Is AWS’s Elastic Load Balancer a single point of failure

amazon-elbamazon-web-services

I am looking at moving our application up to Amazon Web Services. The plan is to have all of the EC2 instances mirrored across two availability zones. Due to data transfer costs, we will be staying in a single AWS region (Oregon).

The multiple AZs get rid of the single point of failure for our application and database servers, but what about the ELB? If I have a single ELB distributing traffic across two AZs, is the ELB also hosted across those two AZs?

What does Amazon do to prevent the ELB from being a SPoF?

Best Answer

At its heart, an ELB is just a collection of EC2 instances. When you create an ELB, you specify the availability zones you want that load balancer to be in. Instances to make up the load balancer will then be created in those zones. The way they avoid a single point of failure here is by returning multiple IP addresses when you do a DNS lookup. For example:

DNS lookup for website.example.com returns CNAME website-elb-12345.eu-west-1.elb.amazonaws.com
The lookup also returns the information for website-elb-12345.eu-west-1.elb.amazonaws.com. It states that the site has IP address 1.2.3.4 and IP address 2.3.4.5

It is up to the client to choose which IP address to use to make a connection. The IP addresses won't always be returned in the same order from the DNS lookup. A client could retry on an alternative IP address if they can't connect on the first attempt.

The TTL on the DNS records for an ELB is only 60 seconds which means that should an ELB instance die and get replaced, the DNS will be updated everywhere fairly quickly.

Related Solutions

AWS: Multi-region setup using single RDS instance

You should think carefully why you need to have the same data in both US and EU. After all these are different users.

Running in a multi-region environment is much more complex and usually giving back performance due to the inherent latency between US and EU.

Even if you move out of RDS and try to replicate your data between regions, either asynch or synch, you will get latency issues that will give bad performance to your users.

The easiest way is to set up a dedicated RDS server in EU and share nothing between these instances.

Elastic Load Balancer for multiple webapps

A single ELB routes traffic to exactly one set of instances, and distributes the incoming traffic to all the instances "behind" it. It does not selectively route traffic based on any layer 7 analysis of the traffic, such as the Host: header.

You need one ELB for each set of instances. As you describe it, that's one ELB for each webapp.

If your primary purpose for running ELB is offloading the SSL using a wildcard certificate (I have one system designed like this, with dozens of apps living at many-different-domains.my-wildcard-cert-domain.com), then the instances "behind" the ELB could be running a reverse proxy such as HAProxy (or several other alternatives, like Varnish) that can make layer-7 routing decisions and then forward the traffic to the appropriate subset of machines behind them, which also allows more sophisticated load balancing and has the advantage of providing you with stats and traffic counters, aggregate and separate.

       /-- HAProxy \  /----- instances hosting app #1  
ELB ---|            >> ----- instances hosting app #2 
       \-- HAProxy /  \----- instances hosting app #n

The intermediate ^^^^ instances can evaluate the Host: headers (among other things) and even capture the value of the session cookie in their logs for analysis.

This setup also allows me to run multiple apps on overlapping subsets of instances, where appropriate, and do a lot of other things that ELB by itself doesn't directly support. It also returns a custom "503" page in the case where an application gets overloaded or otherwise becomes unavailable, which ELB does not do on its own. I've depicted 2 proxy servers here, for no particular reason other than your mention of the number 2 in the question. My setup actually has 3, one for each availability zone in the region where this is deployed.

Best Answer

Related Solutions

AWS: Multi-region setup using single RDS instance

Elastic Load Balancer for multiple webapps

Related Topic