1
00:00:00,110 --> 00:00:02,370
Now let's learn about load balancing.

2
00:00:02,370 --> 00:00:04,560
And a question you may have is what is load balancing?

3
00:00:04,560 --> 00:00:08,420
Well, a load balancer is going to be a server

4
00:00:08,420 --> 00:00:10,870
or a set of servers that will forward traffic

5
00:00:10,870 --> 00:00:13,900
that is received to multiple backend

6
00:00:13,900 --> 00:00:16,970
or downstream EC2 instances or servers.

7
00:00:16,970 --> 00:00:18,000
So the idea is that for example,

8
00:00:18,000 --> 00:00:20,100
we have three EC2 instances

9
00:00:20,100 --> 00:00:21,400
and they're going to be

10
00:00:21,400 --> 00:00:24,040
fronted by an elastic load balancer,

11
00:00:24,040 --> 00:00:26,550
which is a set of servers behind the scenes.

12
00:00:26,550 --> 00:00:28,060
Now, what happens when you have, for example,

13
00:00:28,060 --> 00:00:30,670
three users directly connecting into

14
00:00:30,670 --> 00:00:32,330
your elastic load balancer?

15
00:00:32,330 --> 00:00:34,310
Well, the first one is going to have its

16
00:00:34,310 --> 00:00:38,440
load being sent in one backend EC2 instance

17
00:00:38,440 --> 00:00:40,100
and because there's load balancing well,

18
00:00:40,100 --> 00:00:43,710
if another user is connecting to your elastic load balancer,

19
00:00:43,710 --> 00:00:46,960
then it will be sent to another EC2 instance.

20
00:00:46,960 --> 00:00:48,040
And then finally,

21
00:00:48,040 --> 00:00:49,930
while if a third user is connecting to

22
00:00:49,930 --> 00:00:51,330
your elastic load balancer,

23
00:00:51,330 --> 00:00:53,270
that user will again be load balance

24
00:00:53,270 --> 00:00:55,540
and sense to the third EC2 instance.

25
00:00:55,540 --> 00:00:57,490
So the idea is that the more users you have,

26
00:00:57,490 --> 00:00:59,960
the more the load is going to be balanced across

27
00:00:59,960 --> 00:01:01,003
EC2 instances.

28
00:01:01,003 --> 00:01:04,360
But the idea is that your users do not know

29
00:01:04,360 --> 00:01:06,600
which backend instances they're connected to.

30
00:01:06,600 --> 00:01:09,120
They just know that they have to connect to your

31
00:01:09,120 --> 00:01:10,430
elastic load balancer,

32
00:01:10,430 --> 00:01:14,020
which gives them one end point of connectivity only.

33
00:01:14,020 --> 00:01:14,853
Now,

34
00:01:14,853 --> 00:01:15,740
why should you use a load balancer

35
00:01:15,740 --> 00:01:17,640
where you spread the load across

36
00:01:17,640 --> 00:01:19,610
multiple downstream instances,

37
00:01:19,610 --> 00:01:21,625
you're going to expose a single point of access

38
00:01:21,625 --> 00:01:23,850
to your applications as I just said.

39
00:01:23,850 --> 00:01:25,800
You're going to seamlessly handle failures

40
00:01:25,800 --> 00:01:26,810
of downstream instances

41
00:01:26,810 --> 00:01:28,370
because the load balancer will have

42
00:01:28,370 --> 00:01:29,750
some health check mechanisms

43
00:01:29,750 --> 00:01:31,790
and can understand to which instances

44
00:01:31,790 --> 00:01:34,110
and cannot send traffic to.

45
00:01:34,110 --> 00:01:36,220
You can do health checks on your instances.

46
00:01:36,220 --> 00:01:38,150
You can provide SSL termination.

47
00:01:38,150 --> 00:01:42,100
So if you have HTTPS encrypted traffic for you websites,

48
00:01:42,100 --> 00:01:44,270
you can enforce stickiness with cookies,

49
00:01:44,270 --> 00:01:45,980
high availability across zones

50
00:01:45,980 --> 00:01:47,600
and separate public traffic,

51
00:01:47,600 --> 00:01:50,600
from private traffic on your cloud.

52
00:01:50,600 --> 00:01:54,490
And we'll explore these concepts obviously in a deeper dive.

53
00:01:54,490 --> 00:01:59,050
So the elastic load balancer is a managed load balancer

54
00:01:59,050 --> 00:01:59,903
as such.

55
00:01:59,903 --> 00:02:01,110
AWS will be managing it,

56
00:02:01,110 --> 00:02:03,660
and we'll guarantees that it will be working no matter what.

57
00:02:03,660 --> 00:02:06,150
AWS we'll take care of upgrades, maintenance

58
00:02:06,150 --> 00:02:07,610
and high availability.

59
00:02:07,610 --> 00:02:11,610
And it will provide you a few configuration knobs to tweak

60
00:02:11,610 --> 00:02:14,010
the behavior of the load balancer.

61
00:02:14,010 --> 00:02:16,250
The idea is that using an elastic load balancer is a

62
00:02:16,250 --> 00:02:17,083
no-brainer

63
00:02:17,083 --> 00:02:18,386
because it will cost you less

64
00:02:18,386 --> 00:02:20,570
than setting up your own load balancer.

65
00:02:20,570 --> 00:02:22,600
And also if you had to manage your own load balancer,

66
00:02:22,600 --> 00:02:25,800
it will be a nightmare from a scalability perspective.

67
00:02:25,800 --> 00:02:30,400
So also the load balancer is integrated with so many AWS

68
00:02:30,400 --> 00:02:31,970
offerings and services.

69
00:02:31,970 --> 00:02:34,480
The idea is that it can be integrated with of course,

70
00:02:34,480 --> 00:02:35,360
EC2 instances,

71
00:02:35,360 --> 00:02:37,700
but also we'll see later on with the scaling groups,

72
00:02:37,700 --> 00:02:42,240
Amazon ECS, Certificate Manager, CloudWatch, Route 53,

73
00:02:42,240 --> 00:02:46,090
WAF Global Accelerator, and most likely more over time.

74
00:02:46,090 --> 00:02:48,160
So the idea is that the load balancer is a no-brainer

75
00:02:48,160 --> 00:02:50,960
when it comes to load balancing on AWS.

76
00:02:50,960 --> 00:02:52,760
Now I mentioned health checks.

77
00:02:52,760 --> 00:02:55,670
So health checks is a way for your elastic load balancer

78
00:02:55,670 --> 00:02:58,520
to verify whether or not an EC2 instance

79
00:02:58,520 --> 00:02:59,930
is properly working,

80
00:02:59,930 --> 00:03:01,670
because if it's not working properly,

81
00:03:01,670 --> 00:03:04,990
then we don't want to send any traffic to that instance.

82
00:03:04,990 --> 00:03:06,896
So they're crucial for load balancers

83
00:03:06,896 --> 00:03:10,530
and they are done by using

84
00:03:10,530 --> 00:03:14,030
a port and a routes to check the health button.

85
00:03:14,030 --> 00:03:15,750
So for example, in this example,

86
00:03:15,750 --> 00:03:17,980
I have the protocol being HDP,

87
00:03:17,980 --> 00:03:20,210
the port being 4567

88
00:03:20,210 --> 00:03:22,250
and the end points to be slash health

89
00:03:22,250 --> 00:03:24,390
because maybe this route is an easy way

90
00:03:24,390 --> 00:03:25,790
from an application perspective to

91
00:03:25,790 --> 00:03:28,150
check the health of my application.

92
00:03:28,150 --> 00:03:31,640
And if the EC2 instance does not respond

93
00:03:31,640 --> 00:03:32,690
with an okay response,

94
00:03:32,690 --> 00:03:35,250
which is usually the 200 status code of HDP,

95
00:03:35,250 --> 00:03:37,920
then the instance will be marked as unhealthy.

96
00:03:37,920 --> 00:03:41,300
And the elastic load balancer will not send traffic

97
00:03:41,300 --> 00:03:43,542
to that instance.

98
00:03:43,542 --> 00:03:44,390
Okay,

99
00:03:44,390 --> 00:03:49,210
so now you have four kinds of managed load balancers on AWS.

100
00:03:49,210 --> 00:03:50,420
You have the classic load balancer,

101
00:03:50,420 --> 00:03:54,320
which are called older generation or V1, which is from 2009,

102
00:03:54,320 --> 00:03:56,170
and it's called CLB.

103
00:03:56,170 --> 00:04:00,010
Now, it's compatible with HTTP, HTTPS, TCP, SSL,

104
00:04:01,330 --> 00:04:03,110
or security CP.

105
00:04:03,110 --> 00:04:05,850
And overall AWS not want you to use

106
00:04:05,850 --> 00:04:07,260
that load balancer anymore.

107
00:04:07,260 --> 00:04:10,430
So it is going to be shown as deprecated within the console,

108
00:04:10,430 --> 00:04:12,230
but still available to use.

109
00:04:12,230 --> 00:04:14,180
Then we have newer generations load balancer.

110
00:04:14,180 --> 00:04:15,940
So we have the application load balancer

111
00:04:15,940 --> 00:04:19,240
from 2016 or so-called ALB.

112
00:04:19,240 --> 00:04:23,980
And this one supports HTTP, HTTPS and web socket protocol.

113
00:04:23,980 --> 00:04:27,591
Then we have the network load balancer from 2017,

114
00:04:27,591 --> 00:04:32,343
which supports the TCP, TLS, security CP and UDP protocols.

115
00:04:32,343 --> 00:04:36,253
And then finally we have the gateway load balancer from 2020

116
00:04:36,253 --> 00:04:39,710
GWLB, which operates at the network layer,

117
00:04:39,710 --> 00:04:41,956
so there are three and the IP protocol.

118
00:04:41,956 --> 00:04:45,150
So overall it is definitely recommended for you to use

119
00:04:45,150 --> 00:04:46,540
the newer generation load balancers

120
00:04:46,540 --> 00:04:48,230
as they provide more features.

121
00:04:48,230 --> 00:04:51,220
And some load balancers can be set up as internal,

122
00:04:51,220 --> 00:04:55,700
so private and private access for the network

123
00:04:55,700 --> 00:04:57,087
or external public load balancers,

124
00:04:57,087 --> 00:05:00,820
for example, for your websites and public applications.

125
00:05:00,820 --> 00:05:03,060
Finally, you need to understand the security

126
00:05:03,060 --> 00:05:04,850
around the load balancers.

127
00:05:04,850 --> 00:05:08,800
So the users can access your load balancer from anywhere

128
00:05:08,800 --> 00:05:10,780
using HTTP or HTTPS.

129
00:05:10,780 --> 00:05:13,860
And therefore the security group rule is going to look like

130
00:05:13,860 --> 00:05:14,960
something like this,

131
00:05:14,960 --> 00:05:17,650
where the port range is going to be 80 or 443.

132
00:05:17,650 --> 00:05:20,090
And the source is going to be 0.0.0.0/0,

133
00:05:20,090 --> 00:05:21,310
which means anywhere.

134
00:05:21,310 --> 00:05:24,320
And so we allow the users to connect to our load balancer,

135
00:05:24,320 --> 00:05:27,093
but then the cool thing is that EC2 instances

136
00:05:27,093 --> 00:05:29,690
should only allow traffic coming directly

137
00:05:29,690 --> 00:05:31,400
from the load balancer.

138
00:05:31,400 --> 00:05:35,440
And therefore the security group rule of your EC2 instances

139
00:05:35,440 --> 00:05:37,210
is going to look a little bit different.

140
00:05:37,210 --> 00:05:40,790
So it's going to allow HTTP traffic on port 80

141
00:05:40,790 --> 00:05:43,350
and the source of it is not going to be an IP range

142
00:05:43,350 --> 00:05:45,580
is going to be a security group.

143
00:05:45,580 --> 00:05:47,960
So we're going to link the security group

144
00:05:47,960 --> 00:05:49,340
of the EC2 instance,

145
00:05:49,340 --> 00:05:51,660
to the security group of the load balancer.

146
00:05:51,660 --> 00:05:53,690
And effectively what this will do is that it will say

147
00:05:53,690 --> 00:05:56,580
that the EC2 instance is only allowing traffic

148
00:05:56,580 --> 00:06:00,420
if the traffic originates from the load balancer,

149
00:06:00,420 --> 00:06:03,270
which is an enhanced security mechanism.

150
00:06:03,270 --> 00:06:05,930
So that's, it's for the overview of load balancers.

151
00:06:05,930 --> 00:06:06,763
I hope you liked it.

152
00:06:06,763 --> 00:06:07,596
And obviously in this section,

153
00:06:07,596 --> 00:06:09,530
we're going to discuss a lot more around

154
00:06:09,530 --> 00:06:11,350
classic application load balancers

155
00:06:11,350 --> 00:06:12,730
and network load balancers

156
00:06:12,730 --> 00:06:14,630
So I will see you in the next lecture.