Skip to content

Introduction to Elastic Load Balancing in AWS

Load balancing is a fundamental component for building fault tolerant applications that scale. AWS offers a fully managed, production ready load balancing suite tailored to various traffic types and use cases – delivering high availability, security at scale, and lower total cost compared to legacy hardware balancers.

In this comprehensive technical deep dive, we will analyze Elastic Load Balancing through the lens of cloud architecture patterns, data, benchmarks, and infrastructure topology best practices.

The Evolution of Load Balancing

Before diving into capabilities of AWS‘ managed load balancing service, let‘s quickly recap how networks have historically distributed traffic.

Legacy Hardware Load Balancers

In traditional 3-tier architecture, a hardware appliance distributes requests from clients to any one of many homogeneous application servers.

[Diagram of hardware balancer in legacy architecture]

This model presented challenges:

  • Single point of failure – Application offline if dedicated balancer failed
  • Overprovisioning – Expensive to provide peak capacity hardware
  • Vendor lock-in – Proprietary devices with no automation

The Emergence of Software Load Balancers

With the transition to software, load balancing logic could be run on commodity servers for higher availability and reduced costs.

But operational overhead introduced complexity:

  • Multi-cloud capabilities – lacking
  • Time consuming administration – no automation, lots of grunt work
  • Infrastructure maintenance – managing bare metal or VMs

This paved the way for cloud to abstract infrastructure complexity completely…

How AWS Redefined Load Balancing

The cloud Native Elastic Load Balancing services provide powerful traffic distribution managed as turnkey SaaS.

You interact at the software API level while AWS handles provisioning, scaling, patching, and availability of the load balancing fleet globally.

Some benefits over managing your own load balancing infrastructure:

Zero Operational Overhead

Fully abstracted as on-demand service. No servers to manage.

High Availability

ELB runs across multiple isolated zones by default preventing downtime.

Managed Scaling

Automatic horizontal scaling means smoothly handling volatile traffic spikes.

Pay As You Go Pricing

No idle capacity sitting around. Pay for exact load balancer capacity and traffic used per hour.

This allows focusing on the application architecture vs infrastructure plumbing!

Next let‘s analyze the impressive performance benchmarks…

AWS Elastic Load Balancing Performance Benchmarks

Performance Metric Hardware Balancer ELB Network Load Balancer
Max Throughput 5 Gbps Over 100 Gbps per AZ scaling to petabytes
Latency Sub 1 ms <100 microsecond
Concurrent Connections 500,000 Millions per AZ

Here we contrast legacy hardware balancers vs Network Load Balancer as an example.

The difference is astronomical! Network load balancer throughput alone is 20x greater while latency is 10x lower. And this scales linearly across isolated zones.

[Insert throughput per AZ chart]

The bottom line – Elastic Load Balancing delivers production grade load balancing an order of magnitude above what hardware can provide.

This is possible thanks to the array of cutting edge software and hardware efficiency techniques which we‘ll explore next…

Under the Hood – Technologies Powering Load Balancing at Scale

AWS employs an array of strategies to drive extreme network performance behind the scenes:

Kernel Bypass with DPDK

Under load, the kernel network stack results in excess overhead and latency. AWS implements kernel bypass using Intel‘s Data Plane Development Kit (DPDK) to directly access the NIC achieving higher packet throughput with lower latency and CPU utilization freeing up cycles.

Custom Networking Hardware

While DPDK removes kernel bottlenecks, custom hardware pushes the limits further. AWS worked with Annapurna Labs to design proprietary Network Load Balancer hardware appliances using RDMA for remote memory access replacing TCP/IP completely.

Advanced Routing Protocols

Custom routing protocols optimized specifically for load balancing ensure traffic takes the fastest path to the destination by dynamically accounting for zone health, capacity, proximity and more.

These are just a few examples of performance enhancements employed – there are many additional proprietary hardware and software innovations utilized to achieve this level of speed and scale.

Now let‘s shift gears into a deeper analysis of availability and fault tolerance architecture…

Elastic Load Balancing Availability Zones

AWS infrastructure is composed of geographic regions containing isolated locations known as availability zones spread across multiple data centers.

[Diagram showing regions and AZs]

This is foundational to providing fault tolerance for cloud applications – distributing load balancers and backend instances across AZs limits failure impact radius.

Default AZ Distribution

By default, the Elastic Load Balancing service spins up resources evenly across enabled availability zones. This prevents an outage if an entire zone goes down.

[Chart showing LB capacity distributed to AZ1, AZ2 , AZ3]

So configured properly, losing an AZ would result in 2/3 total capacity remaining available.

Of course exact ratios can be tuned via CloudFormation duringstack creation.

Option for AZ Isolation

When implementing Network Load Balancers, you can optionally isolate dedicated load balancer resources per zone. This grants even greater fault containment between environments:

[Diagram with isolated NLB nodes per AZ]

So development, test, and production for example could run in distinct zones of the same region without overlapping. Eliminating shared fate risk.

While availability zones provide resilience within regions, we can expand resilience even further with cross region redundancy…

Expanding Fault Tolerance Across Regions

Availability zones minimize failure impact within a given region. But for true resilience, applications must be multi-region ready – able to withstand entire region loss via Availability Zone replication.

[Diagram showing multi-region architecture]

Let‘s discuss patterns to achieve this…

Cross Region Replication

Data replication technologies like database streaming or object versioning can propagate data changes from a primary to secondary region in real time.

Combined with orchestration this can automated failover database or storage tier to secondary region in event primary is impacted.

Active-Passive Sites

Run active workload in one region while keeping a "warm" passive site in standby within another region. This might have smaller instances, data caches, etc. to allow fast scaling up if cutover is needed.

Active-Active Sites

Distribute user loads between regions simultaneously using Route53 latency or geo based routing to provide local performance. Requires apps be region agnostic.

Multi-region redundancy should be part of continuity planning from the start when building cloud native workloads at scale!

Now that we have explored some advanced architecture let‘s shift gears to real world use cases and examples…

Elastic Load Balancing Common Use Cases

While we‘ve covered the technical concepts in depth already, let‘s analyze some applied examples that demonstrate these ideas in action to close things out!

Microservices Traffic Routing

Microservices architectures composed of dozens or hundreds of independent, loosely coupled services powering modern applications have unique infrastructure demands – like the need for advanced traffic routing configurations between components.

[Diagram showing path based ELB routing traffic to microservices target groups]

Here Application Load Balancer (ALB) allows segmenting traffic to dedicated target groups based on hostname, path, headers and more – providing flexibility to implement canary launches or test in production safely.

Health checks ensure availability at the container or VM level for each microservice while extensive CloudWatch metrics provide fine grain observability even in complex service grids.

Scalable CI/CD Pipelines

Many continuous integration / continuous delivery workflows rely on compute intense processes like code compilation, test execution, packaging assets etc. These ephemeral workloads with volatile capacity needs can benefit enormously from auto scaling Groups sitting behind ALB:

[Diagram showing CICD pipeline directing work to ECS cluster behind ALB]

By load balancing across an ECS container cluster combined with auto scale rules, batch processing phases can efficiently scale up/down dynamically based only on depth of work queued up.

This prevents overprovisioning static resources while still meeting variable demands in automated pipeline environments.

Graphical Processing at the Edge

Building immersive games or 3D simulation environments normally requires expensive GPU equipped servers. These stateful game servers cannot be ephemeral like previous examples.

Instead NLB pairs nicely with GPU optimized EC2 instance families like G and P series:

[Diagram showing game clients connecting to NLB route requests to GPU backend]

By load balancing UDP traffic across long lived, steady state servers you can create high performance backends tailored to graphical workloads that scale seamlessly.

Adjust target group health checks to prevent failed servers from impacting users.

This presents just a sample of the versatility Elastic Load Balancing provides. But our analysis is not quite complete – we still need to address the ever present concern of security…

Securing Applications with Elastic Load Balancer

While essential for scalability and availability, internet facing entry points also pose risk – making load balancer security critical.

AWS provides tools to protect applications at the edge:

Web Application Firewall (WAF)

Layer 7 protection against OWASP top 10 vulnerabilities can be integrated directly with ALB to filter known exploits and bot attacks.

AWS Shield

DDoS prevention provides always on detection mitigating volumetric and state exhaustion attacks for ALB and NLB.

Security Groups

Firewalls controlling allowed port, protocol, IP range and security group access lock down inbound and outbound traffic.

PrivateLink

Provisions private connectivity to avoid exposing public endpoints and reduce attack surface.

HTTPs / TLS Termination

Encrypt flows from clients using free ACM certificates to prevent eavesdropping.

Combined, these capabilities allow securely publishing and access internal applications through ELBs to validate clients, block threats, and encrypt data in transit.

Now let‘s conclude with some best practice recommendations.

Load Balancing Best Practices

Follow these guidelines when working with Elastic Load Balancers for maximum reliability.

Spread Across Multiple AZs

Distribute load balancer nodes and backend instances evenly across distinct zones to localize failures.

Implement Health Checks

Configure TCP, HTTP level verifications to evaluate target health degrading unhealthy nodes.

Rotate Access Keys

Keys granting control plane access should be rotated every 90 days minimum as security best practice.

Analyze Access Logs

Audit authentication events, network traffic patterns and security data by sinking LB logs to object storage for analysis.

Implement WAF Rules

Stop entire classes of attacks based on malicious payloads. Start with OWASP core rule set as baseline then customize.

This covers the main points for secure, resilient load balancing.

And with that we have reached the end of our deep dive! Let‘s wrap up with some key takeaways.

Conclusion and Key Takeaways

We covered a tremendous amount of ground across core concepts, performance analysis, architecture patterns, real world examples, security considerations and best practices.

Here are the key takeaways:

Elastic Load Balancing Overview

  • SaaS load balancer removes operational burden completely compared to DIY options
  • Three distinct products offering advanced traffic routing: ALB, NLB, Gateway LB
  • Integrates with auto scale groups, containers, serverless and more

Performance & Scalability

  • Leverages custom hardware and kernel bypass for extreme speed
  • Scales elastically to absorb volatile traffic spikes
  • Significantly exceeds legacy hardware load balancers

High Availability

  • Default zone distribution prevents regional failures
  • Option to isolate zones or stack regions for greater fault tolerance

Security

  • Native integration with WAF, Shield, VPC endpoints lock down access
  • SSL termination, auth validation occur at edge

Best Practices

  • Health checks, access control, and logging alerts round out governance

Equipped with these techniques, you can now build world class application architectures ready for the most demanding network loads securely, reliably and cost effectively utilizing Elastic Load Balancing as a managed service in AWS.

Let me know if you have any other questions!