Apurv Samadder's AWS team blog
AWS Application Load Balncer with CloudFlare

AWS Application Load Balncer with CloudFlare

Apurv Samadder's photo
Apurv Samadder
·

4 min read

Application Load balancer: Before moving to Application Load balancer we will understand why we need it, as we already had NLB

Disadvanteg of NLB :

—> We dont have redirection, means you cannot redirect from Https to Https

—> Path based / url based was not supported in NLB

—> Application FW was not supported in NLB

—> It cannot be used as Ingress Controller for Kubenetes.

Definition :

Application Load Balancer operates at the request level (layer 7), routing traffic to targets (EC2 instances, containers, IP addresses, and Lambda functions) based on the content of the request. Ideal for advanced load balancing of HTTP and HTTPS traffic, Application Load Balancer provides advanced request routing targeted at delivery of modern application architectures, including microservices and container-based applications. Application Load Balancer simplifies and improves the security of your application, by ensuring that the latest SSL/TLS ciphers and protocols are used at all times.

We will try to Implement below scenario

Scenarios : We have 3 pages, HomePage / Movies / Shows. Whenerer from Internet user tries to access, through DNS, to apurvtech.xyz., if user enter /homepage , he should be redirected to Homepage.

If he enters apurvtech.xyz/movies or apurvtech.xyz/shows he should redirect to respective pages.

Steps 1) ACM should be created, please check the previous page, as we have created

Step 2) Created VPC

  1. 3 Instances in Private Subnet

  2. Target Gorup

  3. ALB

  4. We will create records in our DNS (cloudFlare )

  5. The we will do redirection from Http to Https by enabling rules

  6. In TargetGroup, we will ensure that it will ensure the traffic moves to correct /moves or /shows folder

Step 1 ) We need to create an ACM as it might take sometime to issue. check our previous blog on NLB (https://hashnode.com/draft/678f6745cca9b439c91dd9d9) .

Step 2) Create VPC as we did with 3 Subnet and 1 AZ, this is the same as we did on our NLB Blogs (https://hashnode.com/draft/678f6745cca9b439c91dd9d9)

Make sure necessary rules are open in the SG in VPC

Step 3) Create 3 Instance in 1 Private Subnet each, make sure to put below script in metadata

#!/bin/bash

# Update the package repository
sudo apt update

# Install Nginx
sudo apt install -y nginx

# Replace the default <h1> tag content with "Welcome to Homepage"
sudo sed -i 's/<h1>Welcome to nginx!<\/h1>/<h1>Welcome to Homepage<\/h1>/' /var/www/html/index.nginx-debian.html

# Add additional lines to the HTML file
echo '<a href="https://www.apurvtech.xyz/movies/">Visit For Movies</a>' | sudo tee -a /var/www/html/index.nginx-debian.html
echo '</div>' | sudo tee -a /var/www/html/index.nginx-debian.html
echo '<br>' | sudo tee -a /var/www/html/index.nginx-debian.html
echo '<a href="https://www.apurvtech.xyz/shows/">Visit For Shows</a>' | sudo tee -a /var/www/html/index.nginx-debian.html

# Start and enable Nginx
sudo systemctl start nginx
sudo systemctl enable nginx

Step 4 ) Create Tagrget group. We need to create Three Target Group

one for Homepage , one for Movies, one for Shows. All steps below will be same the moment we include instance in Target Group. We will only select EC2 for respective TargetGroup

However , while we create a Target Group for Movies and Shows, the HealthCheck path should be properly defined

as we are creating 3 different target Groups, and for respective target groups we will only select ec2 instance created for them only,

eg : for Movies TG we will include EC2 that is created for Moves same goes for Shows Tg as well

All three will be created as shown below

Step 5) Create Load Balancer

Once Load Balancer is provisioned, then we will make the correct entries in Cloudflare

LB DNS Entry in CLoud Flare DNS.

Step 6 ) We need to now rediret Http request to Https

Go to LoadBalancer → Listner Rules → Http (80), click on check box → Action → Edit Rules- >

Make the chages in Listner COnfiguration and save it. Http request will not redirect to Https

Step 7 ) Now we need to create redirection to Movies and Shows Spaces

Go to LB → Https → Manage Rule → Add Rules

Give Name = routetomovies

Add Condition = /path based

Confirm →

Forwad to target Group → select TG for movies

Next Give Priority to 1 → Next → Create

Repeact same steps for Creation of Shows “ Only give priority as 2 “

All steup is done, and try accessing the Url

apurvtech.xyz and other links if it is going to other pages or not

*************************************************************************************************

AWS cloudflare ALBalbaws alb