KodeKloud Notes

In this lesson, you'll explore AWS Elastic Load Balancers (ELB) and learn how to configure them for high availability, auto-scaling, and fault tolerance in your cloud environments.

Why Load Balancers?

Imagine hosting your web application on a single EC2 instance at public IP 1.1.1.1. If that instance fails, your site goes offline. To add redundancy, you deploy instances across multiple Availability Zones:

EC2 A: 1.1.1.1
EC2 B: 2.2.2.2
EC2 C: 3.3.3.3

Which IP address should your users access? Manually switching between IPs is cumbersome and exposes internal details. A load balancer provides a single, stable endpoint that intelligently distributes requests to healthy backends.

The image illustrates an Elastic Load Balancer (ELB) in AWS, showing a user querying which IP to send data to, with three availability zones each having a different IP address.

Once deployed, the ELB abstracts individual instance IPs and automatically routes traffic:

The image illustrates an Elastic Load Balancer (ELB) setup in AWS Cloud, showing how traffic is distributed from a single IP address to multiple availability zones with different IPs.

Types of AWS Load Balancers

AWS provides three managed load-balancing options to suit different workloads:

Load Balancer Type	OSI Layer	Protocols	SSL Termination	Use Case
Classic Load Balancer (CLB)	4 & 7	HTTP, HTTPS, TCP, SSL	Yes (one certificate)	Legacy workloads
Application Load Balancer (ALB)	7	HTTP, HTTPS, WebSockets	Yes (multiple)	URL/path-based routing
Network Load Balancer (NLB)	4	TCP, UDP	No	Ultra-low latency transport load

1. Classic Load Balancer (CLB)

The original AWS load balancer supports HTTP, HTTPS, TCP, and SSL but lacks modern features like multiple certificates and advanced routing.

Warning

Classic Load Balancer is considered legacy. AWS recommends using Application Load Balancer (ALB) or Network Load Balancer (NLB) for new deployments.

The image is an illustration of the Classic Load Balancer (CLB) by AWS, noting it was the first load balancer introduced by AWS and is not recommended for use. It includes a simple diagram showing the CLB distributing traffic to two applications.

2. Application Load Balancer (ALB)

ALBs operate at the application layer (Layer 7) and excel at HTTP, HTTPS, and WebSocket traffic. They provide content-based routing and host/path-based rules:

URL path and host header conditions
HTTP methods, headers, query strings, source IP
HTTP redirects and custom responses
Application-level health checks

The image is an infographic about Application Load Balancer (ALB), highlighting its support for HTTP/HTTPS/WebSockets, functioning at the application layer (layer 7), and request forwarding based on URL path conditions, host domain, and HTTP fields.

The image is an infographic about Application Load Balancer (ALB), highlighting its support for HTTP/HTTPS/WebSockets, functioning at the application layer, request forwarding based on specific conditions, and performing application-specific health checks.

ALB Traffic Flow and SSL Termination

Application Load Balancers terminate SSL/TLS connections, decrypting traffic at the edge. Your SSL certificates reside on the ALB, and you can choose to forward decrypted traffic to backends over HTTP or re-encrypt using HTTPS.

Note

Ensure your backend instances are configured to handle re-encrypted HTTPS if you require end-to-end encryption.

The image illustrates the flow of data through an Application Load Balancer (ALB), showing SSL/TLS termination at the ALB and the transition from encrypted to unencrypted data.

3. Network Load Balancer (NLB)

Operating at the transport layer (Layer 4), NLBs handle millions of requests per second with ultra-low latency. They forward TCP/UDP connections directly to targets without TLS termination.

High throughput and low latency
Static IP support and Elastic IP attachment
Basic transport-level health checks (TCP)

The image is an informational graphic about Network Load Balancers (NLB), highlighting features such as load balancing traffic based on TCP/UDP, suitability for non-HTTP/HTTPS applications, speed, basic health checks, and TCP connection forwarding.

ELB Architecture in a VPC

When you create an ELB, AWS launches a load-balancer node in each selected subnet (one per AZ). Clients resolve the ELB’s DNS name, and AWS distributes traffic across all nodes, which in turn forward requests to registered targets.

The image illustrates the architecture of Elastic Load Balancers within a Virtual Private Cloud (VPC), showing public and private subnets across two availability zones. It includes a DNS record creation for the ELB and load balancer nodes in each public subnet.

Cross-Zone Load Balancing

By default, each ELB node only routes traffic to targets in its own Availability Zone, which can cause uneven distribution if instance counts differ. Enabling cross-zone load balancing ensures each node spreads requests across all zones evenly.

Note

Cross-zone load balancing can improve utilization but may incur additional inter-AZ data transfer charges.

The image illustrates a cross-zone load balancing setup within a Virtual Private Cloud (VPC), showing traffic distribution between two availability zones, each with load balancing nodes and instances.

Public vs. Private Load Balancers

When deploying an ELB, you specify subnets:

Public Load Balancer: Internet-facing on public subnets
Private Load Balancer: Internal-only on private subnets

The image compares public and private load balancers, highlighting that public load balancers are deployed on public subnets for internet access, while private load balancers are deployed on private subnets for access within an organization's AWS network.

The image illustrates the difference between private and public subnets in AWS Cloud, showing that a private load balancer is not accessible from the internet, while a public subnet is.

Example: Multi-Tier Application

Consider a two-tier application in a VPC across two Availability Zones:

API Layer
- EC2 instances hosting your public API
- Internet-facing public ALB distributes incoming user traffic
Database Layer
- EC2 instances running database or business logic
- Internal private ALB restricts access to only the API servers

This setup exposes your frontend securely while keeping your backend protected.

The image illustrates an ELB (Elastic Load Balancer) architecture within a Virtual Private Cloud (VPC), showing how load balancers in public subnets forward requests to resources in private subnets.

Listeners and Target Groups

Listeners and target groups define how ELBs receive and route traffic:

Listeners: Check for incoming connections on a specific protocol and port. ALB listeners support content-based rules (host, path, headers).
Target Groups: Logical groups of endpoints (EC2 instances, IPs, ECS tasks, Lambda functions). Each listener rule forwards traffic to one or more target groups, with configurable health checks.

The image illustrates a network architecture with listeners and target groups, showing how load balancers forward requests to resources like ECS and Lambda functions.

Summary

ELBs distribute traffic across multiple targets and AZs automatically.
Supports EC2 instances, IP addresses, containers (ECS), and Lambda functions.
Classic (CLB): Legacy; limited features, one SSL cert.
Application (ALB): Layer 7 routing with advanced rules and TLS termination.
Network (NLB): Layer 4 transport load balancing with ultra-low latency.
Cross-zone load balancing for even traffic distribution across AZs.
Listeners parse connections; target groups manage backend health and routing.

The image is a summary slide about Elastic Load Balancing (ELB), highlighting its traffic distribution capabilities, types, and a note on outdated CLBs.

The image is a summary slide comparing Application Load Balancers (ALBs) and Network Load Balancers (NLBs), highlighting their functions and differences in handling HTTP/HTTPS traffic.

References

Watch Video

Watch video content