ELB , ALB , NLB, GLB,

ELB , Elastic Load Balancer are servers that forward traffic to multiple servers (e,g EC2s) downstream.

 

why use?

- Spread load across intances

- Expose a single point of access (DNS) to applicaiton

- Seamlessly handle failer of intances  

- Do reguler health check to instances

- Enfore stickiness with cookies

- High availability across zones

- Seperate public traffic from private traffic

 

AWS ELB is manged load balancer

- AWS guarentees that it will be working

- AWS will take care of upgrades, maintenance , high availability

- AWS provides only a few config knobs.

 

(  setting a own Load balancer cost less but it will be a lot more effort on the end )

( interfrated with many AWS offerings / servies)

e.g ec2, autoscaling groups, ECS, ACM , CloudWatch, Route 53, WAF. Global Accelerator

 

Health Check?

1. Check if the EC2 is working or not. (this is crutial for load balancers)

2. enable the LB to know if instances it forward traffic are available to reply to requests.

3. check is done on a PORT and ROUTE (/health is common).

4. respone 200(ok) , then the instance is healty, if not its not so LB wont connect the instance.

 

Type of LB on AWS

CLB - 2009 BUT ITS DEPRECATED /// cant use anymore

ALB (Appliocation LB) - 2016  // http+s, web socket

NLB (Network LB) - 2017 // TCP, TLS( TCP + secure) , UDP

GLB (Gateway LB) - 2020 // Operates at layer3 ( Network layer) - IP protocal

 

* recommanded to use new generation. - more features

* some LB can set to private (internal) or public (external)

* set up Load balancer Security groups and EC2 Security groups allowing traffic from LB.

 

 

ALB v2 ( Appliocation Load Balancer )

- ALB is Layer 7 (HTTP)

- LB to muliple HTTP applications across machines (target group)

- LB to multiple app on the same machine (ex. containers) // docker

- Support for HTTP/2 and Web socket

- Support redirects ( e.g HTTP -> HTTPS )

 

- Route tables to different target groups 

• Routing based on path in URL ( example.com/userpage &   example.com/adminpage )
• Routing based on host in URL ( host1.com & host2.com )
• Routing based on query stoing, headers in URL ( example.com?id=1&server=1 )

It is good with Micro Servies & container-based services ( Docker + ECS )

Has a port mapping feature to redirect to a dynamic port in ECS.

 

Target groups ?

• - EC2 intances (managed by and Auto scacling group) - HTTP
• - ECS tasks (managed by ECS itself) - HTTP
• - Lambda funtions - HTTP request is translated into a JSON event.
• IP - private

- ALB can route to multiple target groups

- health checks are at the target group level

 

* can setup ec2 security group to allow access from ELB security group 

* ALB needs Target groups , Traget group needs instances. (health check is done on target group)

* Target group can have rules

NLB 

- NLB is layer 4

allowing 

- Forward TCP & UDP traffic to your instance

- Handle millions of request per seconds

- less latency ~ 100 ms ( 400 on ALB )

 

NLB has One static IP per AZ, and supports assigin Elastic IP (helpful for whitelisting specific IP)

Extreme performace, TCP or UDP traffic 

* Not free tier

 

Target Group 

- EC2

- IP (private)

- ALB ( *NLB for fixed IP address  -> ALB to get all http type rules )

- Health check supports the TCP, HTTP and HTTPS Protocols

GLB 

Deploy , Scale and manage a fleet of 3rd party network

E.G Firewalls Intrusion Detection and Prevention Systems, Deep Packet Inspection System, payload manipulation etc..

 

Users -> Root table -> GLB -> 3rd party security virtual appliance (Target group) -> GLB -> Application.

 

Operates on Layer 3 (Network Layer) - IP packets

1. Transparent Network Gateway - single entry/exit for all traffic

2. Load Balancer - distributes traffic to your virtual appliens

 

It use the GENEVE protocol on port 6081.

 

Target group.

1. EC2

2. IP address (private)