Day 24.Setting Up an Application Load Balancer for an EC2 Instance

Lab Information

The Nautilus DevOps team is currently working on setting up a simple application on the AWS cloud. They aim to establish an Application Load Balancer (ALB) in front of an EC2 instance where an Nginx server is currently running. While the Nginx server currently serves a sample page, the team plans to deploy the actual application later.

Set up an Application Load Balancer named devops-alb.

Create a target group named devops-tg.

Create a security group named devops-sg to open port 80 for the public.

Attach this security group to the ALB.

The ALB should route traffic on port 80 to port 80 of the devops-ec2 instance.

Make appropriate changes in the default security group attached to the EC2 instance if necessary.

Lab Solutions

🧭 Step-by-Step Solution
🔹 STEP 1: Create Security Group for ALB (devops-sg)

Go to EC2 → Security Groups

Click Create security group

Set:

Security group name: devops-sg

Description: ALB security group

VPC: Default VPC

Inbound rules → Add rule

Type: HTTP

Port: 80

Source: 0.0.0.0/0

Leave Outbound rules as default

Click Create security group

✅ This allows public internet traffic to the ALB.

🔹 STEP 2: Create Target Group (devops-tg)

Go to EC2 → Target Groups

Click Create target group

Configure:

Target type: Instances

Target group name: devops-tg

Protocol: HTTP

Port: 80

VPC: Default VPC

Health checks

Protocol: HTTP

Path: / (default, works with Nginx)

Click Next

Select devops-ec2

Port: 80

Click Include as pending

Click Create target group

🔹 STEP 3: Create Application Load Balancer (devops-alb)

Go to EC2 → Load Balancers

Click Create load balancer

Choose Application Load Balancer

Basic configuration

Name: devops-alb

Scheme: Internet-facing

IP address type: IPv4

Network mapping

VPC: Default VPC

Availability Zones: Select at least 2 subnets

Security groups

Remove default SG

Select devops-sg

Listeners & routing

Listener: HTTP : 80

Forward to: devops-tg

Click Create load balancer

🔹 STEP 4: Update EC2 Security Group (VERY IMPORTANT)

Your EC2 instance must allow traffic from the ALB, otherwise it will fail health checks.

Go to EC2 → Instances

Select devops-ec2

Click its Security Group

Edit inbound rules

Add rule:

Type: HTTP

Port: 80

Source: Security group

Select: devops-sg

❌ Do NOT leave it open to 0.0.0.0/0 unless the lab allows it
✅ Best practice is ALB → EC2 only

Save rules.

🔹 STEP 5: Verify Everything Works
1️⃣ Check Target Group Health

EC2 → Target Groups → devops-tg

Targets should show Healthy

2️⃣ Access the ALB

EC2 → Load Balancers → devops-alb

Copy DNS name, e.g.:

devops-alb-30750798.us-east-1.elb.amazonaws.com

Open in browser:

http://

✅ You should see the Nginx welcome page

---

Resources & Next Steps

📦 Full Code Repository: KodeKloud Learning Labs

📖 More Deep Dives: Whispering Cloud Insights - Read other technical articles

💬 Join Discussion: DEV Community - Share your thoughts and questions

💼 Let's Connect: LinkedIn - I'd love to connect with you

---

Credits

• All labs are from: KodeKloud

• I sincerely appreciate your provision of these valuable resources.

---