Today we are learning about Elastic Load Balancer Cheat Sheet and how to prepare for certification in a short duration.
Elastic Load Balancer Cheat Sheet:
Elastic Load Balancer (ELB): managed load balancer. Health checks.
- Classic Load Balancer (CLB)
- Application Load Balancer (ALB)
- Network Load Balancer (NLB)
- Gateway Load Balancer
Classic Load Balancer (CLB):
old generation. HTTP, HTTPS, SSL & TLS. . Layer 4 and layer 7. Health check and fixed hostname.
Application Load Balancer (ALB):
HTTP, HTTPS & web socket. Layer 7. Support redirects from http to https. Routing based on path in URL, hostname in URL & query string. Has port mapping features to redirect dynamic port on ECS. Great for micro services and container based application. ALB targets are EC2 Instances, ECS tasks(HTTP), Lambda function (HTTP) & IP address. Health check and fixed hostname.
IP= X-Forwarded-FOR
Port = X-Forwarded-Port
Prototype = X-Forwarded-Proto
Network Load Balancer (NLB):
Layer 4. TCP, TLS and UDP. Handles millions of requests per second. Latency is ~100ms. NLB has one static IP per AZ. NLB are used for extreme performance and TCP or UDP traffic. Target groups are – EC2 Instances, IP Address and ALB.
Gateway Load Balancer:
Operates at layer 3 – IP packets. Deploy, scale and manages a fleet of 3rd party network appliance in AWS. Uses GENEVE protocol on 7081 port. Target groups are EC2 Instances and IP addresses.
Sticky Session (Session Affinity): works for ALB and NLB. The cookie used for stickiness has expiration date. Cookie Names are
Application Based Cookie:
- Custom Cookie: generated by target. Don’t use AWSALB, AWSALBAPP and AWSALBTG
- Reserved Cookie: generated by load balancers. Cookie name is always AWSALBAPP.
- Duration Based Cookie: generated by load balancer. Cookier names are AWSALB for ALB and AWSELB for CLB.
Connection Draining (Deregistration Delay):
CLB: Connection Draining
ALB & NLB: Deregistration Delay
Is the time to complete “in-flight” requests which instance is unhealthy. Default is 300 sec.
Cross Zone Load Balancing:
With cross zone load balancing: distributes evenly across all registered instances in AZ.
Without cross zone load balancing: Requests are distributed in the instances of node of ELB.
ALB |
NLB |
CLB |
Enabled by default. |
Disabled by default. |
Disable by default. |
No charges for inter AZ data. |
You pay charges for inter AZ data if enabled. |
No charges for inter AZ data if enabled. |
Load Balancer – SSL Certificates:
uses X.509 certificates. Can manage certificates using ACM. Can upload your own certificates. Client uses SNI – Server Name Indicator to specify the hostname. It is newer protocol. Works with ALB, NLB and cloudfront. Does not work with CLB.
CLB: supports only one SSL certificate.
ALB and NLB: supports multiple listner for multiple certificate and uses SNI to make it work.
Related Post: