Lead Thinking The Business of Software Development

AWS Elastic Load Balancer Tutorial

We’ve been using the new Amazon Load Balancers (ELB) for Socialmod, and since there’s not much information out there on the subject, I thought a blog post would be in order.

The load balancers are charged at $0.025 per hour, plus $0.008 per GB of data transferred through them. Personally I think this is very reasonable.

They’re  hardware based, and can balance both HTTP and TCP traffic. This means you can balance both the traffic to the web server, and the database traffic (although there are issues with the latter that I’ll talk about later).

Some of the following instructions are specific to OSX/Linux, check the docs for information about Windows.

Setting up the tools.

Download the tools from Amazon, unzip them and place them somewhere logical (in your home directory for example).

Edit your .bash_profile file (or .profile), adding the following line:

export ELB_HOME=~/path/to/elastic_load_balancing
export PATH=$PATH:$ELB_HOME/bin

If you’re not using EC2, you’ll have to go through the extra step of creating/downloading a private key, and adding EC2_CERT/EC2_PRIVATE_KEY to  your bash file.
I’ll assume you are, since you can’t use ELB with any other server setup.

Create the load balancer.

Execute the following command. Only include the zones you actually have instances in – I made the mistake of including extra which meant the balancer kept on droppingn requests.

elb-create-lb  default --zones us-east-1a --listener "protocol=http, lb-port=80, instance-port=80"

You’ll be given the URL of your new load balancer in return which you’ll need for configuring the DNS.

Register instances.

Now to actually register any EC2 instances with the load balancer.

elb-register-instances-with-lb default --instances i-12345678

If you navigate to the load balancer’s URL you’ll probably see an Apache “It Works!” sign.
You could add the Load Balancer’s URL to your virtual host’s domain alias in order to actually see the web page.

Configure DNS.

Ok, so here comes the kicker – you can’t use ELB for the root of your domain. This is because the load balancers can only be referenced by a domain name, not an IP address. You can’t have a CNAME on the root of a domain – it has to be on a subdomain.

Amazon are busy adding this ‘feature’, but in the meantime you should forward everybody to a subdomain, such as ‘www’.

Here’s an example of an Apache rewrite condition that forwards everybody to www:

RewriteCond %{HTTP_HOST} ^socialmod.com$ [NC]
RewriteRule ^(.*)$ http://www.socialmod.com$1 [R=301,L]

Advanced Load Balancing

You can load balance your Mysql cluster – however ELB is outside Amazon’s firewall and isn’t integrated with it. This means that to load balance Mysql you need to open it up to the world and rely on strong credentials to keep your data secure, rather than firewall rules.

ELB can handle SSL traffic, just set the protocol to TCP and the port to 443 when you create the balancer. Currently, Elastic Load Balancing does not have SSL termination capability.

---

ELB is certainly in it’s infancy, but has been beta tested and is ready for production. I just hope that Amazon add ELB management to their AWS console.