Working of Elastic Load balance
Types of Elastic Load balancer
- Classic load balancer
- Application load balancer
- Network load balancer
-Balances the traffic out to EC2/IP/ECS endpoints.
-Supports load balancing of HTTP, HTTPS and TCP.
-Detects and removes failing instances.
-Grows and shrink based on the traffic
-Integrates with Autoscaling
-Specific to region and routes traffic across Availability zones
-Max 32 character limit for a name in Application load
-Has high availability.
Configuring health check
1. What load balancer is checking?
Ping protocol: Which protocol it has to use for health checks.
Ping port: Which it has to check using the protocol defined above.
2. How it is checking?
Response Timeout: when the load balancer sends a request to ec2, this parameter tells for how many seconds it should wait for the response. The value given here should be neither too low nor too high...5 sec sounds decent enough, because if its either of it then there is something wrong with instances launched.
Interval: This parameter tells the load balancer after how many seconds it should send the next health ping to EC2 instance.
Unhealthy threshold: This parameter value load balancer decides if ec2 instance is unhealthy. It declares unhealthy if it fails the health check Consecutively. Let's say if the value is set to
2. If two times Consecutively the responses from EC2 are failed then only it concludes that EC2 is unhealthy.
Healthy threshold: It tells how many health checks should an ec2 pass to consider it healthy. Again it has to pass health checks consecutively.
Stickness? What's that for?
Let's say, a user makes requests, it is processed into some EC2. User is doing some sort of work and other requests are made by him, it's not sure if the same user's requests will go to same EC2. To make sure that requests go to same EC2, the stickiness can be used.
Stickiness is based on
timing- Forces a User's requests to particular EC2 for X amount of time and is based on a
cookie- Regardless in which EC2 requests is processed user's cookies are maintained.
SSL Termination? It's kinda debatable.
If you have read the post about how HTTP works and how digital signature is used to secure connection and why we need it, you will be able to understand the concept of SSL termination option at the load balancer.
An HTTPS request comes to Load balancer.
Load balancer will send the request to the desired EC2.
HTTPS secure connection will be established before processing any further actions.
Something like this:
HTTPS (req) ----> ELB ----> HTTPS (req) ----> EC2
An end to end encryption.
Now, while establishing this secure connection a part of EC2's memory and CPU is used to perform that encryption. Obviously, it ain't some magic it does need stuff! Encrypting one request isn't a big deal.
Now imagine per minute there are 1000+ such requests are coming. So for encryption to be carried, it will end up using some major amount of CPU and Memory of EC2, which is being wasted and an application has other better jobs to do. Also, EC2 has to spend some amount of time in that minute to perform this task..after all its software level encryption. So in the biggest picture do you think it works in our favor? It's a debatable topic actually!
AWS provided an option of Offload SSL validation to ELB, what it means is encryption ends at ELB itself. From ELB the request is processed as HTTP to the desired EC2.
Something like this:
HTTPS (req) ----> ELB ----> HTTP (req) ----> EC2