| « PreviousNext » | |
   | Did this page help you? Yes | No | Tell us about it... |
Configuring Elastic Load Balancing with AWS Elastic Beanstalk
Elastic Load Balancing is an Amazon web service that helps you improve the availability and scalability of your application. This service makes it easy for you to distribute application loads between the Amazon EC2 instances. Elastic Load Balancing enables availability through redundancy and supports traffic growth for your application.
Elastic Load Balancing lets you automatically distribute and balance the incoming application traffic among all the instances you are running. The service also makes it easy to add and remove instances when you need to increase or decrease the capacity of your application.
AWS Management Console
AWS Elastic Beanstalk automatically provisions Elastic Load Balancing when you deploy an application. You can modify your environment's Elastic Load Balancing configuration by using the Load Balancer tab of the Edit Configuration wizard.
The following sections describe the Elastic Load Balancing parameters you can configure for your application.
Ports
The load balancer provisioned to handle requests for your AWS Elastic Beanstalk application sends requests to the Amazon EC2 instances that are running your application. The provisioned load balancer can listen for requests on the specified ports and route requests to the Amazon EC2 instances in your AWS Elastic Beanstalk application. By default, the load balancer handles requests on port 80. At least one of the ports must be turned on.
Important
If you are deploying an application using a legacy container type, make sure that the port you specified is not locked down; otherwise, users will not be able to connect to your AWS Elastic Beanstalk application. To check if you are using a legacy container type, see Why are some container types marked legacy?.
Note
If you are deploying an application using a non-legacy container type, and you want to access your application directly on the EC2 instance using your web browser, modify your HTTP rule in your EC2 security group. For instructions, go to Amazon EC2 Security Groups. For a list of supported non-legacy container types, see Why are some container types marked legacy?.
Controlling the listener port
To turn off the listener port, you select OFF from the Listener Port list. To turn on the listener port, you select a port (for example, 80) from the listener port.
Note
If you want to access your environment using a different port other than the default port 80 (e.g., port 8080), you can add a
listener to the existing load balancer and configure the new listener to
listen on that port. For example, using the Elastic Load
Balancing command line tools, type the following command
replacing <yourloadbalancername> with the name of
your load balancer for Elastic Beanstalk.
elb-create-lb-listeners --lb <yourloadbalancername> --listener "protocol=http, lb-port=8080, instance-port=80"
If you want Elastic Beanstalk to monitor your environment, do not remove the listener on port 80.
Controlling the listener protocol
If you turn on the listener port, you can specify the protocol to use. Select HTTP or TCP from the Listener Protocol list.
Note
This option is available for non-legacy containers only. For instructions on migrating to a legacy container, see Migrating Your Application from a Legacy Container Type.
Controlling the secure listener port
Elastic Load Balancing supports the HTTPS/TLS protocol to enable traffic encryption for client connections to the load balancer. Connections from the load balancer to the EC2 instances are done using plaintext. By default, the secure listener port is turned off.
To turn on the secure listener port
Create and upload a certificate and key to the AWS Access and Identity Management (IAM) service. The IAM service will store the certificate and provide an Amazon Resource Name (ARN) for the SSL certificate you've uploaded. For more information about creating and uploading certificates, see the Managing Server Certificates section of Using AWS Identity and Access Management.
Specify the secure listener port by selecting a port from the Secure Listener Port list.
In the SSL Certificate ID box, enter the Amazon Resources Name (ARN) of your SSL certificate (e.g.,
arn:aws:iam::123456789012:server-certificate/abc/certs/build). Use the SSL certificate that you created and uploaded in step 1. For information about viewing the certificate's ARN, see Verify the Certificate Object topic in the Creating and Uploading Server Certificates section of the Using IAM guide.
To turn off the secure listener port, select OFF from the Secure Listener Port drop-down list.
Controlling the secure protocol
If you turn on the secure listener port, you can specify the protocol to use. Select HTTPS or SSL from the Secure Listener Protocol list.
Note
This option is available for non-legacy containers only. For instructions on migrating to a legacy container, see Migrating Your Application from a Legacy Container Type.
Health Checks
Elastic Load Balancing uses a health check to determine whether the Amazon EC2 instances running your application are healthy. The health check determines an instance's health status by probing a specified URL at a set interval; if the URL returns an error message, or fails to return within a specified timeout period, the health check fails. AWS Elastic Beanstalk uses Elastic Load Balancing health checks to set the status of your application in the AWS Management Console.
You can control the settings for the health check using the EC2 Instance Health Check section of the Load Balancing panel.
The health check definition includes a URL to be queried for instance health. By default, AWS Elastic Beanstalk uses TCP:80 for non-legacy containers and HTTP:80 for legacy containers. You can override the default URL to match an existing resource in your application (e.g. ‘/myapp/index.jsp’) by entering it in the Application Health Check URL box. If you override the default URL, then AWS Elastic Beanstalk uses HTTP to query the resource. To check if you are using a legacy container type, see Why are some container types marked legacy?.
The following list describes the health check parameters you can set for your application.
Enter the number of seconds in the Health Check Interval (seconds) box to define the interval at which Elastic Load Balancing will check the health of your application's Amazon EC2 instances.
Specify the number of seconds Elastic Load Balancing will wait for a response before it considers the instance non-responsive in the Health Check Timeout (seconds) box.
Specify the number of consecutive successful or unsuccessful URL probes before Elastic Load Balancing changes the instance health status in the Healthy Check Count Threshold and Unhealthy Check Count Threshold boxes. For example, specifying 5 in the Unhealthy Check Count Threshold box means that the URL would have to return an error message or timeout five consecutive times before Elastic Load Balancing considers the health check "failed."
Sessions
By default a load balancer routes each request independently to the server instance with the smallest load. By comparison, a sticky session binds a user's session to a specific server instance so that all requests coming from the user during the session will be sent to the same server instance.
AWS Elastic Beanstalk uses load balancer-generated HTTP cookies when sticky sessions are enabled for an application. The load balancer uses a special load balancer-generated cookie to track the application instance for each request. When the load balancer receives a request, it first checks to see if this cookie is present in the request. If so, the request is sent to the application instance specified in the cookie. If there is no cookie, the load balancer chooses an application instance based on the existing load balancing algorithm. A cookie is inserted into the response for binding subsequent requests from the same user to that application instance. The policy configuration defines a cookie expiry, which establishes the duration of validity for each cookie.
You can use the Sessions section on the Load Balancer tab to specify whether or not the load balancer for your application allows session stickiness.
For more information about Elastic Load Balancing, go to the Elastic Load Balancing Developer Guide.
CLI
To edit an application's environment settings
Update an application's environment settings.
PROMPT> elastic-beanstalk-update-environment -e MySampleAppEnv -f "Options.txt"
Options.txt
[
{"Namespace": "aws:elb:loadbalancer",
"OptionName": "LoadBalancerHTTPPort",
"Value": "80"},
{"Namespace": "aws:elb:loadbalancer",
"OptionName": "LoadBalancerPortProtocol",
"Value": "HTTP"},
{"Namespace": "aws:elb:loadbalancer",
"OptionName": "LoadBalancerHTTPSPort",
"Value": "443"},
{"Namespace": "aws:elb:loadbalancer",
"OptionName": "LoadBalancerSSLPortProtocol",
"Value": "HTTPS"},
{"Namespace": "aws:elb:loadbalancer",
"OptionName": "SSLCertificateId",
"Value": "arn:aws:iam::123456789012:server-certificate/abc/certs/build"},
{"Namespace": "aws:elasticbeanstalk:application",
"OptionName": "Application Healthcheck URL",
"Value": "/"},
{"Namespace": "aws:elb:healthcheck",
"OptionName": "Interval",
"Value": "30"},
{"Namespace": "aws:elb:healthcheck",
"OptionName": "Timeout",
"Value": "5"},
{"Namespace": "aws:elb:healthcheck",
"OptionName": "HealthyThreshold",
"Value": "3"},
{"Namespace": "aws:elb:healthcheck",
"OptionName": "UnhealthyThreshold",
"Value": "5"},
{"Namespace": "aws:elb:policies",
"OptionName": "Stickiness Policy",
"Value": "false"},
{"Namespace": "aws:elb:policies",
"OptionName": "Stickiness Cookie Expiration",
"Value": "0"}
]API
To edit an application's environment settings
Call
UpdateEnvironmentwith the following parameters:EnvironmentName=SampleAppEnvOptionSettings.member.1.Namespace=aws:elb:loadbalancerOptionSettings.member.1.OptionName=LoadBalancerHTTPPortOptionSettings.member.1.Value=80OptionSettings.member.2.Namespace=aws:elb:loadbalancerOptionSettings.member.2.OptionName=LoadBalancerHTTPSPortOptionSettings.member.2.Value=443OptionSettings.member.3.Namespace=aws:elb:loadbalancerOptionSettings.member.3.OptionName=SSLCertificateIdOptionSettings.member.3.Value=arn:aws:iam::123456789012:server-certificate/abc/certs/buildOptionSettings.member.4.Namespace=aws:elasticbeanstalk:applicationOptionSettings.member.4.OptionName=Application Healthcheck URLOptionSettings.member.4.Value=/OptionSettings.member.5.Namespace=aws:elb:healthcheckOptionSettings.member.5.OptionName=IntervalOptionSettings.member.5.Value=30OptionSettings.member.6.Namespace=aws:elb:healthcheckOptionSettings.member.6.OptionName=TimeoutOptionSettings.member.6.Value=5OptionSettings.member.7.Namespace=aws:elb:healthcheckOptionSettings.member.7.OptionName=HealthyThresholdOptionSettings.member.7.Value=3OptionSettings.member.8.Namespace=aws:elb:healthcheckOptionSettings.member.8.OptionName=UnhealthyThresholdOptionSettings.member.8.Value=5OptionSettings.member.9.Namespace=aws:elb:policiesOptionSettings.member.9.OptionName=Stickiness PolicyOptionSettings.member.9.Value=falseOptionSettings.member.10.Namespace=aws:elb:policiesOptionSettings.member.10.OptionName=Stickiness Cookie ExpirationOptionSettings.member.10.Value=0OptionSettings.member.11.Namespace=aws:elb:loadbalancerOptionSettings.member.11.OptionName=LoadBalancerPortProtocolOptionSettings.member.11.Value=HTTPOptionSettings.member.12.Namespace=aws:elb:loadbalancerOptionSettings.member.12.OptionName=LoadBalancerSSLPortProtocolOptionSettings.member.12.Value=HTTPS
Example
https://elasticbeanstalk.us-east-1.amazon.com/?EnvironmentName=SampleAppEnv &OptionSettings.member.1.Namespace=aws%3Aelb%3Aloadbalancer &OptionSettings.member.1.OptionName=LoadBalancerHTTPPort &OptionSettings.member.1.Value=80 &OptionSettings.member.2.Namespace=aws%3Aelb%3Aloadbalancer &OptionSettings.member.2.OptionName=LoadBalancerHTTPSPort &OptionSettings.member.2.Value=443 &OptionSettings.member.3.Namespace=aws%3Aelb%3Aloadbalancer &OptionSettings.member.3.OptionName=SSLCertificateIdSSLCertificateId &OptionSettings.member.3.Value=arn%3Aaws%3Aiam%3A%3A123456789012%3Aserver-certificate%2Fabc%2Fcerts%2Fbuild &OptionSettings.member.4.Namespace=aws%3Aelb%3Aapplication &OptionSettings.member.4.OptionName=Application%20Healthcheck%20URL &OptionSettings.member.4.Value=/ &OptionSettings.member.5.Namespace=aws%3Aelb%3Ahealthcheck &OptionSettings.member.5.OptionName=Interval &OptionSettings.member.5.Value=30 &OptionSettings.member.6.Namespace=aws%3Aelb%3Ahealthcheck &OptionSettings.member.6.OptionName=Timeout &OptionSettings.member.6.Value=5 &OptionSettings.member.7.Namespace=aws%3Aelb%3Ahealthcheck &OptionSettings.member.7.OptionName=HealthyThreshold &OptionSettings.member.7.Value=3 &OptionSettings.member.8.Namespace=aws%3Aelb%3Ahealthcheck &OptionSettings.member.8.OptionName=UnhealthyThreshold &OptionSettings.member.8.Value=5 &OptionSettings.member.9.Namespace=aws%3Aelb%3Apolicies &OptionSettings.member.9.OptionName=Stickiness%20Policy &OptionSettings.member.9.Value=false &OptionSettings.member.10.Namespace=aws%3Aelb%3Apolicies &OptionSettings.member.10.OptionName=Stickiness%20Cookie%20Expiration &OptionSettings.member.10.Value=0 &Operation=UpdateEnvironment &AuthParams
