AWS Series - EC2 Load Balancer & Target Group

*Author: [Vincent Lau](https://www.linkedin.com/in/vincent-lau-30435bb6/) Note: This material is intended for educational purposes only. All rights reserved. Any unauthorized sharing or copying of this material, in any form, to any individual or party, for any use without prior permission, is strictly prohibited.* # AWS Series - EC2 Load Balancer & Target Group This chapter introduces EC2 Application Load Balancer (ALB) and Target Group configuration. Explain how ALB works with EC2 instances to make it become enterprise application architecture and how to configure them in AWS EC2. ## What is EC2 ALB ? **Amazon EC2 Application Load Balancer (ALB)** is a service provided by AWS that helps **distribute incoming traffic** across multiple EC2 instances. It operates at the application layer (Layer 7) of the OSI model and offers advanced features to intelligently route and balance traffic. ![](https://hackmd.io/_uploads/rJPMlo8wn.png) Source: aws.com ![](https://hackmd.io/_uploads/rkJu7iLvn.png) ## Key features of EC2 ALB **Intelligent Routing**: ALB supports advanced routing rules based on content-based routing, host-based routing, path-based routing, and request method routing. This allows you to direct traffic to different sets of EC2 instances based on specific conditions. **Load Balancing Algorithms**: ALB uses various load balancing algorithms, such as round-robin, least outstanding requests, and least connections, to distribute traffic evenly across registered targets. **TLS Offloading**: ALB can terminate Secure Socket Layer (SSL) and Transport Layer Security (TLS) connections, relieving the backend EC2 instances of the encryption and decryption overhead. This improves performance and simplifies certificate management. **WebSockets and HTTP/2 Support**: ALB natively supports WebSocket connections and the HTTP/2 protocol, allowing efficient bidirectional communication and enhanced performance for modern web applications. ## What is Target Group ? **Target Groups**: Target Groups are an integral part of ALB. They define sets of targets (EC2 instances, containers, IP addresses, or Lambda functions) that receive traffic from the load balancer. ALB routes incoming requests to the appropriate target group based on the configured rules. It plays a crucial role in the functioning of EC2 Application Load Balancer. ## Key features of EC2 Target Group **Dynamic Registration**: EC2 instances can be dynamically registered and deregistered with a target group based on rules defined by the load balancer. This allows for automatic scaling and seamless integration with auto scaling groups. **Health Checks**: Target Groups periodically perform health checks on the registered targets to ensure they are healthy and able to handle traffic. Unhealthy targets are automatically removed from the load balancer's rotation until they become healthy again. **Routing Configuration**: Each target group can have its own routing configuration, allowing you to define how the load balancer distributes traffic to the registered targets. This includes setting the load balancing algorithm, defining routing rules, and managing listener rules. **Multiple Services and Containers**: Target Groups are not limited to EC2 instances. They can also be used with containers running on Amazon Elastic Container Service (ECS) or Elastic Kubernetes Service (EKS) clusters. This enables load balancing for containerized applications as well. ## Steps to configure Target Groups **Step 1**: Let's start with creating target groups. - Create target group ![](https://hackmd.io/_uploads/Hyyh70Lw3.png) - Target Type: Instances ![](https://hackmd.io/_uploads/SJJLLoLw3.png) - Target group name: **ec2-demo-target-group** - Protocol: **HTTP 8080** - Protocol Version: **HTTP1** ![](https://hackmd.io/_uploads/S11jUoLwh.png) - Select instance(s) as the members of the target group (can be more than 1 instance, but has to be with **running** state) - **Input the forward port**. In this exercise, we assume one target group per application. Say my app is listening to port 8085 in the EC2 instance. - Press "Include as pending below" ![](https://hackmd.io/_uploads/ryLSW0Lvn.png) - You will find the result as below. - Press "Create target group" ![](https://hackmd.io/_uploads/BJhFWALwn.png) - **Repeat** the above steps to create **ec2-demo-target-group2** for the port 8086 in the same instance (another Spring Boot app listening to). Target Groups Result: ![](https://hackmd.io/_uploads/BJPLz0UP3.png) ## Steps to configure Application Load Balancer (ALB) **Step 2**: Create Application Load Balancer (ALB) - Select "Load Balancer" ![](https://hackmd.io/_uploads/rkhRXALwn.png) - Demonstrate application load balancer (ALB) in this chapter. ![](https://hackmd.io/_uploads/rkYIVRUP2.png) - ALB name: **ec2-demo-alb** - Scheme: **Internet-facing** - IP Type: **IPv4** ![](https://hackmd.io/_uploads/BkvdBRUD3.png) - Select 2 zone & subnets available for the LB. ![](https://hackmd.io/_uploads/rkFf8RLwn.png) - Select the security group created by you (suppose http is enough for the LB in this chapter) ![](https://hackmd.io/_uploads/rkiQ8RIw2.png) - Create a listener for traffic forwarding to a target grou - The ALB should be reached via http:80. - Select a target group (One of the target groups you created in previous chapter). We will add additional rules in this listener in later section. ![](https://hackmd.io/_uploads/BJKmDC8Pn.png) - Health check the summary section before creating the ALB. ![](https://hackmd.io/_uploads/HJOFuCLDh.png) - After the ALB created, you will find the domain name in LB main page. - Sample ALB domain name: ec2-demo-alb-1512973672.us-east-1.elb.amazonaws.com ![](https://hackmd.io/_uploads/SJiGKA8w3.png) ## Steps to add rules for ALB listener **Step 3**: Add rules for the ALB listener to re-map the request traffics to different target groups (EC2 instances) ![](https://hackmd.io/_uploads/rklDx908Pn.png) - Click the listner "**HTTP:80**" ![](https://hackmd.io/_uploads/ByaG5C8v2.png) - Tab "**Rules**" -> "**Manage rules**" ![](https://hackmd.io/_uploads/Hk_Y9CUv3.png) - Click "**Insert Rule**" ![](https://hackmd.io/_uploads/Hyiri08Ph.png) - Select "**Add condition**" -> "**Path**" - Input the **URI Path** that you would like to remap the requests - Click confirm and Save ![](https://hackmd.io/_uploads/Skt6i0Lwh.png) - Select "**Add action**" - Select target group - Input routing ratio as 1 (100%) ![](https://hackmd.io/_uploads/S1NZgJww3.png) - **Repeat** the steps to create another rule for **another target group**. - The added rules will **overwrite the "default" rule** (default cannot be removed) if the conditions are met. ![](https://hackmd.io/_uploads/r1rm6RLD3.png) - You will find the result in "Rules" in LB page ![](https://hackmd.io/_uploads/BJltJJPPn.png) ## Vaildate Result - Now basically you have configured the ALB with target grouped EC2 instances. **The request traffics will be routed to corresponding target groups** (in this exercise, same instance but with different ports). - Result check via Postman - Service endpoint 1: http://ec2-demo-alb-1512973672.us-east-1.elb.amazonaws.com/crypto/coingecko/v1/exchange/ETH/USD - Service endpoint 2: http://ec2-demo-alb-1512973672.us-east-1.elb.amazonaws.com/crypto/polygon/v1/exchange/ETH/USD ![](https://hackmd.io/_uploads/r1yigyDP3.png) ![](https://hackmd.io/_uploads/B1aixkDwh.png)