Notes on: Linux Academy: AWS CSAA: 7) Advanced Networking: Highly Available & Fault Tolerant VPC Networking

Just a place to put some notes on the “AWS Certified Solutions Architect - Associate (New!)” course from https://linuxacademy.com

EC2 Management Console Screenshots

Services > EC2 > LOAD BALANCING

- Load Balancers

- Target Groups

Services > EC2 > AUTO SCALING

- Launch Configurations

- Auto Scaling Groups

Image: Services > EC2 > LOAD BALANCING: Load Balancers > Create Load Balancer

Note: The Learn more link.

Image: Services > EC2 > LOAD BALANCING: Target Groups > Create target group

Image: Services > EC2 > AUTO SCALING: Auto Scaling Groups

Links:

Getting Started with Auto Scaling

Things to Know

Elastic Load Balancer (ELB) Essentials

- Load balancing (as a concept) is a common method used for distributing incoming traffic among servers

- An Elastic Load Balancer is an EC2 service that automates the process of distributing incoming traffic (evenly) to all the instances that are associated with the ELB

- An elastic load balancer can load balance traffic to multiple EC2 instances located across multiple availability zones

-- This allows for highly available and fault tolerant architecture

- Elastic load balancing should be paired with Auto Scaling to enhance high availability and fault tolerance, AND allow for automated scalability and elasticity

- An ELB has its own DNS record set that allows for direct access from the open internet

Other important ELB facts:

- When used within a VPC, an ELB can act as an internal load balancer and load balance to internal EC2 instances on private subnets (as often done with multi-tier applications)

- ELBs will automatically stop serving traffic to an instance that becomes unhealthy (via health checks)

- An ELB can help reduce compute power on an EC2 instance by allowing for an SSL certificate to be applied directly to the elastic load balancer

Classic Elastic Load Balancer:

- A “classic” elastic load balancer is designed for simple balancing of traffic to multiple EC2 instances

- There are no granular routing “rules” - all instances get routed to evenly, and no special routing request can be made based on a specific content request from the user

- Classic load balancing is best used when all instances (that are being served traffic) contain the same data

Image: Classic ELB (all instances have the same content)

Application Elastic Load Balancer:

- An “Application” elastic load-balancer is designed for complex balancing of traffic to multiple EC2 instances using Content-based “rules”

- Content-based rules (setup on the listener) can be configured using:

-- Host-based rules: Route traffic based on the host field of the HTTP header

-- Path-based rules: Route traffic based on the ULR path of the HTTP header

-- This allows you to structure your applications as smaller services, and even monitor/auto-scale based on traffic to specific “target groups”

- An Application ELB also supports ECS Containers, HTTPS, HTTP/2, WebSockets, Access Logs, Sticky Sessions, and AWS WAF (Web Application Firewall)

Image: Application ELB

Quiz

Q: What best describes the purpose of an Elastic Load Balancer?

A: To evenly distribute traffic among multiple EC2 instances in separate Availability Zones.

E: An ELB is used BEST when it is distributing traffic to EC2 instances located in separate Availability Zones. This provides for higher availability and is more fault tolerant than distributing traffic to EC2 instances in the same AZ.

Q: If you want to create architecture that meets the minimum requirement for high availability and fault tolerance, which option would you choose?

A: An ELB distributing traffic to an Auto Scaling group that has a minimum of two instances that are located in separate Availability Zones.

E: Having a minimum of two instances is required in case one of them fails and is no longer "available." Two AZs are required in case of one of them fails and is no longer "available." Auto Scaling is required so that failed instances will be automatically terminated and replaced with healthy instance OR to increase the amount of instances if demand increases (improving availability and fault tolerance).

Q: What happens when an EC2 instance that is being served traffic from an ELB becomes unhealthy?

A: The ELB will stop serving traffic to it and divert its traffic to a healthy instance.

E: The ELB will stop serving traffic to it and divert its traffic to a healthy instance, as this is all it can do. It is Auto Scaling which can take an unhealthy instance, terminate it, and replace it with a new instance.

Q: What best describes a scaling policy?

A: A set of CloudWatch metric thresholds that dictate when to add or remove instances from the Auto Scaling group.

E: Scaling policies belong to the Auto Scaling group. The policies themselves dictate (via chosen CloudWatch metrics thresholds) when instances should be added or removed.

T: An SSL certificate can be applied to an ELB.

E: You can apply an SSL certificate to an ELB and have that as the central point for your secure connection before passing the traffics onto subsequent EC2 instances.

T: Elasticity is a primary benefit of using Auto Scaling.

E: Auto Scaling provides elasticity to your architecture by automating the process of easily scaling up OR down the number of instances being used by your application.

Q: What is the proper solution you should enact to prevent your application from crashing due to a sudden increase in demand?

A: Auto Scaling

E: Auto Scaling is what provides your architecture with the ability to automate the process of adding more instances to avoid crashes (due to sudden increase in demand). Scaling policies are PART of Auto Scaling but are not the overall solution.

T: An ELB can serve traffic to instances located inside a private subnet.

E: Placing instances in a private subnet creates a higher level of security for the data stored on them. By using an ELB, the ELB can take public traffic from the open Internet and route into private subnets (and back out).

T: Target Groups allow us to assign different sets of EC2 instances different traffic using content-based rules in an Application Elastic Load Balancer

E: Target Groups are where we assign different sets of EC2 instances to receive traffic in an Application Load Balancer. Launch Configurations and AutoScaling Groups can be used with either Load Balancing type.

Q: What are the two main components of AWS Auto Scaling?

A: Launch configuration and Auto Scaling groups

E: A launch configuration is an EC2 template that will be used by the Auto Scaling group. The Auto Scaling group holds the rules that govern when instances will be provisioned or terminated.

T: It is Auto Scaling that contains scaling policies (which dictate the Cloudwatch thresholds for adding/removing instances), not Elastic Load Balancer.

Q: You are designing an environment that requires a complex balancing of traffic to EC2 instances using content-based rules, such as host-based or path-based. Which of the following AWS services would you choose?

A: Application Elastic Load Balancer

E: Application Elastic Load Balancers allow us to configure content-based rules to balance traffic based on different content-based rules.

Physical & Networking Layer: Highly Available & Fault Tolerant

Image: Physical & Networking Layer: Highly Available & Fault Tolerant