Day 3: Auto Scaling Group with Integrated Load Balancer and Web Application Firewall (WAF)
This blog illustrates the integration of Auto Scaling with Load Balancer and demonstrates the use of WAF through an example.
Create Auto Scaling Groups
Step 1
To create Auto Scaling Groups, we need to select the template which will be used to configure new instances while scaling the application. Go to next step.
Step 2
Choose network such as VPC and Availability Zone. Here, we are selecting all AZs which means it can create servers in any AZ. Go To next Step.
Step 3
This step is all about load balancer. Here we are working on application layer and want to scale our application. So, we will create our own Application Load Balancer (also known as ALB).
Give name to the load balancer. Here we used internet-facing load balancer scheme because we want it to expose over internet.
Now create a target group and select the load balancer you created.
Now select the health check which will notify you which server is running healthy and which one is not.
Step 4
In this step we will select the Desired Capacity (No. of servers will always be active), Min Desired Capacity (Minimum No. of servers will be running) and Max Desired Capacity (Maximum no. of servers should be running when load increases) as shown.
Now, select the target policy, under which we will define the condition when Load Balancer will scale up the application. Here, we define that when the average CPU utilization will exceed 10%, it will scale up the servers with in 30 seconds. Also enable monitoring with CloudWatch. Go to next step.
Step 5
If you want to add notifications, you can select this option. Here, for now we are not using this service. Go to next step.
Step 6: Now add tags to the servers. Go to next step to review your settings for alb and create auto scaling group.
Here is the auto scaling group created.
As a result of desired servers there will be 2 servers running with the name Zero-To-Hero-Server as shown below. Even if you will delete these servers, the Load Balancer will automatically restart it.
You can also check how the servers are running? Are they Healthy or Not as shown below.
Now, check the service running through the DNS created by Load Balancer as shown below.
As soon as the DNS will be hit, it will initialize more instances when the CPU utilization exceeds to the set limit.
Checking Load Balancer on your local
If you want to check Load Balancer on your local system, You can check using ‘stress command’. To use stress command, install stress first.
$ sudo apt-get install stress
Using WAF (Web Application Firewall)
It is used to protects against DDOS attack and Malicious Web Traffic. To set up WAF, you need to setup Web-ACL first. Here we have used BotControlRule.
This will block Bot access to your application. There are many other rules we can choose.
This blog covers everything about ASG and ALB. I hope you find it helpful! Stay tuned for more insights on AWS services. Don’t forget to follow for more useful blogs. – Neha Bhardwaj