Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

[REPEAT 1] Elastic Load Balancing: Deep Dive and Best Practices (NET404-R1) - AWS re:Invent 2018

1,895 views

Published on

Elastic Load Balancing (ALB & NLB) automatically distributes incoming application traffic across multiple Amazon EC2 instances for fault tolerance and load distribution. In this session, we go into detail on ELB configuration and day-to-day management. We also discuss its use with Auto Scaling, and we explain how to make decisions about the service and share best practices and useful tips for success. Finally, Netflix joins this session to share how it leveraged the authentication functionality on Application Load Balancer to help solve its workforce identity management at scale.

  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yxufevpm } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y3nhqquc } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

[REPEAT 1] Elastic Load Balancing: Deep Dive and Best Practices (NET404-R1) - AWS re:Invent 2018

  1. 1. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Elastic Load Balancing: Deep Dive and Best Practices Pratibha Suryadevara General Manager Elastic Load Balancing N E T 4 0 4 R Will Rose Sr Security Engineer Netflix
  2. 2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon Elastic Compute Cloud (Amazon EC2) instances, containers, and IP addresses
  3. 3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. SecureElastic Integrated Cost effective
  4. 4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. EC2 Instance
  5. 5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Load balancer used to route incoming requests to multiple EC2 instances, containers, or IP addresses in your VPC. ELB EC2 instance EC2 instance EC2 instance
  6. 6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Layer 7 (application)Layer 4 (network) Supports TCP Incoming client connection bound to server connection No header modification Source IP is preserved in the header or Proxy Protocol prepends source and destination IP and ports to request Supports HTTP and HTTPS Connection terminated at the load balancer and pooled to the server Headers may be modified X-Forwarded-For header contains client IP address
  7. 7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The Elastic Load Balancing (ELB) family Application Load Balancer Network Load Balancer Classic Load Balancer TCP Workloads (VPC) Previous generation for HTTP, HTTPS, TCP (Classic network) HTTP & HTTPS (VPC)
  8. 8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Application Load Balancer Advanced request routing with support for microservices and container-based applications
  9. 9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Feature rich, layer 7 load-balanced platform Content-based routing allows requests to be routed to different applications behind a single load balancer Path- and host-based routing Support for microservices and container-based applications, including deep integration with Amazon Elastic Container Service (Amazon ECS) Application Load Balancer
  10. 10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Support for WebSockets and HTTP/2 Improved health checks and additional Amazon CloudWatch metrics Load balancer API deletion protection Improved performance for real-time and streaming applications Improved Elastic Load Balancing API Application Load Balancer
  11. 11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.  API Model  Routing  Security  Availability  Scalability & Integration  Monitoring : Metrics & Access Logs  Pricing  Migration
  12. 12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  13. 13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Load Balancer Target Group #1 Health Check Health Check Health Check EC2 EC2 EC2 IP IP IP ECS ECS ECS Listener Listener Target Group #2 Target Group #3 Rule (default) Rule (*/img/*) Rule (default)
  14. 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. IPasatarget Use any IPv4 address from the load balancer’s VPC CIDR for targets within load balancer’s VPC Use any IP address from the RFC 6598 range (100.64.0.0/10) and in RFC 1918 ranges (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) for targets located outside the load balancer’s VPC (this includes Peered VPC, EC2-Classic, and on-premises targets reachable over Direct Connect or VPN)
  15. 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  16. 16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Content-based routing Route based on path or host field in the HTTP header Support multiple domains using a single load balancer Route each path or host name to a different target group
  17. 17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon EC2 instances registered behind a Classic Load Balancer ELB EC2 instance EC2 instance EC2 instance
  18. 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Running two separate services with Classic Load Balancer ELB EC2 instance EC2 instance EC2 instance EC2 instance EC2 instance ELB EC2 instance orders.example.com images.example.com
  19. 19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ELB /orders example.com EC2 instance EC2 instance EC2 instance EC2 instance EC2 instance EC2 instance /images Application Load Balancer allows for multiple services to be hosted behind a single load balancer
  20. 20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. HTTP://example.com to HTTP://example.org:8080H T T P t o H T T P r e d i r e c t s Redirects in ALB H T T P t o H T T P S r e d i r e c t s HTTP://example.com to HTTPS://example.com HTTP://example.com:443 to HTTPS://example.com:40443 H T T P S t o H T T P S r e d i r e c t s HTTPS://example.com:443 to HTTPS://example.com:40443 U s e c a s e s 1 2 3 E x a m p l e s
  21. 21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Fixed response You can control which of the client requests should be served by the application fleet Load balancer can auto respond to HTTP requests based on any criteria supported by content-based routing rules You can configure HTTP response codes and custom error messages to be returned to the clients
  22. 22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Slowstart Slow start allows adding new targets without overwhelming them with a flood of requests Load balancer linearly increases the number of requests sent to a new target up to its fair share Allows targets to warm up before receiving their fair share of requests Useful for applications that depend on cache warming for optimal performance
  23. 23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. NativeIPv6support
  24. 24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  25. 25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ManagingTLS Legacy Model instances Amazon Route 53 users HTTPS Certificate Authority Admin Cert Request Signed Cert Deploy To Hosts
  26. 26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. UsingApplication Load Balancer instances Amazon Route 53 users HTTPS Certificate Authority Admin Cert Request Signed Cert Deploy To ALB Application Load Balancer IAM Upload to AWS Identity and Access Management (IAM)
  27. 27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Application Load Balancer &AWSCertificateManager (ACM) instances Amazon Route 53 users Application Load Balancer AWS Certificate Manager (ACM) HTTPS Admin Cert Request
  28. 28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Predefined security policies ELBSecurityPolicy-TLS-1-1-2017-01 – Supports TLS 1.1 and above ELBSecurityPolicy-TLS-1-2-2017-01 – Strictly supports TLS1.2 ELBSecurityPolicy-2016-08 – New default policy -Same as Classic Load Balancer default policy Windows XP Security Policy ELBSecurityPolicy-FS-2018-06 – Supports ciphers that ensure Forward secrecy ELBSecurityPolicy-TLS-1-2-Ext-2018-06 – Strictly supports TLS 1.2 protocol
  29. 29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Application Load Balancer withAWSWAF Monitor web requests and protect web applications from malicious requests at the load balancer Block or allow requests based on conditions such as IP addresses Preconfigured protection to block common attacks like SQL injection or cross-site scripting Set up web ACLs and rules from AWS WAF console and apply them to the load balancer X
  30. 30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ServerName Indication (SNI) Host multiple TLS secured applications, each with its own TLS certificate Bind multiple certificates to the same secure listener on your load balancer ALB will automatically choose the optimal TLS certificate for each client Support for both the classic RSA algorithm and the newer, faster Elliptic-curve based ECDSA algorithm
  31. 31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Authenticate users accessing applications Native integration with any OIDC compliant IDPs Authenticate with Social Identities Integration with Amazon Cognito Authenticate with Enterprise IDPs with SAML Authentication in ALB
  32. 32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. whoami Will Rose Senior Security Engineer Netflix Information Security
  33. 33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. NetflixIdentityPlatform
  34. 34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Landscape Hundreds of applications, growing daily With Great Freedom comes Great Variability Languages and Frameworks galore
  35. 35. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. IdentityChallenges Just use Client Libraries to Federate! Always playing catch-up to new languages and frameworks Open source options of varying quality and completeness Developer friction around configuration
  36. 36. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. IdentityChallenges Ok, then just use Authenticating Proxies! Additional critical infrastructure to maintain Potential bottlenecks and new failure modes to address Additional infrastructure cost to operate Proxy Layer Application Layer
  37. 37. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Pleaseselectone C. None of the above
  38. 38. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  39. 39. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CrazyTalk Auth == Undifferentiated Heavy Lifting! Why not Application Load Balancers!? Let’s talk to Amazon! Please ?
  40. 40. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AlphabetSoup Ingredients 1 x AWS 1 x ALB 1 x OIDC Simmer for 6 months Serves: everyone
  41. 41. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Under theHood Identity Headers X-Amzn-OIDC-Identity: will.rose@domain.com X-Amzn-OIDC-Access-Token: 1waGF…YW50 X-Amzn-OIDC-Data: eyJhbG...y4MbQQ
  42. 42. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Adoption Native Spinnaker integration Fully self-service with only a few clicks No new infrastructure required Identical integration experience across all languages Our recommended integration path for all applications
  43. 43. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you!
  44. 44. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Filtering by TAGs in console Filter load balancers and target groups by tags Enables you to view only the resources that you or your group is responsible for Reduces human errors of making changes to a wrong load balancer or target group
  45. 45. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Resourcelevel and tag based permissions Implement fine-grained access controls on load balancer resources using IAM policies Create policies either based on resource ARNs or specific tags on resources Create access control policies for load balancer, listener, rule, or target groups
  46. 46. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  47. 47. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Requests distributed evenly across multiple Availability Zones Load balancer absorbs impact of DNS caching Eliminates imbalances in backend instance utilization No additional bandwidth charge for cross-zone traffic Enabled on all ALBs by default Cross-zone load balancing
  48. 48. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Healthchecks allow for traffic to be shifted away from failed instances
  49. 49. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ELB EC2 instance EC2 instance EC2 instance Health checks ensure that request traffic is shifted away from a failed instance Health checks
  50. 50. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Support for HTTP and HTTPS health checks Customize the frequency and failure thresholds Consider the depth and accuracy of your health checks Customize list of successful response codes, for example 200-300 Details of health check failures are now returned by the API and Management Console Health checks
  51. 51. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  52. 52. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon EC2AutoScaling instance Amazon Route 53 users HTTPS Auto Scaling group instance instance Application Load Balancer
  53. 53. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. instance Amazon Route 53 users HTTPS Auto Scaling group instance instance instance instance instance Launch Configure Serve = Minutes Amazon EC2 Auto Scaling Application Load Balancer
  54. 54. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. instance Amazon Route 53 users HTTPS Elastic Container Service instance Amazon Elastic Container Service Application Load Balancer
  55. 55. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Containers: ALB integration with Kubernetes / EKS ALB Ingress Controller – Enabling host or path based routing to Kubernetes cluster. • ALB fronts multiple services and act as a “smart router” or entry point into the Kubernetes cluster • Rich Layer 7 routing features of ALB https://github.com/kubernetes-sigs/aws-alb-ingress-controller
  56. 56. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ALB w/Amazon ECS||Amazon EKSScaling instance Amazon Route 53 users HTTPS instance Start Run = Seconds Application Load Balancer Elastic Container Service
  57. 57. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  58. 58. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CloudWatch metrics provided for each load balancer Provide detailed insight into the health of the load balancer and application stack CloudWatch alarms can be configured to notify or take action should any metric go outside the acceptable range All metrics provided at the 1-minute granularity AmazonCloudWatch metrics
  59. 59. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Provide detailed information on each request processed by the load balancer Includes request time, client IP address, latencies, request path, and server responses Delivered to an Amazon S3 bucket every 5 or 60 minutes Access logs
  60. 60. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Exampleloadbalancer.com Amazon Route 53 users AWS Certificate Manager HTTPS AWS WAF permissions Amazon Cognito ECS container VPC peering EU-WEST-2 Application Load Balancer ECS container
  61. 61. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  62. 62. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Application Load Balancer pricing With the Application Load Balancer, you only pay for what you use. You are charged for each hour or partial hour your Application Load Balancer is running and the number of Load Balancer Capacity Units (LCU) used per hour • $0.0225 per Application Load Balancer-hour (or partial hour) • $0.008 per LCU-hour (or partial hour) Hourly charge is 10% less expensive than Classic Load Balanacerthan Classic Load Balancer; reducing the cost for the virtually all of our customers
  63. 63. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Load balancer capacity units An LCU measures the dimensions on which the Application Load Balancer processes your traffic (averaged over an hour). The four dimensions measured are as follows: • New connections: Up to 25 new connections per second • Active connections: Up to 3,000 active connections • Bandwidth: Up to 2.22 Mbps (1 GB per hour) • 1000 Rules Evaluation You are charged only on the dimension with the highest usage over the hour
  64. 64. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  65. 65. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Migrating to Application Load Balancer Publishing LCU Metrics for Classic Load Balancer which allows customers to estimate pricing if they migrate from Classic to ALB Migration is as simple as creating a new Application Load Balancer, registering targets, and updating DNS to point at the new CNAME Classic Load Balancer or Application Load Balancer migration utility https://github.com/aws/elastic-load-balancing-tools
  66. 66. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Network Load Balancer
  67. 67. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. New, layer 4 load-balancing platform Connection-based load balancing TCP protocol High performance Can handle millions of requests per sec Static IP support Ideal for applications with long running connections Network Load Balancer
  68. 68. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Improved Elastic Load Balancing API Listeners Target groups Targets Resources same as ALB
  69. 69. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.  Static IP  Preservation of Source IP  Availability  Monitoring : Metrics & Flow Logs  Pricing  Migration
  70. 70. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Static IP Automatically gets assigned a single IP per Availability Zone Assign an EIP per AZ to get Static IP Helps with white-listing for firewalls and zero dollar billing use cases
  71. 71. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AssignElasticIP addresses Network Load Balancer EC2 instance EC2 instances EC2 instance EC2 instances Assigning Elastic IP provides a single IP address per Availability Zone per load balancer that will not change. 1a 1b TargetGroup 1 34.214.45.162 54.69.111.179
  72. 72. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Preserve source IP Preserves client IP to backends Can be used for logging and other applications Removes need for Proxy Protocol Support for Proxy Protocol V2 when load balancing to IP addresses
  73. 73. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Firewall example with NLB External facing NLB uses fewer addresses Used for firewalls, proxies, or third- party load balancers Preserves source IP helping firewalls with features like Geo-IP blocking Internal NLB doesn’t change IPs Allows firewalls, WAFs, and proxies to maintain a single addresses for NAT FW FWFW FW External facing Network Load Balancer (NLB) Internal Network Load Balancer (NLB) Auto Scaling Auto Scaling Web Servers inside.domain.com outside.domain.com Internet
  74. 74. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  75. 75. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Supports both network and application target health checks Network health checks Based on overall response of yourtarget to normal traffic Will fail unresponsive targets in millisecond Application level health checks HTTP, HTTPS and TCP HC Customize frequency, failure thresholds Health checks
  76. 76. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Availability Zone fail-over Customer VPC EC2 InstancesNLB NLB EC2 Instances us-west-1aus-west-1b Amazon Route 53 TargetGroup 1 Health Check Health Check 34.214.45.162 54.69.111.179 34.214.45.162 54.69.111.179
  77. 77. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Availability Zone fail-over Customer VPC EC2 InstancesNLB NLB us-west-1aus-west-1b Amazon Route 53 TargetGroup 1 Health Check Health Check 54.69.111.179 34.214.45.162 34.214.45.162 54.69.111.179
  78. 78. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  79. 79. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CloudWatch metrics provided for each load balancer. Provide detailed insight into traffic and capacity, errors and backend health for the Network Load Balancer CloudWatch alarms can be configured to notify or take action should any metric go outside the acceptable range All metrics provided at the 1-minute granularity AmazonCloudWatch metrics
  80. 80. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Traffic and capacity metrics ActiveFlowCount - Total number of concurrent TCP flows (or connections) from clients to targets NewFlowCount - Total number of new TCP flows (or connections) established from clients to targets ProcessedBytes - Total number of bytes processed by the load balancer
  81. 81. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ResetCounts TCPClientResetCount – Number of reset (RST) packets sent from a client to a target TCPELBResetCount – Number of reset (RST) packets generated by the load balancer TCPTargetResetCount – Number of reset (RST) packets sent from a target to a client
  82. 82. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Backend health HealthyHostCount – Number of targets that are considered healthy UnHealthyHostCount – Number of targets that are considered unhealthy
  83. 83. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Captures the network flow for a specific quintuple, for a specific capture window Packets Bytes Capture window start and end Action - Accepted or Rejected status Log status Flow logs
  84. 84. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  85. 85. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Network Load Balancer pricing With the Network Load Balancer, you only pay for what you use. You are charged for each hour or partial hour your Network Load Balancer is running and the number of Load Balancer Capacity Units (LCU) used per hour • $0.0225 per Network Load Balancer-hour (or partial hour) • $0.006 per LCU-hour (or partial hour) Hourly charge is 10% cheaper than Classic Load Balancer; Data Processing charge is 25% cheaper than Classic and Application Load Balancer; reducing the cost for virtually all of our customers
  86. 86. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Load balancer capacity units - TCP An LCU measures the dimensions on which the Network Load Balancer processes your traffic (averaged over an hour). The three dimensions measured are as follows • New connections: Up to 800 new connections per second • Active connections: Up to 100,000 active connections • Bandwidth: Up to 2.22 Mbps (1 GB per hour) You are charged only on the dimension with the highest usage over the hour
  87. 87. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  88. 88. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Migrating to Network Load Balancer Migration is as simple as creating a new Network Load Balancer, registering targets, and updating DNS to point at the new CNAME Classic Load Balancer to Network Load Balancer migration utility https://github.com/aws/elastic-load-balancing-tools
  89. 89. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Which load balancer should I pick?
  90. 90. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Application Load Balancer Network Load Balancer Classic Load Balancer Protocol HTTP, HTTPS,HTTP/2 TCP TCP, SSL, HTTP, HTTPS SSL offloading and Encryption to Backend- server ✓ ✓ IP address as a target ✓ ✓ Path-based routing, Host- based routing ✓ Static IP and Elastic IP ✓ WebSockets ✓ ✓ Preserve client IP ✓ Container support ✓ ✓ User Authentication ✓
  91. 91. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. For TCP in VPC, use Network Load Balancer For all other use cases in VPC , use Application Load Balancer For Classic networking, use Classic Load Balancer
  92. 92. Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Pratibha Suryadevara suryadp@amazon.com Will Rose wrose@netflix.com
  93. 93. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

×