ELB & ASG Flashcards
(42 cards)
What are the four types of load balancers?
Classic Load Balancer, Application Load Balancer, Network Load Balancer, Gateway Load Balancer
What layer is an application load balancer?
Layer 7 (HTTP)
What are the various manners we can route to different target groups with our ALB?
Path-based routing, hostname-based routing, Query string/header routing, and source IP
What can be included in ALB Target groups?
EC2 instances, ECS tasks, Lambda functions and private IPs
How can you find the IP of the client for the ALB?
In the header X-Forwarded-For
What is a Network Load Balancer used for?
It functions at the fourth layer of the OSI model. To forward TCP & UDP traffic to your instances
How many Static IPs per AZ can a Network Load Balancer have?
One
What can the Target Groups of NLB be?
EC2 Instances, Private IPs or an ALB
True or False: The NLB cannot have a fixed IP Address
False. The NLB must have a fixed IP address for each AZ.
True or False: You must configure the security group for an NLB upon creation.
False. NLBs do not have security groups like ALB. The security group pertaining to the instances must be configured to allow traffic from the NLB and/or clients
We want to use the GENEVE protocol on port 6081 to communicate with AWS resources. What do we use?
A Gateway Load Balancer. A Gateway Load Balancer operates at the third layer of the Open Systems Interconnection (OSI) model. It listens for all IP packets across all ports and forwards traffic to the target group that’s specified in the listener rule, using the GENEVE protocol on port 6081.
Which load balancers can Sticky Sessions be applied for?
ALB and CLB
How do Sticky Sessions work?
A cookie is supplied to the client with an expiration date. The cookie determines what resource the client is directed towards
What are the two cookies provided for Sticky Sessions?
Application-based cookie: Gives more control around the duration of the session
Duration-based cookie: When the client routes to a target, it is given a load balancer generated cookie that is used to map the session to a target
Why would you use Cross Zone Load Balancing?
You want to make sure that traffic is distributed evenly for all instances ACROSS AZs
True or false: Cross-Zone load balancing is always on for ALB and NLB
False. ALB is enabled and can’t be disabled. NLB is disabled by default
How can you configure the ALB to serve traffic to a specific target group?
Define the rules in the listeners. A listener is a process that checks for connection requests using a protocol and a port
How can you configure the ALB to serve traffic to a specific target group?
Define a listener rule. The conditions in the listener rule help determine how the load balancer routes requests to its registered targets
True or False: You cannot configure a security group on an ALB
False. An NLB does not have a security group configuration. An ALBs security group and EC2 security group must be configured
Why would we use a Server Name Indication?
SNI solves the problem of loading multiple SSL certificates onto one web server.
What is an SSL certificate?
It is a digital certificate that authenticates a websites identity and enables an encrypted connection
https://www.kaspersky.com/resource-center/definitions/what-is-a-ssl-certificate
Why would we use Server Name Indication?
It allows the client to indicate which hostname it is trying to connect to at the start of the TLS handshake. That way, mulitple certificates can be used on one server.
We have two domain names on a server being targeted by an ALB. How do we properly send traffic to the proper target group?
We can use Server Name Indication
What is connection draining/de-registration delay?
ELB stops sending requests to targets that are deregistering. ELB will wait a certain amount of time (delay) to deregister so that requests in process can complete
