More Related Content
Similar to How_to_choose_the_right_load_balancer_for_your_AWS_workloads_NET202.pdf (20)
How_to_choose_the_right_load_balancer_for_your_AWS_workloads_NET202.pdf
- 1. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
- 2. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
How to choose the right
load balancer for your
AWS workloads
James Wenzel
N E T 2 0 2
Sr. Solutions Architect, ELB Team
AWS
- 3. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Take a look at available load balancing tech on AWS
Break down what makes each unique
and where they fit in your workloads
Tie it all together
Agenda
- 4. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What load balancing choices do we have?
Classic Load
Balancer
(CLB)
Layer 4/7
Targets
EC2-Classic
Protocols
TCP, SSL/TLS,
HTTP, HTTPS
Application Load
Balancer
(ALB)
Layer 7
Targets
IP, instances,
AWS Lambda,
containers
Protocols
HTTP, HTTPS, gRPC
Network Load
Balancer
(NLB)
Layer 4
Targets
IP, instances, ALB,
containers
Protocols
TCP, UDP, TLS
Gateway Load
Balancer
(GWLB)
Layer 3 gateway/
4 load balancer
Targets
IP, instances
Protocols
IP
AWS Global
Accelerator
TCP/UDP
Targets
IP, ALB, NLB
Protocols
TCP, UDP
- 5. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Elastic Load Balancing Global Accelerator
Application Load
Balancer
(ALB)
Classic Load
Balancer
(CLB)
Network Load
Balancer
(NLB)
Gateway Load
Balancer
(GWLB)
AWS Global
Accelerator
Elastic Load Balancing (ELB) is a managed
regional service that leverages auto scaling
compute (CLB, ALB) or runs on the
AWS Hyperplane (NLB, GWLB) across
Availability Zones for resiliency
- 6. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Elastic Load Balancing Global Accelerator
Application Load
Balancer
(ALB)
Network Load
Balancer
(NLB)
Gateway Load
Balancer
(GWLB)
AWS Global
Accelerator
Elastic Load Balancing (ELB) is a managed
regional service that leverages auto scaling
compute (CLB, ALB) or runs on the
AWS Hyperplane (NLB, GWLB) across
Availability Zones for resiliency
AWS Global Accelerator is a managed global
service that leverages globally distributed
points of presence (POPs) to bring your
customer traffic onto the AWS backbone
as quickly as possible
- 7. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Lets take a closer
look at each type
of load balancer
- 8. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Which load balancing technology
should we use?
Application
Load Balancer
AWS Lambda
Authentication
Layer 7 routing
Redirects, web sockets
HTTP2/gRPC
Web application firewall, AWS Outposts/AWS Local Zones
Containers
Targets Requires
Instances
IP
Cookie stickiness, HTTP Desync mitigation
Fixed response
Best option for the AWS Load Balancer Controller for containers
- 9. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What are some workloads that
are the best fit for ALB?
- 10. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Advertising technology
- Use cases: Ad repositories, ad exchange, bidding, A/B testing
- Recommended LB: ALB (Layer 7)
- Relevant features:
• ALB with path-based routing
• Weighted target groups (A/B testing)
• Least outstanding requests
• SSL termination, including SNI support
• Improved performance with connection pooling
- 11. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Media and entertainment
- Use cases: control plane
- Recommended LB: ALB (layer 7)
- Relevant Features:
• Supports high number of concurrent
connections
• TLS and authentication offloading
• Advanced request routing
- 12. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Application
Load Balancer
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Public subnet Public subnet
VPC CIDR 10.1.0.0/16
10.1.2.11/24 10.1.3.11/24
+ Expand + IPv6
IGW
ALB
10.1.0.11 10.1.1.11
The
internet
- 13. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Application Load
Balancer and Lambda
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Public subnet Public subnet
VPC CIDR 10.1.0.0/16
10.1.2.11/24 10.1.3.11/24
+ Expand + IPv6
IGW
ALB
10.1.0.11 10.1.1.11
The
internet
AWS Lambda AWS Lambda
10.1.0.12 10.1.1.12
- 14. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Application Load
Balancer, Lambda,
and containers
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Public subnet Public subnet
VPC CIDR 10.1.0.0/16 + Expand + IPv6
IGW
ALB
The
internet
AWS Lambda AWS Lambda
Containers
Containers
10.1.0.11 10.1.1.11
10.1.0.12 10.1.1.12
- 15. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Application Load
Balancer, Lambda,
containers & instances
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Public subnet Public subnet
VPC CIDR 10.1.0.0/16 + Expand + IPv6
IGW
ALB
The
internet
AWS Lambda AWS Lambda
Containers
Containers
10.1.2.11/24 10.1.3.11/24
10.1.0.11 10.1.1.11
10.1.0.12 10.1.1.12
10.1.1.13
10.1.0.13
- 16. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ALB: Recently launched features in 2021
Security and compliance
• Desync mitigation mode
• Non-CBC security policy
• Additional cert types via ACM
− RSA 3072, RSA 4096, and ECDSA
• Send TLS version and cipher suite to
backend targets
Protocols
• gRPC
• XFF header for source port
• IPv6
– IPv6 front end
– IPv6 targets from internet-facing ALBs
Routing
• AWS WAF fail open
• Application cookie stickiness
Additional capabilities
• Kubernetes integration (AWS
Load Balancer Controller)
• ALB as a target of NLB
− Static IP
− AWS PrivateLink integration
• ALB on the edge
– AWS Outposts
- 17. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Let’s add ALB
to a workload
- 18. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ALBs in a workload
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Public subnet Public subnet
VPC CIDR 10.1.0.0/16 + Expand + IPv6
ALB
10.1.0.11 10.1.1.11
IGW
10.1.2.11/24 10.1.3.11/24
Instance C Instance D
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Private subnet Private subnet
VPC CIDR 10.2.0.0/16 + Expand + IPv6
ALB
10.2.2.11/24 10.2.3.11/24
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Private subnet Private subnet
VPC CIDR 10.3.0.0/16 + Expand + IPv6
ALB
10.3.2.11/24 10.3.3.11/24
The
internet
Front end DB layer
API layer
On premises
- 19. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Which load balancing technology
should we use?
Connection-based
Layer 4 load balancing
PrivateLink support
Elastic IP support
Long-lived TCP connections
Low latency
Zonal isolation
Network
Load Balancer
Hybrid architecture support
Targets Requires
Containers
Instances
IP
ALB
AWS Fargate support direct to K8s pod
- 20. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What are some workloads
that are the best fit for NLB?
- 21. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Games
- Use cases: control channel, chat sessions,
game connectivity
- Recommended LB: NLB (Layer 4)
- Relevant Features:
• Static IP
• Long-lived UDP/TCP connection
• Low latency
• High connection rate
- 22. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Data ingestion
- Use cases: data ingestion, data warehouse
- Recommended LB: NLB (Layer 4)
- Relevant features:
• Single IP and port
• High throughput
• Instant scaling
• TLS termination
• PrivateLink instead of peering
• Long-lived connections
- 23. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Internet of Things
- Use cases: IoT service front door – Telemetry,
logging/reporting, data polling
- Recommended LB: NLB (Layer 4)
- Relevant features:
• Static IP for embedded devices
• Long-lived UDP/TCP connection
• Large number of concurrent connections
- 24. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Media and entertainment
- Use cases: data plane
- Recommended LB: NLB (Layer 4)
- Relevant features:
• Supports high number of concurrent
connections
• High throughput
• Scaling of nonstandard Layer 7 protocol
• Low latency
- 25. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
NLB
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Public subnet Public subnet
VPC CIDR 10.1.0.0/16
InstanceC
10.1.2.11/24
InstanceD
10.1.3.11/24
+ Expand + IPv6
IGW
EIP - 10.1.0.11 : xx.xx.xxx.xxx EIP - 10.1.1.11 : x.xxx.xx.xxx
NLB
10.1.0.11 10.1.1.11
The
internet
- 26. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
NLB and PrivateLink
AWS Region
Availability Zone 2
Private subnet
VPC CIDR 10.1.0.0/16
10.2.2..0/24
+ Expand + IPv6
Availability Zone 1
Private subnet
10.1.2..0/24
Availability Zone 1
Private subnet
VPC CIDR 10.1.0.0/16
10.2.2..0/24
+ Expand + IPv6
Availability Zone 1
Private subnet
10.1.2..0/24
- 27. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What about hybrid
workloads and NLB?
- 28. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Hybrid Architecture – Access from On-premises
10.1.3..0/24
VPC CIDR 10.1.0.0/16
10.1.2..0/24
VPC CIDR 10.1.0.0/16
10.1.2..0/24
Interface endpoint
Interface endpoint
AWS Region
VPC
Availability Zone 1
Availability Zone 2
Private subnet
Private subnet
Private subnet
Availability Zone 2
Availability Zone 1
Private subnet
VPC
On-premises
data center
On-premises
applications
AWS Direct Connect
(Private VIF)
VPN
Route 53
DNS
10.1.3..0/24
- 29. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Private subnet
Private subnet
ALB as an NLB target with PrivateLink
10.1.2..0/24
VPC CIDR 10.1.0.0/16
10.1..3..0/24
AWS Region
VPC
Availability Zone 1
Availability Zone 2
Interface
endpoint
VPC
Availability Zone 1
Private subnet
VPC CIDR 10.1.0.0/16
- 30. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Security and compliance
• ALPN support
• Non-CBC security policy
• TLS 1.3
Protocols
• UDP for IP targets
• IPv6 dual stack
Routing
• IP session affinity
• Terminate connections to
deregistered targets
Additional capabilities
• Kubernetes integration (AWS Load
Balancer Controller)
• Source IP preservation for IP targets
NLB: Recently launched features in 2021
- 31. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Let’s add NLB
to our workloads
- 32. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Add NLB
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Public subnet Public subnet
VPC CIDR 10.1.0.0/16 + Expand + IPv6
ALB
10.1.0.11 10.1.1.11
IGW
10.1.2.11/24 10.1.3.11/24
Instance C Instance D
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Private subnet Private subnet
VPC CIDR 10.2.0.0/16 + Expand + IPv6
ALB
10.2.2.11/24 10.2.3.11/24
The
internet
Front end DB layer
API layer
On premises
Private subnet
172.16.0.10
ISV Server
Private subnet
172.16.1.10
ISV Server
PrivateLink ISV VPC
Availability Zone 1
VPC CIDR 172.16.0.1/16 +
Expand
Availability Zone 2
NLB VPCE
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Private subnet Private subnet
VPC CIDR 10.3.0.0/16 + Expand + IPv6
NLB
10.3.2.11/24 10.3.3.11/24
- 33. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Did you notice the packets
with the red outline?
We will get to that!
- 34. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Which load balancing technology
should we use?
Gateway
Load Balancer
Bump in the wire
Packet preservation for inspection
PrivateLink GWLB endpoint
Multi-port to same instance
Route table entry
Auto scaling for packet processing
devices (firewall, IdP)
Targets Requires
Instances
IP
- 35. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What are some workloads
that are the best fit for GWLB?
- 36. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Metrics and inspection
- Use cases: metrics gathering
- Recommended LB: GWLB (Layer 3 GW, Layer 4 LB)
- Relevant features:
• Bump-in-the-wire functionality
• High throughput
• GENEVE headers
• Auto scaling of IDP devices
- 37. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Security
- Use cases: packet inspection
- Recommended LB: GWLB (Layer 3 GW, Layer 4 LB)
- Relevant features:
• Auto scaling of security devices
• Total packet encapsulation
• Bump-in-the-wire functionality
• Low latency
- 38. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What makes
GWLB different?
- 39. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
GWLB under the hood with GENEVE
VPC CIDR 10.1.0.0/16
54.239.17.6
Public subnet
10.1.0.11
Availability Zone 1
IGW
GWLB Availability Zone
Auto Scaling group
GWLB Availability Zone
Auto Scaling group
GWLB
VPC CIDR 192.168.0/24
10.1.0.0/24 Local
0.00.0/0 GWLBE
Destination GW
Src IP=
10.0.11
Dst IP=
54.239.17.6
Payload
Outer Src IP =
192.168.1.10
Outer Dst IP =
FW IP Address
Metadata
Src IP=10.1.0.11 Dst IP=54.239.17.6
Payload
192.168.1.10
Outer Src IP =
FW IP Address
Outer Dst IP =
192.168.1.10
Metadata
Src IP=10.1.0.11 Dst IP=54.239.17.6
Payload
GWLB subnet
10.2.0.0/24 Local
0.0.0.0/0 IGW
Destination GW
Src IP=
10.1.0.11
Dst IP=
54.239.17.6
Payload
The
internet
Source
Instance
GWLBe
- 40. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
GWLB
Outer Src IP =
192.168.1.10
Outer Dst IP =
FW IP Address
Metadata
Src IP=10.1.0.11 Dst IP=54.239.17.6
Payload
Tunnel IPv4 Header:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL |Type of Service| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time to Live |Protocol=17 UDP| Header Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Tunnel Source IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Tunnel Destination IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| UDP Source Port (undefined) | UDP Destination Port = 6081 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| UDP length | UDP Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Geneve Tunnel Header (for IPv4 payload):
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|V=0|Opt Len = 7|O|C| Rsvd. | Protocol Type = 0x0800 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Virtual Network Identifier (VNI) = 0 | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Geneve Tunnel Options:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Option Class = 0x0108 | Type = 1 |R|R|R| Len = 2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 64-bit GWLBE ENI id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Option Class = 0x0108 | Type = 2 |R|R|R| Len = 2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 64-bit Attachment ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Option Class = 0x0108 | Type = 3 |R|R|R| Len = 1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 32-bit Flow Cookie |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Original IPv4 Packet follows …
40 Octets
28 Octets
Traffic between GWLB and Appliances is
encapsulated in GENEVE packet
- 41. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
GWLB simple input
Private subnet Private subnet
Public subnet Public subnet
VPC CIDR 10.1.0.0/16
InstanceA
10.1.2.11/24
InstanceB
10.1.3.11/24
10.1.0.11 10.1.1.11
Availability Zone 1 Availability Zone 2
IGW
GWLB Availability Zone
Auto Scaling group
GWLB Availability Zone
Auto Scaling group
GWLB
GWLBE 1 GWLBE 2
The
internet
TLS inspection
happens on the
security devices
ALB
- 42. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Lets add GWLB
to our workloads
- 43. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Public subnet Public subnet
VPC CIDR 10.1.0.0/16 + Expand + IPv6
ALB
10.1.0.11 10.1.1.11
IGW
10.1.2.11/24 10.1.3.11/24
Instance C Instance D
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Private subnet Private subnet
VPC CIDR 10.2.0.0/16 + Expand + IPv6
ALB
10.2.2.11/24 10.2.3.11/24
The
internet
Front end DB layer
API layer
On premises
Services VPC
Availability Zone 1
VPC CIDR 192.168.0/24
Availability Zone 2
Auto Scaling group Auto Scaling group
GWLB
Private subnet
Private subnet
Private subnet Private subnet
GWLBE 1
GWLBE 2
Availability
Zone
3
Private
subnet
TGWE
Add GWLB
Private subnet
172.16.0.10
ISV Server
Private subnet
172.16.1.10
ISV Server
PrivateLink ISV VPC
Availability Zone 1
VPC CIDR 172.16.0.1/16 +
Expand
Availability Zone 2
NLB VPCE
Availability Zone 2
Availability Zone 1
Private subnet Private subnet
Private subnet Private subnet
VPC CIDR 10.3.0.0/16 + Expand + IPv6
NLB
10.3.2.11/24 10.3.3.11/24
- 44. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Which load balancing technology
should we use?
AWS Global
Accelerator
Accelerate latency-
sensitive applications
Improve resiliency and
availability on a global scale
Simplified global
traffic management
Global set of anycast static
IP addresses
Targets Requires
IP
ALB
NLB
- 45. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Why does Global
Accelerator matter?
- 46. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Because we are on the internet, it’s accessible
from everywhere!
Not all of our customers will have the same experience
We need to replicate
our workload in
multiple regions for a
better customer
experience, while
maintaining control of
the traffic.
- 47. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Easy traffic control –
Optimal endpoint selection
Optimal Region
Hash (5 tuple)
Region : us-west-1
Region : us-west-1
Src Port: 32759
Src IP: 1.2.3.4
Protocol: UDP/TCP
5 Tuple
Dest IP: 5.6.7.8
Dest Port: 80
- 48. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Easy traffic control – Regional traffic dials
Region : us-east-1
Region : us-west-1
Dial values: min: 0%, max: 100%, default: 100%
ELB
- 49. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Easy traffic control – Regional traffic dials
Region : us-east-1
Region : us-west-1
Dial values: min: 0%, max: 100%, default: 100%
ELB
- 50. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Easy traffic control – Endpoint weights
Region : us-east-1
Region : us-west-1
Weights values: min: 0, max: 255, default: 128
ELB
- 51. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Hash (2 tuple)
Easy traffic control – Client affinity
ELB
Optimal Region
Region : us-west-1
Region : us-west-1
Src Port: 32759
Src IP: 1.2.3.4
Protocol: UDP/TCP
2 Tuple
Dest IP: 5.6.7.8
Dest Port: 80
- 52. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Let’s add Global Accelerator
to our workloads
- 53. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Availab
ility
Zone 2
Availab
ility
Zone 1
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
VPC CIDR
10.2.0.0/16
+ Expand
+ IPv6
ALB
10.2.2.11/24 10.2.3.11/24
Availab
ility
Zone 2
Availab
ility
Zone 1
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
VPC CIDR
10.3.0.0/16
+ Expand
+ IPv6
ALB
10.3.2.11/24 10.3.3.11/24
Availabi
lity
Zone 2
Availabi
lity
Zone 1
Pri
vat
e
sub
net
Pri
vat
e
sub
net
Pu
blic
sub
net
Pu
blic
sub
net
VPC CIDR
10.1.0.0/16
+ Expand
+ IPv6
NLB
10.1.0.11 10.1.1.11
IGW
10.1.2.11/24 10.1.3.11/24
Instance C Instance D
Availab
ility
Zone 2
Availab
ility
Zone 1
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
VPC CIDR
10.2.0.0/16
+ Expand
+ IPv6
ALB
10.2.2.11/24 10.2.3.11/24
Availab
ility
Zone 2
Availab
ility
Zone 1
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
Pri
vat
e
su
bn
et
VPC CIDR
10.3.0.0/16
+ Expand
+ IPv6
ALB
10.3.2.11/24 10.3.3.11/24
Availabi
lity
Zone 2
Availabi
lity
Zone 1
Pri
vat
e
sub
net
Pri
vat
e
sub
net
Pu
blic
sub
net
Pu
blic
sub
net
VPC CIDR
10.1.0.0/16
+ Expand
+ IPv6
NLB
10.1.0.11 10.1.1.11
IGW
10.1.2.11/24 10.1.3.11/24
Instance C Instance D
3.10.3.125
3.10.3.125
- 54. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
A note about
infrastructure as code
- 55. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
A note about infrastructure as code
- 56. © 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank you!
© 2021, Amazon Web Services, Inc. or its affiliates. All rights reserved.