How to assign Static IP on application load balancer using AWS Global Accelerator

“Challenges faced to find the solution of how to assign a static ip on Application Load Balancer(ALB)”. First and foremost, I thought about how it will be possible to assign the Static IP on my ALB. Then I tried to search for a solution and went through many documents because I have never heard that it is possible. Then i got some documents in which i found that it is possible using network load balancer in front of application load balancer. As we all know in Network Load Balancer(NLB) it is possible to assign a static ip as we can select a single AZ in it but application load balancer is always in multi AZ so it will not be possible. So I have checked the approx cost of using NLB and also how to secure it from public access as NLB do not have a security group. Also i got a document in which i can take NLB with ALB using cloudformation but in both cases the costing is high as per my budget. Also I need to assign the ip on my existing ALB infra, so i have checked the AWS Global accelerator service and the cost for using it. Then I felt using AWS global accelerator with ALB is more easy and cost friendly for me instead of having NLB or Cloudformation.

AWS Global Accelerator is a service in which you create accelerators to improve availability and performance of your applications for local and global users. Global Accelerator directs traffic to optimal endpoints over the AWS global network. This improves the availability and performance of your internet applications that are used by a global audience. Global Accelerator is a global service that supports endpoints in multiple AWS Regions, which are listed in the AWS Region Table.

By default, Global Accelerator provides you with two static IP addresses that you associate with your accelerator.(Or you can configure these entry points to be IPV4 addresses from your own IP address ranges). The static IP addresses are anycast from the AWS edge network and distribute incoming application traffic across multiple endpoint resources in multiple AWS Regions, which increases the availability of your applications.

Endpoints can be Network Load Balancers, Application Load Balancers, Amazon EC2 instances or Elastic IP addresses that are located in one AWS Region or multiple Regions. Global Accelerator uses the AWS global network to route traffic to the optimal regional endpoint based on health, client location, and policies that you configure. The service reacts instantly to changes in health or configuration to ensure that internet traffic from clients is always directed to healthy endpoints. To learn more, read the AWS Global Accelerator.

In this post, you will get to know how to assign static ip on application load balancer using AWS Global Accelerator. Here I have taken a centos ec2 server and created an internet-facing application load balancer in which I need to assign a static ip for improving performance of application and ease of access by users.

Prerequisites

You’ll need an Amazon EC2 Server for this post. Getting started with amazon EC2 provides instructions on how to launch an EC2 Server.

You’ll also need an Application Load Balancer. Getting started with ALB provides instructions on how to create an ALB. For this blog, I assume that I have an ec2 server and an internet-facing application load balancer which servers the application.

Architecture Overview

Diagram 1


Diagram 2

Diagram 3

The architectural diagrams show the overall deployment architecture with data flow, Ec2 instance, Application Load Balancer and AWS Global Accelerator.

Solution overview

The blog post consists of the following phases:

1. Enter the name of AWS Global Accelerator.
2. Add listeners in AWS Global Accelerator.
3. Add endpoint groups in AWS Global Accelerator.
4. Add endpoints in AWS Global Accelerator and create the global accelerator.
5. Edit of created AWS Global Accelerator(If need to do the changes).
6. Testing of static ip assigned on application load balancer.

I have a ec2 server and an internet-facing application load balancer as below →

Phase 1: Enter the name of AWS Global Accelerator

1. Open the AWS Global Accelerator service in the aws console and click on the create accelerator button.
2. You can see the Basic configuration page where you need to enter the name of global accelerator service. I have entered the accelerator name as Testingserver-static ip.
3. In the IP address type tab by default its chosen option as IPv4.
4. In the IP address pool selection option, click on the arrow in front of it and you can see by default the static ip address1 and static ip address 2 tab having Amazon’s pool of ip address option set.
5. In the Tags option, click on the arrow in front of it and then you can add tags by clicking on the add tag button.
6. In the key tab, you can enter any custom tag key I have entered as “NAME”.
7. In the value tab, you can enter any value as you want I have entered as “testingserver”. Also you can add as many tags as you want with different keys and values. And can able to remove the assigned tag using the remove button.
8. Click on the next button.

Phase 2: Add listeners in AWS Global Accelerator

1. In the listeners page you need to enter the port in the ports tab I have entered as 80.
2. In the protocol tab, you can choose the type as TCP or UDP I have chosen as TCP option.
3. In the client affinity tab, you can choose option as None or source IP I have chosen option as None.
4. You can add as many listeners as you want with different ports, protocol and client affinity by clicking on the add listener button.
5. You are able to remove the listeners if you want to by clicking on the remove button. And then click on the next button.

Phase 3: Add endpoint groups in AWS Global Accelerator

1. In regions tab, you can choose the endpoint group region in which the endpoint exists.
2. I have chosen the region as ap-south-1 for my endpoint.
3. In the traffic dial option, you are able to enter the value as per range from 0 to 100. I have set it as 100. And you are able to remove it as well using the remove button.
4. You can add endpoint groups as many you want with different regions.
5. In the configure health checks option you can click on the arrow in front of it and can set the health check option as per requirement. In the health check port tab, I have set the port as 80. Range available as 1 to 65535.
6. In the health check protocol tab, I have set the option as HTTP. Option available as TCP, HTTP and HTTPS.
7. In the health check interval option, I have chosen value as 30. Options available as 10 or 30.
8. In the threshold count option, I have set value as 3. Range available from 1 to 10.
9. Click on the next button.

Phase 4: Add endpoints in AWS Global Accelerator and create the global accelerator.

1. In the endpoint group, you can add the endpoint by clicking on the add endpoint button and also can add as many endpoints as you want. Also able to remove it using the remove button.
2. In the endpoint type tab, I have chosen the endpoint as application load balancer. Options available as application load balancer, network load balancer, ec2 instance and elastic ip address.
3. In the endpoint tab, you can choose the endpoint on which you need to assign the static ip. I have chosen the application load balancer endpoint.
4. In the weight option, I have set the value as 128. Range available as 0 to 255. Also tick on preserve client ip address and click on the create accelerator button.
5. Global accelerator successfully created as below with “Testingserver-staticip”.

Phase 5: Edit of created AWS Global Accelerator(If need to do the changes).

1. Goto accelerator and choose edit option. And you are able to enable or disable the accelerator created using the on or off option while editing the accelerator.
2. Select the listener and choose the edit option. Also you are able to check the listener status as “All healthy” if everything is fine with the listener.
3. You can edit the endpoint group as below for changing health check settings.
4. You can see the status of the accelerator as “In Progress” while creating. Status will be as “Deployed” once the accelerator is ready.

Phase 6: Testing of static ip assigned on application load balancer.

1. Page display from ec2 server ip.
2. Page display from application load balancer endpoint.
3. Page display from two static ip assigned on application load balancer.
4. If we will disable the accelerator, then the application page will not be displayed from static ip.

Clean-up

Delete the environment as: EC2, Application Load Balancer, AWS Global Accelerator.

Pricing

I review the pricing and estimated cost of this example.

For every accelerator that is provisioned (both enabled and disabled), you are charged a fixed hourly fee and an incremental charge over your standard Data Transfer rates, also called a Data Transfer-Premium fee (DT-Premium). DT-Premium is calculated every hour on the dominant direction of your traffic, i.e. inbound traffic to your application or outbound traffic from your application to your users on the internet.
Fixed fee: For every full or partial hour when an accelerator runs in your account, you are charged $0.025 until it is deleted.
Data Transfer-Premium fee (DT-Premium): This is a rate per gigabyte of data transferred over the AWS network.

You can learn more by visiting the AWS Global Accelerator pricing service details page.

In my case, costing of using AWS global accelerator service:
Monthly fixed fee --
Assuming your accelerator runs 24 hours a day for 30 days in a month, you are charged a $18 monthly fixed rate for that accelerator.

Monthly DT-Premium fee --
If the monthly amount of data transferred over the AWS network via your accelerator is 10,000 GB, 60% of your traffic is outbound traffic from your application to your users on the internet, and the remaining 40% is inbound traffic from your users on the internet to your application in the AWS Regions. Every hour, you are charged only for the outbound traffic to your users, as that's the dominant direction of your traffic. So, you are charged for 6,000 GB a month and not all 10,000 GB.

6000 GB - monthly charge - $0.032/GB - $192 per month

If monthly data transferred outbound traffic -->

1000 GB - monthly charge - $0.032/GB - $32 per month

Your monthly DT-Premium charge is $32 and, including the $18 monthly fixed fee, your total AWS Global Accelerator monthly bill is $50.

Summary

In this post, I had shown you how to assign static ip on application load balancer using AWS Global Accelerator.

For more details on global accelerator service, Checkout Get started with AWS Global Accelerator, open the AWS Global Accelerator console. To learn more, read the AWS Global Accelerator documentation.

Thanks for reading!

Connect with me: Linkedin

Comments

[redbaronever]

Thanks for the tutorial.
As i can see that 2 static IP address is automatically created for AWS Global Accelerator.
But can i change them to an already ip address that already created in aws? (I created an elastic ip address on aws at console.aws.amazon.com/ec2/)

[GargeeBhatnagar]

Hi,
As you already mentioned that Global Accelerator creates its own static IP. So it can be assigned on ALB endpoint, NLB, EC2 or elastic IP. But you cannot able to associate the elastic IP address(created in ec2 console) on global accelerator as a static IP..

[Jason Dunn [AWS]]

Wow, epic article! Nice. 👏

[GargeeBhatnagar]

ThankYou😀

[Dmytro]

Thanks for the article!
Just want to add, in my infrastructure I used a web site which was already configured through the Application Load Balancer, with a custom DNS name in Route53.
In order to let the traffic in, you need to specify the AWS Global Accelerator DNS as the Alias for AWS Global Accelerator in your domain A record (instead of the Application Load Balancer Alias).

[toshalkhawale]

Really Nice problem Solving approach applied , Brilliant Article Gargee

[GargeeBhatnagar]

ThankYou Soo Much 😀