DEV Community

Cover image for Managing High Traffic Applications with AWS Elastic Load Balancer and Terraform
frankfolabi
frankfolabi

Posted on

Managing High Traffic Applications with AWS Elastic Load Balancer and Terraform

You just configured your infrastructure to auto scale when the traffic increases. How would you manage the traffic and ensure some servers are not overwhelmed while others are not underserved? This is the essence of load balancing - to ensure traffic is distributed to your servers in a manner not

AWS offers elastic load balancing resources for layers 3, 4, and 7 of the OSI model. These are the Gateway load balancer, Network load balancer, and the Application load balancer types. The application load balancer (ALB) would be used for this webapp.

Creating the ALB

resource "aws_lb" "webserver" {
  name = "tf-example"
  load_balancer_type = "application"
  subnets = data.aws_subnets.default.ids
  security_groups = [aws_security_group.alb.id]
}
Enter fullscreen mode Exit fullscreen mode

Notice that the code block references the available subnet data, and the security group created for the ALB. The ALB security group would be covered soon. Next, create the ALB listener.

Creating the ALB listener

resource "aws_lb_listener" "webserver" {
  load_balancer_arn = aws_lb.webserver.arn
  port = 80
  protocol ="HTTP"

  default_action {
    type = "fixed-response"

    fixed_response {
      content_type = "text/plain"
      message_body ="404: page not found"
      status_code = 404
    }
  }
}
Enter fullscreen mode Exit fullscreen mode

This resource used the port 80 and the http protocol. A fixed response was also set in case there is an error on the page and a status code of 404 was used.

Create security group for load balancer

resource "aws_security_group" "alb" {
  name = "tf-example"

  # Allow inbound HTTP request
  ingress {
    from_port = 80
    to_port = 80
    protocol = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

   #Allow outbound requests
  egress {
    from_port = 0
    to_port = 0
    protocol = "-1"
    cidr_blocks = ["0.0.0.0/0"]   
  }
}
Enter fullscreen mode Exit fullscreen mode

The security group rule for the ALB is different from the one set for the webapp. Here the ALB accepts traffic from port 80 from any traffic on the internet while it sends out request to all ports. Let's set the target group that would be used of the autoscaling.

Create target group for auto scaling group

resource "aws_lb_target_group" "webserver" {
  name = "tf-example"
  port =  var.server_port
  protocol = "HTTP"
  vpc_id = data.aws_vpc.default.id

  health_check {
    path = "/"
    protocol = "HTTP"
    matcher = "200"
    interval = 15
    timeout = 3
    healthy_threshold = 2
    unhealthy_threshold = 2
  }
}
Enter fullscreen mode Exit fullscreen mode

There is a health check set up to confirm if the webservers are healthy or unhealthy. The target group will health check the webservers by periodically sending an HTTP request to each webserver. If the response matches the matcher then it determines it is healthy. Otherwise, it would be marked as unhealthy. The webserver will be using the port already defined in the variable and it will be placed in the default VPC. Finally, the ALB listener rules need to be created.

Create the ALB listener rules

resource "aws_lb_listener_rule" "asg" {
  listener_arn = aws_lb_listener.webserver.arn
  priority = 100

  condition {
    path_pattern {
      values = ["*"]
    }
  }
  action {
    type = "forward"
    target_group_arn = aws_lb_target_group.webserver.arn
  }
}
Enter fullscreen mode Exit fullscreen mode

This listener rule sends request that matches any path to the terget group that contains the autoscaling group. The output block will filter out the application load balancer DNS name. This would be used to check the webapp.

output "alb_dns_name" {
    value = aws_lb.webserver.dns_name
    description = "The domain name of the load balancer"
}
Enter fullscreen mode Exit fullscreen mode

You are now good to go. Run terraform validate to check if the configuration file syntax is valid. The run terraform plan to check the changes that will take place. After seeing the new resources that would be created, run terraform apply. Here is the output.

outputs

On the terminal, you can verify the webapp is running by using the curl comand. Run curl http://<alb-dns-name>
curl on terminal

The webserver is now highly available and receiving its traffic from a load balancer which is more secure.

We can check the AWS console to see some of the resources created by Terraform. Here are the instances running

Instances running

and the security groups created
security group

as well as the load balancer

load balancer

along with the autoscaling group.
auto scaling group

To clean up all resources, simply run terraform destroy.

In the future, other components would be added to the architecture. Feel free to ask your questions.

Top comments (0)