The problem with Amazon’s Load Balancing
Feb0
A year later, Amazon still haven’t fixed a fundamental problem with their load balancing product (Amazon ELB).
Amazon don’t provider customers with a fixed IP for a ELB, only a CNAME.
Since a CNAME can’t be the root of your domain (it must be an A record) – you can’t fully balance traffic to your domain.
At the moment, customers have to forward all traffic to a CNAME, from http://example.com to http://www.example.com, to load balance their domains. This introduces a single point of failure. If the server you allocate to serve traffic from the root of your domain goes down, nobody gets forwarded.
In addition, this root server isn’t load balanced, so it receives all the initial traffic to your site. This defeats ELB’s purpose somewhat.
There’s a post that’s been on Amazon’s ELB forums for about a year – with about 60 replies, this clearly is a popular ‘feature’ (or I would argue requirement). It’s a deal breaker for some.
Amazon’s response is this:
Thanks for all the feedback. We understand your concerns and supporting this feature is on our roadmap. Unfortunately, we do not have a specific timeline for its availability.
As one commentator puts it:
Serving HTTP traffic off your root domain out of your core stack is really a basic thing that any load balancing solution needs to support.
Amazon, when do you expect to launch this feature?
AWS Elastic Load Balancer Tutorial
Jun10
We’ve been using the new Amazon Load Balancers (ELB) for Socialmod, and since there’s not much information out there on the subject, I thought a blog post would be in order.
The load balancers are charged at $0.025 per hour, plus $0.008 per GB of data transferred through them. Personally I think this is very reasonable.
They’re hardware based, and can balance both HTTP and TCP traffic. This means you can balance both the traffic to the web server, and the database traffic (although there are issues with the latter that I’ll talk about later).
Some of the following instructions are specific to OSX/Linux, check the docs for information about Windows.
Setting up the tools.
Download the tools from Amazon, unzip them and place them somewhere logical (in your home directory for example).
Edit your .bash_profile file (or .profile), adding the following line:
export ELB_HOME=~/path/to/elastic_load_balancing export PATH=$PATH:$ELB_HOME/bin
If you’re not using EC2, you’ll have to go through the extra step of creating/downloading a private key, and adding EC2_CERT/EC2_PRIVATE_KEY to your bash file.
I’ll assume you are, since you can’t use ELB with any other server setup.
Create the load balancer.
Execute the following command. Only include the zones you actually have instances in – I made the mistake of including extra which meant the balancer kept on droppingn requests.
elb-create-lb default --zones us-east-1a --listener "protocol=http, lb-port=80, instance-port=80"
You’ll be given the URL of your new load balancer in return which you’ll need for configuring the DNS.
Register instances.
Now to actually register any EC2 instances with the load balancer.
elb-register-instances-with-lb default --instances i-12345678
If you navigate to the load balancer’s URL you’ll probably see an Apache “It Works!” sign.
You could add the Load Balancer’s URL to your virtual host’s domain alias in order to actually see the web page.
Configure DNS.
Ok, so here comes the kicker – you can’t use ELB for the root of your domain. This is because the load balancers can only be referenced by a domain name, not an IP address. You can’t have a CNAME on the root of a domain – it has to be on a subdomain.
Amazon are busy adding this ‘feature’, but in the meantime you should forward everybody to a subdomain, such as ‘www’.
Here’s an example of an Apache rewrite condition that forwards everybody to www:
RewriteCond %{HTTP_HOST} ^socialmod.com$ [NC]
RewriteRule ^(.*)$ http://www.socialmod.com$1 [R=301,L]
Advanced Load Balancing
You can load balance your Mysql cluster – however ELB is outside Amazon’s firewall and isn’t integrated with it. This means that to load balance Mysql you need to open it up to the world and rely on strong credentials to keep your data secure, rather than firewall rules.
ELB can handle SSL traffic, just set the protocol to TCP and the port to 443 when you create the balancer. Currently, Elastic Load Balancing does not have SSL termination capability.
ELB is certainly in it’s infancy, but has been beta tested and is ready for production. I just hope that Amazon add ELB management to their AWS console.