciphers, we handle the SSL for you so you can focus on building awesome applications Integrated: Amazon EC2, Auto Scaling, Beanstalk, CloudWatch and Route 53, ECS Cost Effective: cheaper to run an ELB then to try and do yourself with EC2 only pay for what you use - ~$18.50 per month plus a bandwidth charge, ELB becomes cheaper with scale, the larger you get
  4. EXPLAIN WE WANT AZS FOR FAILURES…. EC2-VPC Architecture for the load balancer. Customers instances in their VPC, spread across two subnets (shown in blue). Load Balancer nodes in a separate VPC, owned by the ELB account. Customer associates subnet with ELB when it is created. ELB takes 2 ENIs from the customers account and attaches them to each load balancer node This is how we give you control using security groups, and how we get very very secure access into your network If public ELB put public IP, if internal, private, which will only be accesible from inside VPC Amazon Route 53 used for DNS and used round robin to direct traffic to each of the load balancer nodes. You get the ELB DNS name from the API, that you can CNAME to or use the R53 alias feature We are HUGE supporters of R53… highly recommend you guys take a look at the health check feature
  5. Connections: TCP: each connection terminated to LB, but bound to the connection on the back-end; we don’t look at it, just flip it to the backend If you want to to SSL on backend, you can just pass through and do it yourself HTTP: a connection pool is used to the back-end instance. Headers: TCP: the headers are left unchanged and forwarded to the back-end instance HTTP: headers may be inserted depending on the features that are enabled on the load balancer., for example x-forwarded-for Source IP: Since ELB proxies all incoming connection, the back-end instance will see the connection coming from the ELB nodes themselves. TCP: proxy protocol can be used to retrieve the source IP address and port, we append this to the front of the packet HTTP: X-Forwarded-For appended to header contains the source IP address. Algorithms: TCP: round robin is used., the reason for this is no connection pooling, we don’t look at the packet HTTP: least outstanding requests, which is a request-based form of the leastconns algorithm is used, ELB with fewest outstadding requests will get the next request Sticky Sessions: although we always recommend architectures that utilize caching off instance, such as ElastiCache, we do support cookie-based sticky sessions for HTTP listeners.
  6. Connections: TCP: each connection terminated to LB, but bound to the connection on the back-end; we don’t look at it, just flip it to the backend If you want to to SSL on backend, you can just pass through and do it yourself HTTP: a connection pool is used to the back-end instance. Headers: TCP: the headers are left unchanged and forwarded to the back-end instance HTTP: headers may be inserted depending on the features that are enabled on the load balancer., for example x-forwarded-for Source IP: Since ELB proxies all incoming connection, the back-end instance will see the connection coming from the ELB nodes themselves. TCP: proxy protocol can be used to retrieve the source IP address and port, we append this to the front of the packet HTTP: X-Forwarded-For appended to header contains the source IP address. Algorithms: TCP: round robin is used., the reason for this is no connection pooling, we don’t look at the packet HTTP: least outstanding requests, which is a request-based form of the leastconns algorithm is used, ELB with fewest outstadding requests will get the next request Sticky Sessions: although we always recommend architectures that utilize caching off instance, such as ElastiCache, we do support cookie-based sticky sessions for HTTP listeners.
  7. We built a special relationship with EC2 to get you your cross zone traffic for free
  8. Elastic Load Balancing allows you to route application request traffic over 1 to many EC2 instances and ensures that any failed instances does not impact your customers by removing them from service. This is how you want your application to look
  9. Elastic Load Balancing allows you to route application request traffic over 1 to many EC2 instances and ensures that any failed instances does not impact your customers by removing them from service. This is how you want your application to look
  10. Elastic Load Balancing allows you to route application request traffic over 1 to many EC2 instances and ensures that any failed instances does not impact your customers by removing them from service. This is how you want your application to look
  11. TCP health checks are shallow, they really just require power to your network card, typically we see customers using these since they could not get HTTP to work with their application, good chance TCP could be working, but application not working How deep should your check go? The should go deep enough to remove an individual node, this can be a whole additional talk If you have a health check that goes too deep, and there is a shared dependency across all nodes, for example your health check actually makes a DB call, and the DB goes down, and execute an actual full customer path, all nodes will be removed from the ELB, and we’ll start throwing 503s, so make sure you remove your shared dependencies from your health checks and monitor those separately
  12. Elastic Load Balancing allows you to route application request traffic over 1 to many EC2 instances and ensures that any failed instances does not impact your customers by removing them from service. This is how you want your application to look
  13. We built a special relationship with EC2 to get you your cross zone traffic for free
  14. EXPLAIN WE WANT AZS FOR FAILURES…. EC2-VPC Architecture for the load balancer. Customers instances in their VPC, spread across two subnets (shown in blue). Load Balancer nodes in a separate VPC, owned by the ELB account. Customer associates subnet with ELB when it is created. ELB takes 2 ENIs from the customers account and attaches them to each load balancer node This is how we give you control using security groups, and how we get very very secure access into your network If public ELB put public IP, if internal, private, which will only be accesible from inside VPC Amazon Route 53 used for DNS and used round robin to direct traffic to each of the load balancer nodes. You get the ELB DNS name from the API, that you can CNAME to or use the R53 alias feature We are HUGE supporters of R53… highly recommend you guys take a look at the health check feature
  15. TCP health checks are shallow, they really just require power to your network card, typically we see customers using these since they could not get HTTP to work with their application, good chance TCP could be working, but application not working How deep should your check go? The should go deep enough to remove an individual node, this can be a whole additional talk If you have a health check that goes too deep, and there is a shared dependency across all nodes, for example your health check actually makes a DB call, and the DB goes down, and execute an actual full customer path, all nodes will be removed from the ELB, and we’ll start throwing 503s, so make sure you remove your shared dependencies from your health checks and monitor those separately
  16. EXPLAIN WE WANT AZS FOR FAILURES…. EC2-VPC Architecture for the load balancer. Customers instances in their VPC, spread across two subnets (shown in blue). Load Balancer nodes in a separate VPC, owned by the ELB account. Customer associates subnet with ELB when it is created. ELB takes 2 ENIs from the customers account and attaches them to each load balancer node This is how we give you control using security groups, and how we get very very secure access into your network If public ELB put public IP, if internal, private, which will only be accesible from inside VPC Amazon Route 53 used for DNS and used round robin to direct traffic to each of the load balancer nodes. You get the ELB DNS name from the API, that you can CNAME to or use the R53 alias feature We are HUGE supporters of R53… highly recommend you guys take a look at the health check feature
  17. TCP health checks are shallow, they really just require power to your network card, typically we see customers using these since they could not get HTTP to work with their application, good chance TCP could be working, but application not working How deep should your check go? The should go deep enough to remove an individual node, this can be a whole additional talk If you have a health check that goes too deep, and there is a shared dependency across all nodes, for example your health check actually makes a DB call, and the DB goes down, and execute an actual full customer path, all nodes will be removed from the ELB, and we’ll start throwing 503s, so make sure you remove your shared dependencies from your health checks and monitor those separately
  18. EXPLAIN WE WANT AZS FOR FAILURES…. EC2-VPC Architecture for the load balancer. Customers instances in their VPC, spread across two subnets (shown in blue). Load Balancer nodes in a separate VPC, owned by the ELB account. Customer associates subnet with ELB when it is created. ELB takes 2 ENIs from the customers account and attaches them to each load balancer node This is how we give you control using security groups, and how we get very very secure access into your network If public ELB put public IP, if internal, private, which will only be accesible from inside VPC Amazon Route 53 used for DNS and used round robin to direct traffic to each of the load balancer nodes. You get the ELB DNS name from the API, that you can CNAME to or use the R53 alias feature We are HUGE supporters of R53… highly recommend you guys take a look at the health check feature
  19. TCP health checks are shallow, they really just require power to your network card, typically we see customers using these since they could not get HTTP to work with their application, good chance TCP could be working, but application not working How deep should your check go? The should go deep enough to remove an individual node, this can be a whole additional talk If you have a health check that goes too deep, and there is a shared dependency across all nodes, for example your health check actually makes a DB call, and the DB goes down, and execute an actual full customer path, all nodes will be removed from the ELB, and we’ll start throwing 503s, so make sure you remove your shared dependencies from your health checks and monitor those separately
  20. EXPLAIN WE WANT AZS FOR FAILURES…. EC2-VPC Architecture for the load balancer. Customers instances in their VPC, spread across two subnets (shown in blue). Load Balancer nodes in a separate VPC, owned by the ELB account. Customer associates subnet with ELB when it is created. ELB takes 2 ENIs from the customers account and attaches them to each load balancer node This is how we give you control using security groups, and how we get very very secure access into your network If public ELB put public IP, if internal, private, which will only be accesible from inside VPC Amazon Route 53 used for DNS and used round robin to direct traffic to each of the load balancer nodes. You get the ELB DNS name from the API, that you can CNAME to or use the R53 alias feature We are HUGE supporters of R53… highly recommend you guys take a look at the health check feature
  21. TCP health checks are shallow, they really just require power to your network card, typically we see customers using these since they could not get HTTP to work with their application, good chance TCP could be working, but application not working How deep should your check go? The should go deep enough to remove an individual node, this can be a whole additional talk If you have a health check that goes too deep, and there is a shared dependency across all nodes, for example your health check actually makes a DB call, and the DB goes down, and execute an actual full customer path, all nodes will be removed from the ELB, and we’ll start throwing 503s, so make sure you remove your shared dependencies from your health checks and monitor those separately
  22. TCP health checks are shallow, they really just require power to your network card, typically we see customers using these since they could not get HTTP to work with their application, good chance TCP could be working, but application not working How deep should your check go? The should go deep enough to remove an individual node, this can be a whole additional talk If you have a health check that goes too deep, and there is a shared dependency across all nodes, for example your health check actually makes a DB call, and the DB goes down, and execute an actual full customer path, all nodes will be removed from the ELB, and we’ll start throwing 503s, so make sure you remove your shared dependencies from your health checks and monitor those separately
  23. EXPLAIN WE WANT AZS FOR FAILURES…. EC2-VPC Architecture for the load balancer. Customers instances in their VPC, spread across two subnets (shown in blue). Load Balancer nodes in a separate VPC, owned by the ELB account. Customer associates subnet with ELB when it is created. ELB takes 2 ENIs from the customers account and attaches them to each load balancer node This is how we give you control using security groups, and how we get very very secure access into your network If public ELB put public IP, if internal, private, which will only be accesible from inside VPC Amazon Route 53 used for DNS and used round robin to direct traffic to each of the load balancer nodes. You get the ELB DNS name from the API, that you can CNAME to or use the R53 alias feature We are HUGE supporters of R53… highly recommend you guys take a look at the health check feature
  24. We built a special relationship with EC2 to get you your cross zone traffic for free
  25. We’ve all started here, a single instance serving a basic application. It does not take much to realize that this is not an architecture you’d want to take into production. From an availability point of view, you don’t have much hope. From a scalability point of view, you’re down to what a single EC2 instance can support with no plan to add capacity if required.
  26. Describe instance health has to be called One of our awesome features to help you maintain a good experience for your customers, and proactively notify you of potential issues Mitigating failures is a hugely important feature of ELB One of the machines starts having issues Health check is reaching out to backend at an interval set by you the customer Anything but a 200 is not healthy, and we will fail away from that instance in event of the failure You get notified, fix the issue, then the backend is marked as healthy, and ELB starts routing traffic again
  27. TCP health checks are shallow, they really just require power to your network card, typically we see customers using these since they could not get HTTP to work with their application, good chance TCP could be working, but application not working How deep should your check go? The should go deep enough to remove an individual node, this can be a whole additional talk If you have a health check that goes too deep, and there is a shared dependency across all nodes, for example your health check actually makes a DB call, and the DB goes down, and execute an actual full customer path, all nodes will be removed from the ELB, and we’ll start throwing 503s, so make sure you remove your shared dependencies from your health checks and monitor those separately
  28. Please please make sure you are using multiple Azs for all of your applications! Dotted line is Azs R53 on top left, does the load balancing between the Azs using roud robin Works very well as long as clients are resolving DNS
  29. We believe so strongly in multiple AZ that we will use multi AZ even if you don’t We will always use 2 Azs And in order for this to work we need 2 subnets from you Even you don’t have instances in that second AZ, that’s fine
  30. Here you can see the one AZ is running hot since it only has 1 instance, the other AZ has 3 instances Some customers might run like this, however, usually it’s either a deployment, or you may have problem with some instances Ideally you want to allocate traffic evenly across ALL instances
  31. Cross Zone LB can solve this problem If client does not obey DNS, we will absorb the balance, bad client might be hitting me in one AZ, but we will scale up and still distribute across all AZs
  32. We built a special relationship with EC2 to get you your cross zone traffic for free
  33. Elastic Load Balancing allows you to route application request traffic over 1 to many EC2 instances and ensures that any failed instances does not impact your customers by removing them from service. This is how you want your application to look
  34. TCP health checks are shallow, they really just require power to your network card, typically we see customers using these since they could not get HTTP to work with their application, good chance TCP could be working, but application not working How deep should your check go? The should go deep enough to remove an individual node, this can be a whole additional talk If you have a health check that goes too deep, and there is a shared dependency across all nodes, for example your health check actually makes a DB call, and the DB goes down, and execute an actual full customer path, all nodes will be removed from the ELB, and we’ll start throwing 503s, so make sure you remove your shared dependencies from your health checks and monitor those separately
  35. TCP health checks are shallow, they really just require power to your network card, typically we see customers using these since they could not get HTTP to work with their application, good chance TCP could be working, but application not working How deep should your check go? The should go deep enough to remove an individual node, this can be a whole additional talk If you have a health check that goes too deep, and there is a shared dependency across all nodes, for example your health check actually makes a DB call, and the DB goes down, and execute an actual full customer path, all nodes will be removed from the ELB, and we’ll start throwing 503s, so make sure you remove your shared dependencies from your health checks and monitor those separately
  36. CW Metrics Amazed at times when customers do not know how many metrics we actually make available With ELB we give you 1 min by default all the time
  37. CW Metrics Amazed at times when customers do not know how many metrics we actually make available With ELB we give you 1 min by default all the time
  38. HealthHost and Unhealth host count, sum should always be backend instances behidn the load balancer This comes back to the health check we discussed earlier The most common reason for unhealthy hosts is timeouts! Looks to them health check succeeds, but it took to long to respond Check from another EC2 instance and see why failing
  39. This is the other very interesting metric This measures the time after we sent the first byte to when we receive the first byte of response from the backend Very good indication of how your app is doing
  40. Surge queue is a que in the LB where we will queue requests if you don’t have enough backend capacity We will queue them as best we can, we can hold 1024 requests but then we’ll start dropping Amazon has dropped all surge queues, you can see clients timing out on surge queus and sets problems If you see this metric, usually indication of under scaled
  41. You can auto scale on all CW metrics, surge queue might be late, but latency could be a great one You may be at peak multiple times a day! Important to consider all possible bottlenecks, you may be scaling on CPU, but need to watch IO, memory, etc. different traffic patterns might use different resources Also many people are under scale at the troughs, they remove too much capacity at the trough of their curve
  42. CW Metrics Amazed at times when customers do not know how many metrics we actually make available With ELB we give you 1 min by default all the time
  43. CW Metrics Amazed at times when customers do not know how many metrics we actually make available With ELB we give you 1 min by default all the time
  44. Access logs very useful do dive further, and no which event is driving high latency, requests every single request going through LB Example of customer with very high latencies that were able to diagnose the issue using Access Logs. Integrated with other log providers like Splunk to give near time traffic analysis So if you saw a latency spike you can see THE request that caused the problem
  45. Access logs very useful do dive further, and no which event is driving high latency, requests every single request going through LB Example of customer with very high latencies that were able to diagnose the issue using Access Logs. Integrated with other log providers like Splunk to give near time traffic analysis So if you saw a latency spike you can see THE request that caused the problem
  46. Connections: TCP: each connection terminated to LB, but bound to the connection on the back-end; we don’t look at it, just flip it to the backend If you want to to SSL on backend, you can just pass through and do it yourself HTTP: a connection pool is used to the back-end instance. Headers: TCP: the headers are left unchanged and forwarded to the back-end instance HTTP: headers may be inserted depending on the features that are enabled on the load balancer., for example x-forwarded-for Source IP: Since ELB proxies all incoming connection, the back-end instance will see the connection coming from the ELB nodes themselves. TCP: proxy protocol can be used to retrieve the source IP address and port, we append this to the front of the packet HTTP: X-Forwarded-For appended to header contains the source IP address. Algorithms: TCP: round robin is used., the reason for this is no connection pooling, we don’t look at the packet HTTP: least outstanding requests, which is a request-based form of the leastconns algorithm is used, ELB with fewest outstadding requests will get the next request Sticky Sessions: although we always recommend architectures that utilize caching off instance, such as ElastiCache, we do support cookie-based sticky sessions for HTTP listeners.