AWS::: Developer ::: Section 7: AWS Fundamentals: ELB + ASG

 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 

58. High Availability and Scalability


Lets talk about Horizontal. 

 







59. Elastic Load Balancing (ELB) Overview






Lets explore this concept in deeper down. 

 




 Finally you need to under the security around load balancers .

  • The users can access the load balancer from anywhere so the security group for the rule is going to look something like this .

 

But the cool thing is that the EC2 instance should only allow traffic coming from Load Balancers . Therefore your security group rule is going to looks something different . So it is going to allow http traffic on port 80

And the source of it is not going to be an IP range it is going to a security group.


So we are going to link the security group of the EC2 instance to the Load Balancer. And it going to tell that the EC2 instance will serve the request only if the load is originating from a Load Balancer which is an enhanced security Mechanism .


60. Classic Load Balancer (CLB) :

 


61. Classic Load Balancer (CLB) with Hands On

 Hand On

Lets launch an EC2  instance first for that,

Now lets go to Load Balancer on the left hand side.



Click Create Load Balancer



Click on Create on "Classic Load Balancer "

We will create a New Security Group .

W
We are got to allow HTTP traffic so choose http on this above screen check the below screen for changes.


IPv6 is not supported by Classic Load Balancer.

Next Health Check

We
We need to check what is to be checked on our EC2 instance 

Ping path is something that you place after the IP address/ping_path

The response time must be less than the interval

Next Add EC2 instance


Now we are going to access  using the DNS name listed on the classic load balancer.

 

And if the Browser shows up , that mean the classic load balancer is working.


What is it didnt work and what if there was an instance that was unhealthy . The instance is unhealthy due to security groups . 

So we will go into security groups


Go to Inbound Rules


Removing all http rules right here.

Therefore this instance is not accessible over the website


Because there is no port 80 available here,


That mean for example in my EC2 instance over the load balancer page show "Outofservice"


This could be one reason the instance is out of service. The other reason does not work is because the hello world does not work or the boot strap script does not work. These are the two reasons why these would not work. 

So lets go back to our instance


Go to inbound. Add the security group rule http to the port number 80.


And save the rule. When we have this we can access our instance both from the public IP and the DNS and from the classic load balancer which is not working now because i need to wait for the instance to go back to

Once it is back in service in actions. Then the website works.

We can access EC2 instances directly and also through load balancer .

But we would like to tighten the security.

In order to receive the inbound traffic only from a load balancer. Give the security group of Load balancers.


So we are allowing any traffic from the load balancer into the security group of EC2 instance.


Therefore no users cannot access the EC2 instance directly now they can only access the EC2 instance via the ELB.

Lets show the power of load balancer by adding more instances. We added two more EC2 instances.

And now we go to Classic load balancer and add these instances to it.

 




Three instance are InService now. So now when you refresh the browser everytime it shows different IP addresses which means each time it is using a different servers at the background from the three EC2 instances .

63. Application Load Balancer (ALB) - Hands On

Lets practice creating an Application Load Balancer :



Since want to access it publicly we want to use an Internet facing scheme.


Next we need to specify an network mapping


As well as how many subnets , tick all three subnets


And they will automatically get the right subnet assigned to them. 

Next we need to assign a security group to our load balancers


And then Listeners & Routing .

This says if some one is accessing our load balancer at the http protocol to port 80 and then we need to create a Target Group for this.  dp


Click on "Create target group" below highlighted in Blue.  And this is going to be based on instances.

The one that we want to use is instances .




We are going to register 2 out of the three instances we have .

 


 I will tell you why only 2 after


Click - Create Target Group 


Now back into out load balancer we can refresh this. 


The summary of the ALB

Now our ALB is provisioned and now we can go to our ALB copy the DNS name 

And copy it on to the browser .


And if you refersh each time and get a different IP then your ALB is in place.

Because this is an ALB we get some benefits . To prove this to I am going to Target Groups on the left

 So I am going to create a second target group .

 


 

The missing instance that we didnt select for the last Target Group ,

Click we Include as pending below.



Now we have a second target group .

Now the cool thing is that when we go back to our ALB now. We have multiple listeners to re-target to multiple listeners 

We can edit the rules

Click "View / edit rules "
 
to start leveraging other target groups .


So I can add a rule in here by adding plus symbol


Click on Insert Rule above 

If the path is /test then you must forward it to my second target group.


So we have two rules now.


You can set multiple rules. We can clearly see how we are cleary way more powerful than classic load balancer.

So if you say ipaddress/test it should point to the other target group. But here since we didnt deploy anything as test on the EC2 instance you will get an error .









 


 

 

 

 


Comments

Post a Comment

Popular posts from this blog

AWS Data Replication

Data replication in AWS refers to the process of duplicating and maintaining copies of data across different locations, regions, or availability zones within the Amazon Web Services (AWS) cloud infrastructure. Data replication is a crucial aspect of building robust, highly available, and disaster-resistant architectures. AWS provides several services and options for implementing data replication strategies: Amazon S3 Cross-Region Replication: Amazon Simple Storage Service (S3) offers cross-region replication, which allows you to automatically copy objects from a source bucket in one AWS region to a destination bucket in another AWS region. This provides data redundancy and disaster recovery capabilities. https://www.youtube.com/watch?v=rZUIOMPko8g Amazon S3 Same-Region Replication: Within the same AWS region, you can configure same-region replication between two S3 buckets. This can be used for maintaining copies of data for different purposes, such as backup or analytics. https://ww...
Read more

AWS SysOps

Image
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ SysOps :   +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Section 3: EC2 For SysOps Section 4 : AMI machine image Section 5 : Manage EC2 instance at scale ./ Systems manager (SSM) & Opswork Section 6: EC2 High Availability and Scalability Section 9 : EC2 Storage and data management EBS and EFS Section 10 : S3 Fundamentals  Section 11 : S3 Storage and Data Management - For SysOps Section 20 : Networking Route 53 Section 21 : Networking - VPC  Section 3: EC2 For SysOps : 7. Launching an EC2 Instance :   8. Changing EC2 Instance Type           9. Enhanced Networking $ modinfo ena $ ethtool -i eth0 10. [SAA] EC2 Placement Groups Cluster Placement Group : On the same hardware on the  Each partition represents a Rack in AWS ,  Network & Security -- Placement  11. [SAA] EC2 Placement Groups - Hands On 12. EC2 Shu...
Read more