AWS Global Accelerator
Developer Guide

Endpoint Groups in AWS Global Accelerator

An endpoint group routes requests to one or more registered endpoints in AWS Global Accelerator. When you add a listener, you specify the endpoint groups for Global Accelerator to direct traffic to. An endpoint group, and all the endpoints in it, must be in one AWS Region. You can add different endpoint groups for different purposes, for example, for blue/green deployment testing.

Global Accelerator directs traffic to endpoint groups based on the location of the client and the health of the endpoint group. If you like, you can also set the percentage of traffic to send to an endpoint group. You do that by using the traffic dial to increase (dial up) or decrease (dial down) traffic to the group. The percentage is applied only to the traffic that Global Accelerator is already directing to the endpoint group, not all traffic coming to a listener.

You can define health check settings for Global Accelerator for each endpoint group. By updating health check settings, you can change your requirements for polling and verifying the health of Elastic IP address endpoints. For Network Load Balancer and Application Load Balancer endpoints, configure health check settings on the Elastic Load Balancing console.

Global Accelerator continually monitors the health of all endpoints that are included in an endpoint group, and routes requests only to the active endpoints that are healthy. If there aren't any healthy endpoints to route traffic to, Global Accelerator routes requests to all endpoints.

This section explains how to work with endpoint groups on the AWS Global Accelerator console. If you want to use API operations with AWS Global Accelerator, see the AWS Global Accelerator API Reference.

Adding, Editing, or Removing an Endpoint Group

You work with endpoint groups on the AWS Global Accelerator console or by using an API operation. You can add or remove endpoints from an endpoint group at any time.

After you add an endpoint group, you can add tags to help track resources for your accelerator.

This section explains how to work with endpoint groups on the AWS Global Accelerator console. If you want to use API operations with Global Accelerator, see the AWS Global Accelerator API Reference.

To add an endpoint group

  1. Open the Global Accelerator console at https://us-west-2.console.aws.amazon.com/ec2/v2/home?region=us-west-2#Global Accelerator:.

  2. In the Accelerators section, choose an accelerator.

  3. In the Listeners section, for Listener ID, choose the ID of the listener that you want to add an endpoint group to.

  4. Choose Add endpoint group.

  5. In the section for a listener, specify a Region for the endpoint group by choosing one from the dropdown list.

  6. Optionally, for Traffic dial, enter a number from 0 to 100 to set a percentage of traffic for this endpoint group. The percentage is applied only to the traffic that is already directed to this endpoint group, not all listener traffic. By default, the traffic dial is set to 100.

  7. Optionally, to specify custom health check values to be applied to Elastic IP address endpoints, choose Configure health checks. For more information, see Health Check Options.

  8. Optionally, choose Add endpoint group to add additional endpoint groups for this listener or other listeners.

  9. Choose Add endpoint group.

To edit an endpoint group

  1. Open the Global Accelerator console at https://us-west-2.console.aws.amazon.com/ec2/v2/home?region=us-west-2#Global Accelerator:.

  2. In the Listeners section, for Listener ID, choose the ID of the listener that the endpoint group is associated with.

  3. Choose Edit endpoint group.

  4. On the Edit endpoint group page, change the Region, adjust the traffic dial percentage, or choose Configure health checks to modify the health check settings.

  5. Choose Save.

To remove an endpoint group

  1. Open the Global Accelerator console at https://us-west-2.console.aws.amazon.com/ec2/v2/home?region=us-west-2#Global Accelerator:.

  2. Choose Remove listener.

  3. In the Listeners section, for Listener ID, choose the ID of the listener that the endpoint group is associated with.

  4. On the confirmation dialog box, choose Remove endpoint group.

Adjusting Traffic Flow With Traffic Dials

For each endpoint group, you can set a traffic dial to control the percentage of traffic that is directed to the group. The percentage is applied only to traffic that is already directed to the endpoint group, not to all listener traffic.

By default, the traffic dial is set to 100 (that is, 100%) for all regional endpoint groups in an accelerator. The traffic dial lets you easily do performance testing or blue/green deployment testing for new releases across different AWS Regions, for example.

Here are a few examples to illustrate how you can use traffic dials to change the traffic flow to endpoint groups.

Upgrade your application by Region

If you want to upgrade an application in a Region or do maintenance, first set the traffic dial to 0 to cut off traffic for the Region. When you complete the work and you're ready bring the Region back into service, adjust the traffic dial to 100 to dial the traffic back up.

Mix traffic between two Regions

This example shows how traffic flow works when you change the traffic dials for two regional endpoint groups at the same time. Let’s say that you have two endpoint groups for your accelerator—one for the US-West-2 Region and one for the US-East-1 Region—and you've set the traffic dials to 50% for each endpoint group.

Now, say you have 100 requests coming to your accelerator, with 50 from the East coast of the United States and 50 from the West coast. The accelerator directs the traffic as follows:

  • The first 25 requests on each coast (50 requests in total) are served from their nearby endpoint group. That is, 25 requests are directed to the endpoint group in US-West-2 and 25 are directed to the endpoint group in US-East-1.

  • The next 50 requests are directed to the opposite Regions. That is, the next 25 requests from the East coast are served by US-West-2, and the next 25 requests from the West coast are served by US-East-1.

The result in this scenario is that both endpoint groups serve the same amount of traffic. However, each one receives a mix of traffic from both Regions.

Health Check Options

AWS Global Accelerator regularly sends requests to endpoints to test their status. These health checks are run automatically. The guidance for determining the health of each endpoint and the timing for the health checks depend on the type of endpoint resource.

You can configure the following health check options for an endpoint group. If you specify health check options, Global Accelerator uses the settings for Elastic IP address health checks but not for Network Load Balancers or Application Load Balancers.

  • For endpoints that are Application Load Balancers or Network Load Balancers, you configure health checks for the resources by using Elastic Load Balancing configuration options. For more information, see Health Checks for Your Target Groups. Health check options that you choose here do not affect Application Load Balancers or Network Load Balancers that you've added as endpoints.

  • For Elastic IP address endpoints that are added to a listener configured with TCP, you can specify the port and protocol to use for health checks. By default, Global Accelerator uses the listener port and protocol that you specified for your accelerator.

  • For Elastic IP address endpoints with UDP listeners, Global Accelerator uses the listener port and the TCP protocol for health checks, so you must have a TCP server on your endpoint.

    Note

    Be sure to check that the port that you've configured for the TCP server on each endpoint is the same as the port that you specify for the health check in Global Accelerator. If the port numbers aren't the same, or if you haven't set up a TCP server for the endpoint, Global Accelerator marks the endpoint as unhealthy, regardless of the endpoint's health.

Global Accelerator requires your router and firewall rules to allow inbound traffic from the IP addresses associated with Route 53 health checkers to complete health checks for Elastic IP endpoints. You can find information about the IP address ranges associated with Route 53 health checkers in Health Checks for Your Target Groups in the Amazon Route 53 Developer Guide. IP address ranges are updated periodically. You can subscribe to be notified whenever there is a change. For more information, see AWS IP Address Ranges Notifications in the AWS General Reference.

Health check port

The port to use when Global Accelerator performs health checks on endpoints that are part of this endpoint group.

Health check protocol

The protocol to use when Global Accelerator performs health checks on endpoints that are part of this endpoint group.

Health check interval

The interval, in seconds, between each health check for an endpoint.

Threshold count

The number of consecutive health checks required before considering an unhealthy target healthy or a healthy target unhealthy.

Each listener routes requests only to healthy endpoints. After you add an endpoint, it must pass a health check to be considered healthy. After each health check is completed, the listener closes the connection that was established for the health check.