Application Load balancer: Before moving to Application Load balancer we will understand why we need it, as we already had NLB
Disadvanteg of NLB :
—> We dont have redirection, means you cannot redirect from Https to Https
—> Path based / url based was not supported in NLB
—> Application FW was not supported in NLB
—> It cannot be used as Ingress Controller for Kubenetes.
Definition :
Application Load Balancer operates at the request level (layer 7), routing traffic to targets (EC2 instances, containers, IP addresses, and Lambda functions) based on the content of the request. Ideal for advanced load balancing of HTTP and HTTPS traffic, Application Load Balancer provides advanced request routing targeted at delivery of modern application architectures, including microservices and container-based applications. Application Load Balancer simplifies and improves the security of your application, by ensuring that the latest SSL/TLS ciphers and protocols are used at all times.
We will try to Implement below scenario
Scenarios : We have 3 pages, HomePage / Movies / Shows. Whenerer from Internet user tries to access, through DNS, to apurvtech.xyz., if user enter /homepage , he should be redirected to Homepage.
If he enters apurvtech.xyz/movies or apurvtech.xyz/shows he should redirect to respective pages.
Steps 1) ACM should be created, please check the previous page, as we have created
Step 2) Created VPC
3 Instances in Private Subnet
Target Gorup
ALB
We will create records in our DNS (cloudFlare )
The we will do redirection from Http to Https by enabling rules
In TargetGroup, we will ensure that it will ensure the traffic moves to correct /moves or /shows folder
Step 1 ) We need to create an ACM as it might take sometime to issue. check our previous blog on NLB (https://hashnode.com/draft/678f6745cca9b439c91dd9d9) .
Step 2) Create VPC as we did with 3 Subnet and 1 AZ, this is the same as we did on our NLB Blogs (https://hashnode.com/draft/678f6745cca9b439c91dd9d9)
Make sure necessary rules are open in the SG in VPC
Step 3) Create 3 Instance in 1 Private Subnet each, make sure to put below script in metadata
#!/bin/bash
# Update the package repository
sudo apt update
# Install Nginx
sudo apt install -y nginx
# Replace the default <h1> tag content with "Welcome to Homepage"
sudo sed -i 's/<h1>Welcome to nginx!<\/h1>/<h1>Welcome to Homepage<\/h1>/' /var/www/html/index.nginx-debian.html
# Add additional lines to the HTML file
echo '<a href="https://www.apurvtech.xyz/movies/">Visit For Movies</a>' | sudo tee -a /var/www/html/index.nginx-debian.html
echo '</div>' | sudo tee -a /var/www/html/index.nginx-debian.html
echo '<br>' | sudo tee -a /var/www/html/index.nginx-debian.html
echo '<a href="https://www.apurvtech.xyz/shows/">Visit For Shows</a>' | sudo tee -a /var/www/html/index.nginx-debian.html
# Start and enable Nginx
sudo systemctl start nginx
sudo systemctl enable nginx
Step 4 ) Create Tagrget group. We need to create Three Target Group
one for Homepage , one for Movies, one for Shows. All steps below will be same the moment we include instance in Target Group. We will only select EC2 for respective TargetGroup
However , while we create a Target Group for Movies and Shows, the HealthCheck path should be properly defined
as we are creating 3 different target Groups, and for respective target groups we will only select ec2 instance created for them only,
eg : for Movies TG we will include EC2 that is created for Moves same goes for Shows Tg as well
All three will be created as shown below
Step 5) Create Load Balancer
Once Load Balancer is provisioned, then we will make the correct entries in Cloudflare
LB DNS Entry in CLoud Flare DNS.
Step 6 ) We need to now rediret Http request to Https
Go to LoadBalancer → Listner Rules → Http (80), click on check box → Action → Edit Rules- >
Make the chages in Listner COnfiguration and save it. Http request will not redirect to Https
Step 7 ) Now we need to create redirection to Movies and Shows Spaces
Go to LB → Https → Manage Rule → Add Rules
Give Name = routetomovies
Add Condition = /path based
Confirm →
Forwad to target Group → select TG for movies
Next Give Priority to 1 → Next → Create
Repeact same steps for Creation of Shows “ Only give priority as 2 “
All steup is done, and try accessing the Url
apurvtech.xyz and other links if it is going to other pages or not
*************************************************************************************************