Mastering Application Load Balancers for the AWS SAA Exam

Elastic Load Balancers (ELB) are a core AWS service that automatically distributes incoming traffic across multiple targets, such as EC2 instances, containers, or IP addresses, within one or more availability zones. They enhance fault tolerance and ensure high availability for your applications.

Among the three types of ELBs—Application Load Balancers (ALBs), Network Load Balancers (NLBs), and Gateway Load Balancers (GWLBs)—the ALB is designed for Layer 7 (application layer) routing. This means ALBs understand application-level protocols like HTTP and HTTPS, making them ideal for web applications and APIs.

Choosing an ALB is particularly advantageous when:

• You need routing based on URL paths (e.g., /api or /user).
• You require host-based routing to direct traffic to specific backends based on domain names (e.g., api.example.com vs. app.example.com).
• You’re building modern microservices or containerized applications where dynamic, fine-grained request routing is crucial.

For the AWS Certified Solutions Architect – Associate (SAA) exam, understanding ALBs is essential, as they often appear in scenarios related to designing scalable and secure web architectures.

What Are Application Load Balancers?

An Application Load Balancer (ALB) is a managed service that acts as a Layer 7 load balancer, providing advanced traffic distribution and intelligent request routing for modern web applications.

Purpose

The primary goal of an ALB is to:

• Improve the availability and fault tolerance of your application.
• Route user requests to the appropriate backend resources based on defined rules.

ALBs are particularly useful for applications with complex routing needs, such as microservices or multi-tenant architectures.

Key Features

1. Advanced Request Routing
   • ALBs evaluate incoming requests and route them based on various factors like HTTP headers, request paths, or hostnames. This flexibility supports use cases like path-based routing (/api to one service, /images to another) and host-based routing (e.g., routing traffic for app.example.com vs. api.example.com).
2. Support for Microservices and Containers
   • ALBs integrate seamlessly with ECS, EKS, and Kubernetes clusters, enabling dynamic load balancing for containerized workloads. You can register individual containers as targets, ensuring efficient traffic distribution even in rapidly scaling environments.
3. HTTPS and TLS Termination
   • ALBs can offload SSL/TLS processing from backend servers, improving performance and simplifying certificate management.
4. WebSocket Support
   • Ideal for real-time applications like chat apps or streaming services, ALBs handle WebSocket connections efficiently.
5. Integration with AWS Services
   • ALBs work natively with services like Auto Scaling, CloudWatch, and AWS WAF, providing enhanced scalability, monitoring, and security.

How Application Load Balancers Work

Layer 7 Functionality

Application Load Balancers operate at the application layer (Layer 7) of the OSI model, enabling them to inspect the content of HTTP/HTTPS requests. This capability allows ALBs to make routing decisions based on application-specific data, such as request paths, headers, and methods.

Request Evaluation

When a request reaches the ALB, it evaluates the following attributes:

• HTTP Headers: ALBs can inspect headers to determine routing rules, such as directing traffic based on user-agent or content-type.
• HTTP Methods: Requests using methods like GET, POST, or PUT can trigger specific routing behaviors.
• URL Paths: ALBs support path-based routing, enabling you to route /api/* requests to one target group and /static/* requests to another.
• Hostnames: With host-based routing, requests to app.example.com can go to one target group while requests to api.example.com are routed to a different one.

Forwarding Traffic to Target Groups

After evaluating the request, the ALB forwards it to the appropriate target group. A target group can consist of:

• EC2 instances.
• IP addresses.
• Lambda functions.
• Containers (e.g., running on ECS or EKS).

The ALB continuously monitors the health of targets using customizable health checks and ensures traffic is directed only to healthy targets.

Key Features of Application Load Balancers

Path-Based and Host-Based Routing

• Path-Based Routing: Route requests based on URL paths. For example:
  • /api/* -> API service target group.
  • /images/* -> Static content target group.
• Host-Based Routing: Direct traffic based on the requested hostname. For instance:
  • app.example.com -> Frontend target group.
  • api.example.com -> Backend target group.

This flexibility is essential for multi-service architectures and multi-tenant applications.

Integration with AWS Services

• ALBs integrate seamlessly with ECS and EKS, enabling dynamic load balancing for containerized applications.
• They work with Auto Scaling to handle fluctuating traffic by automatically adjusting backend capacity.

WebSocket Support

ALBs support WebSocket connections, making them ideal for real-time applications like chat apps, gaming platforms, and live streaming services.

Sticky Sessions

Also known as session persistence, sticky sessions ensure that a user’s requests are directed to the same backend server throughout their session. This is useful for applications where maintaining user state is critical.

TLS Termination

ALBs offload SSL/TLS decryption, freeing backend servers from processing encrypted requests. This reduces server load and simplifies certificate management.

Monitoring and Logging

• CloudWatch Metrics: ALBs provide metrics like request count, target health, and latency, enabling real-time monitoring.
• Access Logs: ALBs log detailed information about requests, such as source IP, latency, and request paths, aiding in debugging and compliance.

Guide to Creating an ALB

For this I'll use a project I was doing to demo. Navigate to the EC2 dashboard in the AWS Management Console. Select "Load Balancers" and click "Create Load Balancer". Choose "Application Load Balancer" and specify name, scheme (internet-facing or internal), and VPC settings. In the network mapping section I chose the 2 public subnets I created in the VPC configuration.

Add listeners for HTTP or HTTPS traffic then assign a security group to allow appropriate inbound traffic (e.g., port 80 or 443).

Create a target group for the listener and register instances or other targets.. The one I created had 2 EC2 instances deployed in 2 availability zones.

Define health check paths, intervals, and thresholds to monitor target availability. Finally, set up rules for path-based or host-based routing to direct traffic to the correct target groups. After reviewing and creating the ALB, it’s ready to distribute traffic.

Cost Considerations

When using an Application Load Balancer (ALB), AWS charges based on:

• Hours of Usage - You pay for every hour the ALB is active.
• Data Processed - Additional costs apply based on the volume of data transferred through the ALB.

To save on costs:

• Avoid leaving ALBs running when they aren’t needed, such as in development environments.
• Use Auto Scaling to match backend instances to traffic demand, minimizing idle resources.
• Regularly review and optimize your architecture to ensure cost efficiency.

Conclusion

Application Load Balancers are a powerhouse for modern application architectures, offering advanced routing, seamless AWS integration, and scalability. Whether you’re building microservices, hosting multiple apps, or running real-time services, ALBs ensure traffic is efficiently routed to the right resources.

Mastering ALBs is crucial for creating scalable, secure, and cost-effective solutions in AWS. For the AWS SAA exam, a solid understanding of ALBs equips you to design architectures that handle traffic like a pro while staying resilient and efficient.

Sample Questions

1. Question:

You are designing a multi-tier application with separate front-end, back-end, and API layers. You need to route traffic to different services based on URL paths. Which AWS service will help you achieve this requirement?

A. Network Load Balancer
B. Application Load Balancer
C. Classic Load Balancer
D. AWS Global Accelerator

Answer: B
ALBs provide advanced routing features like path-based routing, allowing traffic to be routed to different target groups based on URL paths (e.g., /api to one service and /static to another).

2. Question:

Your application uses both HTTP and HTTPS protocols. You want to offload SSL/TLS decryption from the backend servers. Which feature of the Application Load Balancer will help you achieve this?

A. TLS Termination
B. WebSocket Support
C. Sticky Sessions
D. Auto Scaling

Answer: A
ALBs support SSL/TLS offloading, also known as TLS termination, which allows the ALB to decrypt incoming HTTPS requests, reducing the load on backend servers.

3. Question:

You have an ALB with multiple target groups. You want to ensure that only healthy targets receive traffic. What feature should you configure to achieve this?

A. Auto Scaling
B. Health Checks
C. Sticky Sessions
D. WebSocket Support

Answer: B
Health checks monitor the status of targets in the target group. If a target is unhealthy, the ALB will stop routing traffic to it until it becomes healthy again.

4. Question:

You are using an ALB to route traffic based on hostnames. Your domain app.example.com is directed to the frontend service, and api.example.com is directed to the backend service. What routing method are you using?

A. Path-Based Routing
B. Host-Based Routing
C. Round-Robin Routing
D. IP-Based Routing

Answer: B
Host-based routing allows ALBs to direct traffic to different target groups based on the hostname, such as app.example.com vs. api.example.com.

5. Question:

You want to configure an Application Load Balancer to route traffic to different services based on the request path, and you also need to support WebSocket connections. Which feature of ALBs will allow you to do this?

A. WebSocket Support
B. Auto Scaling
C. TLS Termination
D. Path-Based and Host-Based Routing

Answer: D
ALBs support both path-based and host-based routing to direct traffic to the correct target group, and also support WebSocket connections for real-time communication.