Cloud High Availability & Scalability PDF
Document Details
Uploaded by Deleted User
Tags
Summary
This document explains elastic load balancers and different types of load balancers, along with Auto Scaling Groups. It describes the features and functionalities of these cloud computing tools, providing a conceptual overview.
Full Transcript
CHAPTER: 4 HIGH AVAILABILITY & SCALABILITY IN CLOUD Elastic Load Balancer : ELB Load Balancers are servers that forward internet traffic to multiple servers (EC2) downstream. why would we use a load balancer? Spread load across multiple instances Expose a single point of access (DNS) to your...
CHAPTER: 4 HIGH AVAILABILITY & SCALABILITY IN CLOUD Elastic Load Balancer : ELB Load Balancers are servers that forward internet traffic to multiple servers (EC2) downstream. why would we use a load balancer? Spread load across multiple instances Expose a single point of access (DNS) to your application seamlessly handle failures of instances, through health checks Do regular health checks to your instances Provide SSL Termination (HTTPS) for your website Enforce stickiness with cookies HA across AZs Separate public traffic from private traffic Elastic Load Balancing features : Security High availability High throughput Health checks Sticky sessions Operational monitoring & logging Delete protection ELB Types of Load Balancers on AWS : Application Load Balancer(ALB) : An Application Load Balancer functions at the application layer, the seventh layer of the Open Systems Interconnection (OSI) model. After the load balancer receives a request, it evaluates the listener rules in priority order to determine which rule to apply, and then selects a target from the target group for the rule action. You can configure listener rules to route requests to different target groups based on the content of the application traffic. Routing is performed independently for each target group, even when a target is registered with multiple target groups. You can configure the routing algorithm used at the target group level. The default routing algorithm is round robin; alternatively, you can specify the least outstanding requests routing algorithm. HTTP, HTTPS, Web Socket supports SSL It balances HTTP / HTTPS traffic, you can also create advanced request routing sending specific requests to specific web servers Network Load Balancer (NLB) : A Network Load Balancer functions at the fourth layer of the Open Systems Interconnection (OSI) model. It can handle millions of requests per second. After the load balancer receives a connection request, it selects a target from the target group for the default rule. It attempts to open a TCP connection to the selected target on the port specified in the listener configuration. TCP, TLS (secure TCP) & UDP supports SSL It balances TCP (layer 4) traffic Forward TCP & UDP traffic to your instances. Network Load Balancer can handle millions of requests per second while maintaining ultra-low latencies, ~100ms, where latencies will be around 400ms for ALB NLB has one static IP per AZ and supports assigning Elastic IP Classic Load Balancer : HTTP, HTTPS, TCP DO NOT support SSL This is just legacy Load Balancers Gateway Load Balancer : AWS Gateway Load Balancer is a managed service from AWS It enables clients to create and maintain multiple inline virtual network appliances scalable. It operates at the third layer of the OSI model, the network layer. It listens for all IP packets on all ports and sends traffic to the listener rule’s defined Target group. Gateway Load Balancer : Associate an SSL certificate with an Application Load Balancer : 1. Open the Amazon EC2 console. 2. In the navigation pane, choose Load Balancers, and then choose your Application Load Balancer. 3. Choose Add listener. 4. For Protocol, choose HTTPS. 5. For port, choose 443. 6. For Default action(s), choose Forward to, and then select your ALB target group from the dropdown list. 7. For Default SSL certificate, choose From ACM (recommended) and then choose the ACM certificate. 8. Click Save. Table of Comparison : Auto Scaling Group (ASG) : The goal for an ASG is to: Scale in to match an increased load Scale out to match the decreased load Ensure minimum / maximum number of running instances Automatically register new instances to a load balancer Scaling Policies : Launch Configurations are where the details (AMI, IAM) are specified for creating/launching new instances Target Tracking Scaling : Most simple and easy to set-up Example I want the average ASG CPU to stay at around 40% Simple / Step Scaling When some metrics is triggered, do something Scheduled Actions eg. increase the min capacity to 10 at 5 pm. Auto Scaling Group (ASG) : Amazon RDS (Relational Database Service) : Amazon Relational Database Service (RDS) is a managed SQL database service provided by Amazon Web Services (AWS). Amazon RDS facilitates the deployment and maintenance of relational databases in the cloud It helps with relational database management tasks, such as data migration, backup, recovery and patching. Amazon RDS is not itself a database; it is a service used to manage relational databases Amazon RDS features : Replication Storage Monitoring Patching Backups Incremental billing Encryption Amazon Aurora : Amazon Aurora (Aurora) is a fully managed relational database engine that's compatible with MySQL and PostgreSQL Aurora includes a high-performance storage subsystem. It is customized to take advantage of that fast distributed storage Aurora cluster volume can grow to a maximum size of 128 tebibytes (TiB) Aurora is part of the managed database service of Amazon RDS It can run only on AWS infrastructure. It's not like a MySQL database that can be installed on a local device. It serves up to five times better performance than MySQL at a price one-tenth of that Commercial databases Features of Amazon Aurora: Available and Durable Higher Security High Scalability and performance Compatibility with MySQL and PostgreSQL Fully Managed Pricing You are charged for DB instance hours, I/O requests, Backup storage and Data transfer. You can purchase On-Demand Instances and pay by the hour for the DB instance Hours that you use, or Reserved Instances to reserve a DB instance for a one-year or three-year term RDS - Database engines: RDS Encryption + Security : Amazon RDS Security : Amazon RDS provide a set of features to ensure that your data is securely stored and accessed Run your database in Amazon Virtual Private Cloud (VPC) for network-level isolation Use security groups to control what IP addresses or Amazon EC2 instances can connect to your databases Use AWS Identity and Access Management (IAM) policies to assign permissions that determine who is allowed to manage Amazon RDS resources Amazon RDS Encryption Encryption of Data at Rest Amazon RDS encrypts your databases using keys you manage with the AWS Key Management Service (KMS). On a database instance running with Amazon RDS encryption, data stored at rest is encrypted, as well as its automated backups, read replicas, and snapshots Encryption of Data in Transit Use Secure Socket Layer / Transport Layer Security (SSL/TLS) connections to encrypt data in transit.