AWS Load Balancer Setup: ALB and NLB Implementation Guide 🚀

#aws #cloud #devops #infrastructureascode

Introduction 👋

In this guide, I'll share my hands-on experience setting up both Application Load Balancer (ALB) and Network Load Balancer (NLB) in AWS. This implementation includes path-based routing and TCP traffic handling.

Prerequisites 📝

AWS Account with appropriate permissions
Basic understanding of AWS networking concepts
Understanding of load balancing principles

Infrastructure Components 🏗️

Our setup includes:

VPC with public and private subnets
Internet Gateway
Route Tables
Security Groups
EC2 instances
Application Load Balancer (ALB)
Network Load Balancer (NLB)

Step-by-Step Implementation Guide 🛠️

1. VPC Setup

# Create VPC
aws ec2 create-vpc --cidr-block 10.0.0.0/16

# Create Subnets
aws ec2 create-subnet --vpc-id <vpc-id> --cidr-block 10.0.1.0/24 # Public Subnet
aws ec2 create-subnet --vpc-id <vpc-id> --cidr-block 10.0.2.0/24 # Private Subnet 1
aws ec2 create-subnet --vpc-id <vpc-id> --cidr-block 10.0.3.0/24 # Private Subnet 2

# Create and attach Internet Gateway
aws ec2 create-internet-gateway
aws ec2 attach-internet-gateway --vpc-id <vpc-id> --internet-gateway-id <igw-id>

2. Application Load Balancer (ALB) Configuration 🌐

Create Target Groups:

# Create target group for /foo path
aws elbv2 create-target-group \
    --name foo-target-group \
    --protocol HTTP \
    --port 80 \
    --vpc-id <vpc-id>

# Create target group for /bar path
aws elbv2 create-target-group \
    --name bar-target-group \
    --protocol HTTP \
    --port 80 \
    --vpc-id <vpc-id>

Create ALB:

aws elbv2 create-load-balancer \
    --name my-application-lb \
    --subnets <subnet-1> <subnet-2> \
    --security-groups <security-group-id> \
    --type application

Configure Listeners with Path-Based Routing:

aws elbv2 create-listener \
    --load-balancer-arn <alb-arn> \
    --protocol HTTP \
    --port 80 \
    --default-actions \
    Type=forward,TargetGroupArn=<default-target-group-arn>

3. Network Load Balancer (NLB) Setup ⚡

Create TCP Target Group:

aws elbv2 create-target-group \
    --name tcp-target-group \
    --protocol TCP \
    --port 80 \
    --vpc-id <vpc-id>

Create NLB:

aws elbv2 create-load-balancer \
    --name my-network-lb \
    --type network \
    --subnets <subnet-id>

4. EC2 Instance Configuration 💻

Launch EC2 instances in private subnets:

aws ec2 run-instances \
    --image-id ami-12345678 \
    --instance-type t2.micro \
    --subnet-id <private-subnet-id> \
    --user-data file://user-data.sh

User Data Script for /foo instance:

#!/bin/bash
apt-get update -y
apt-get install -y apache2
systemctl start apache2
systemctl enable apache2
mkdir -p /var/www/html/foo
echo "<h1>Welcome to foo</h1>" > /var/www/html/foo/index.html

User Data Script for /bar instance:

#!/bin/bash
apt-get update -y
apt-get install -y apache2
systemctl start apache2
systemctl enable apache2
mkdir -p /var/www/html/bar
echo "<h1>Welcome to bar</h1>" > /var/www/html/bar/index.html

ALB Security Group:

aws ec2 create-security-group \
    --group-name alb-sg \
    --description "Security group for ALB"

aws ec2 authorize-security-group-ingress \
    --group-id <security-group-id> \
    --protocol tcp \
    --port 80 \
    --cidr 0.0.0.0/0

Testing and Verification ✅

Test ALB Path-Based Routing:
- Access http://<alb-dns>/foo
- Access http://<alb-dns>/bar
Test NLB TCP Connection:
- Use netcat or telnet to test TCP connectivity
- Verify static IP assignment

Monitoring and Maintenance 📊

CloudWatch Metrics to Monitor:
- RequestCount
- TargetResponseTime
- HealthyHostCount
- UnHealthyHostCount
Set up CloudWatch Alarms:

aws cloudwatch put-metric-alarm \
    --alarm-name ALB-HighLatency \
    --metric-name TargetResponseTime \
    --namespace AWS/ApplicationELB \
    --statistic Average \
    --period 300 \
    --threshold 5 \
    --comparison-operator GreaterThanThreshold

Troubleshooting Tips 🔍

Common issues and solutions:

Health Check Failures:
- Verify security group rules
- Check target group settings
- Validate instance health
Routing Issues:
- Confirm listener rules
- Verify path configurations
- Check target group attachments

Conclusion 🎉

This setup provides a robust load balancing solution with:

Path-based routing using ALB
TCP traffic handling with NLB
High availability across multiple subnets
Proper security configurations

Speedy emails, satisfied customers

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.