Creating an Autoscaling Group with a Load Balancer to distribute traffic

Introduction

Hello everyone,

Back again with another project. For this one, I am going to be building an Autoscaling group with an application load balancer to distribute traffic.

Use Case

Organizations such as my fictitious bank, Level Up Bank, want to move their network to the cloud to improve scalability, reliability, security, cost savings, and flexibility and decide to use the cloud services of AWS.

Such organizations will have to create a VPC, Subnets, an Autoscaling group, and an Application Load Balancer to ensure customers can access needed information. If you don’t know what these terms mean, see below:

• VPC (Virtual Private Cloud) — This is a service that lets you launch resources in a virtual private network.
• Subnet: This is a range of addresses in a VPC. Think of this as a smaller portion of a VPC
• Autoscaling Group: This is a service that allows one to launch EC2 instances for the purpose of automatic scaling and management. Health checks and scaling policies can be made to automatically add or terminate instances based on rules you set.
• Application Load Balancer: This serves as a point of contact for clients trying to access your servers (EC2 instances) and directs the clients to the appropriate target (server) based on rules you set.

Resources to be Made

Now, that you know what these terms mean, this is the list of resources that will be built out

• VPC with CIDR 10.10.0.0/16
• Three Public Subnets with CIDRs 10.10.1.0/24, 10.10.2.0/24 and 10.10.3.0/24. All three subnets will be in different Availability Zones (AZs)
• An Autoscaling Group using t2.micro instances in the 3 public subnets above

NOTE: The instances will all have Apache installed with a custom web page.

• An Application Load Balancer to distribute traffic to the autoscaling group

The prerequisites to complete this project are:

1. An AWS Account
2. An IAM user with administrative privileges (optional)

Steps

1. Log into your AWS Account and navigate to the VPC console

• Name your VPC
• Enter in the IPv4 CIDR: 10.10.0.0/16
• Click Create VPC

2. Still in the VPC Console, go to Subnets and click on Create Subnet

• Select the VPC you just created
• Under subnet settings, enter the first Subnet name, Availability Zone, and IPv4 CIDR block
• Click on add new subnet and repeat the last step for the other 2 public subnets. Make sure to keep these subnets in different availability zones
• When all the needed subnet information has been entered in, click enter

• Once the subnets have been created, click on each subnet and edit the subnet settings to Enable auto-assign public IPv4 address. This will allow the automatic assignment of public IPv4 addresses to EC2 instances created in these subnets.

NOTE: To enable resources in the public subnet to be able to communicate with the Internet, an Internet Gateway (IGW) needs to be created. A route table will then need to be edited/created to direct IP addresses outside the VPC to the Internet Gateway.

• Still in the VPC Console, go to Internet Gateway (IGW) and click Create Internet Gateway. Name it and create it. Once this is done, attach the gateway to the VPC created earlier.

• Go to route tables and select the default route table for the VPC created.
• Under routes, add a route with a destination as 0.0.0.0/0 and a target as the Internet Gateway created. This is to enable resources in your VPC to go through the IGW to access the open internet.

• Under subnet associations, edit it and select all 3 public subnets created. This will make all 3 subnets to be explicitly associated with this route table

3. Navigate to the EC2 Console

• Create two security groups with the following Inbound rules:

A Load Balancer Security Group which only allows HTTP traffic from 0.0.0.0/0. This will be attached to the load balancer created later on and will allow traffic from the Internet.

A Webserver Security Group which only allows SSH traffic from your IP address and HTTP traffic from the Load Balancer Security Group. This will ensure that any HTTP traffic that needs to access your servers can only go through the load balancer, preventing direct access to your server. It also allows you to SSH into the server.

NOTE: Make sure to select the VPC you created when making these security groups

• Go to Launch templates in the EC2 console and create a Launch template

NOTE: A launch template is needed to simplify the launching of instances. The Autoscaling group to be created later on needs this template to know the details of the instance to be launched.

• Name the launch template, give it a description, select the Amazon Machine Image (AMI) you prefer, select t2.micro for Instance type, Select or create a Key Pair, Select the Web Server Security Group created earlier
• Go to network settings, under Subnet, select “Don’t include in launch template”, click on Add Network Interface and enable Auto-assign public IP
• Go to advanced details and enter the code block found in this link to install Apache and create a custom home web page for your servers

NOTE: This project was completed with a Red Hat Linux Instance and the following code block in the link above might not work if you are using another AMI. You might have to substitute “yum” with “apt” depending on the AMI you select

• Once all of this is done, click on create launch template

4. Still in the EC2 Console, go to Auto Scaling Groups (ASG) and click create

• Give it a name and select the launch template you created and click Next
• Select the VPC you created
• Select all 3 public subnets you created and click Next
• Click on No Load Balancer and click Next
• Choose a Desired Capacity of 2, Minimum Capacity of 2, Maximum Capacity of 5 and click Next

This ensures that there will always be a minimum of 2 instances running and a maximum of 5.

• Leave all other settings as default and create the ASG

Two instances will now be created. You should see them under instances in the EC2 Console

5. Go to Target groups in the EC2 Console and click Create

• Select Instances under Target type
• Name the target group
• Make sure the Protocol and Port are set as HTTP and 80 respectively
• Select the VPC you created
• Leave all other values as default and click Next
• You should see the two instances the ASG created. Select them both and click on Create Target Group

6. Go to Load Balancers in the EC2 Console and click on Create

• Under Application Load Balancer (ALB), click Create
• Name the ALB
• Under Scheme, select Internet-facing
• Select the VPC you created earlier
• Select all 3 AZs and the corresponding public subnets you created

• Select the Load Balancer Security Group created earlier
• Under listener, select the target group created earlier

• Create the Load Balancer and wait for the Status of the Load Balancer to show as Active. This might take a few minutes

7. Go back to the Auto Scaling Group created

• Select it and edit Load balancing in the details tab
• Select Application, Network or Gateway Load Balancer target groups
• Select the target group created earlier and click Update

8. Go to the Application Load Balancer and copy the Load Balancer DNS name. Paste this in a browser and you should see the home page of one of your servers.

If you refresh the page multiple times, you should see the AZ shown on the home page text change. This shows that the load balancer is sending traffic to the 2 instances the Auto Scaling Group created.

If you try pasting the Public IP addresses of your instances, you will not be able to get to the home page.

And that’s it for this project. Well done if you made it this far!

Clean-Up

1. Delete the Autoscaling Group. Doing this will terminate the created instances
2. Delete the Load Balancer
3. Delete the Target Group

Please reach out if you have any questions/feedback. Happy learning!