英文:
Internal load balancer instances model
问题
I have the following set up:
-
public network
This network has internet access as the route tables routes the external traffic to an IGW
I am deploying a small sample app webAppPublic in this network -
private network A - no internet access
-
private network B - no internet access
Note network A and network B are in two different AZs
In private network A and network B, I deployed a small sample app webAppPrivate used by webAppPublic
so one instance per network.
I am using an internal load balancer for webAppPrivate
I linked the load balancer to network A and network B and put the two instances as a target group.
webAppPublic uses the DNS name of the load balancer to communicate with webAppPrivate
This configuration works fine:
Furthermore, I see in the console that if I call dig load-balancer-dns
it resolves to two IP addresses for each subnetwork, namely private network A and private network B
So now I also have two load balancer nodes for each private network.
I also note that if I call dig multiple times, I see the order of the addresses changes, so I guess AWS does this for DNS load balancing
among the load balancer instances on networks A and B
I asked myself the question, what should happen if I remove one instance of webAppPrivate?
In this case, one of the load balancer would not find an instance in the same network and AZ to forward the request
to, so most likely, the request will fail.
However, after doing this, I notice the load balancing still works fine, as I don't get any issues, and the one instance remaining is always reached.
I am not sure how this happens, if the DNS query resolves the DNS name to the load balancer instance in the
network and AZ from which I remove the instance, I would expect this request to fail.
One possible explanation is that the instance of the load balancer will, in case no instances are up and or healthy in its own network, contact AWS load balancer service elsewhere / or possibly the other instances of the load balancer in different networks, before routing the actual traffic.
So the node of the load balancer in one network cannot take the routing decision on its own?
I think my mental model about internal load balancing and private networks is somewhat wrong, can you help me understand what happens here?
英文:
I have the following set up:
-
public network
This network has internet access as the route tables routes the external traffic to a IGW
I am deploying a small sample app webAppPublic in this network -
private network A - no internet access
-
private network B - no internet access
Note network A and network B are in two different AZs
In private network A and network B I deployed a small sample app webAppPrivate used by webAppPublic
so one instance per network.
I am using a internal load balancer for webAppPrivate
I linked the load balancer to network A and network B and put the two instances as target group.
webAppPublic uses the dns name of the load balancer to communicate to webAppPrivate
This configuration works fine:
Furthermore I see in the console that if I call dig load-balancer-dns
it resolves to two IP addresses for each subnetwork namely private network A and private network B
So now I also have two load balancers node for each private network.
I also note that if I call dig multiple times I see the the order of the addresses changes so I guess AWS does this for dns load balancing
among the load balancers instances on the network A and B
I asked my self the question, what should happen if I remove one instance of webAppPrivate ?
In this case one of the load balancer would not find a instance in the same network and AZ to forward the request
to, so most likely the request will fail.
However after doing this I notice the work balancing still works fine, as I don't get any issues and the one instance remaining is always reached.
I am not sure how this happens, if the DNS query resolves the dns name to the load balancer instance in the
network and AZ from which I remove the instance I would expect this request to fail.
One possible explaination is that the instance of load balancer will, in case no instances are up and or healthy in its own network, contact AWS load balancer service elsewhere / or possibly the other instances of the laod balancer in different networks, before routing the actual traffic.
So the node of load balancer in one cannot network cannot take the routing decision on its own ?
I think my mental model about internal load balancing and private network is somewhat wrong, can you help me understand what happens here ?
答案1
得分: 0
看起来你正在使用应用负载均衡器(ALB)。
跨区域负载平衡是ALB的默认配置。这意味着每个负载均衡器节点会将流量分配到所有已启用的可用区中注册的目标上。当禁用跨区域负载平衡时,每个负载均衡器节点仅将流量分配到与负载均衡器部署在同一可用区中的已注册目标上。
截至2022年末,你现在可以禁用跨区域负载平衡。
详细信息请参阅弹性负载均衡的跨区域负载平衡部分。
英文:
It looks like you are using Application Load Balancer (ALB).
Cross-zone load balancing is the default configuration for ALB. That means that each load balancer node distributes traffic across the registered targets in all enabled Availability Zones. When cross-zone load balancing is disabled, each load balancer node distributes traffic only across the registered targets within the same AZ as the load balancer is deployed.
As of late 2022, you can now disable cross-zone load balancing.
See more at the cross-zone load balancing section of How Elastic Load Balancing works.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论