AWS Application load balancer with classic load balancer

Question

All,

Request you to go through below scenario and help me in achieving a solution around this.

We're setting up 2 NodeJS web applications which will be running on 4 different EC2 instances (2 for each).

App - Applications EC1, EC2 --> EC2 instances ASG - Auto scaling groups

App-A -- EC1, EC2 --> ASG1 --> ELB1 (ELB based healthcheck in ASG1) App-B -- EC3, EC4 --> ASG2 --> ELB2 (ELB based healthcheck in ASG2)

We have only one public domain registered --> eg: mycloud.services.com due to other constraints. We would like to route traffic from this single domain using path based approach.

ie mycloud.services.com/appa --> should redirect to website running under ASG1 (ieEC1,EC2) ie mycloud.services.com/appb --> should redirect to website running under ASG2 (ieEC3,EC4)

What is the best way in acheiving this and is there any drawback with this approach?

I checked that Classic load balancer has this type of feature & I tried this (classic lb) but I couldn't select the ELB's in listener config page and it only looks for target groups.

Could someone help in elaborating the details for acheving this through this way or any other better ways?

Tried solution by @BerryRee and facing another issue detailed below,

Thx & wish you a great year ahead. Your above solution seems to work. I have done the configuration but one issue is still open on this front.

I have a simple website running to test this out on two diff ports, 8000 & 8001. I can access both the sites with this port in my browser using public ip of my EC2 server.

I have created 2 target groups master & child for these port's traffic and both of them is showing healthy with these registered instances. Then I created an ALB to map these target groups and created path pattern as you suggested.

ht://XX.XX.XX.XX:8000/ ---> MASTER (ext-tg-master) Hello World!

ht://XX.XX.XX.XX:8001/ ---> CHILD (ext-tg-child) Hello World from CHILD!

ht://lb-name.us-east-1.elb.amazonaws.com/master/ (/child

Cannot GET /master/ or /child/

ht://lb-name.us-east-1.elb.amazonaws.com/ Hello World!

Path pattern Target group name Priority Rule ARN Actions /master/* ext-tg-master 1 /child/* ext-tg-child 2 ext-tg-master default

The only issue now is that when I hit the URL without any path pattern at last its defaulting to the correct target group and giving the hello world output of "master" as per the configuration above. But when i hit with any path value at the last then i get the above error "Cannot GET /child or Cannot GET /master".

Can you give some insights on fixing this?

Answer 1

The use case of putting an ELB behind an ALB (or ALB behind ELB, etc.) isn't supported by AWS.

For you, though, your routing and load balancing can all be handled with a single ALB.

               _______________
==> /appa ==> |               | ===> target-group for App-A
              |    AWS ALB    |
==> /appb ==> |_______________| ===> target-group for App-B

You can create your ALB and target group using the AWS CLI - I leave it as an exercise to execute these same steps on the AWS console.

Since you already have autoscaling groups created for your apps, I'll just assume that they're called asg-group-a and asg-group-b .

# Create a target group for each of your apps
# There are plenty more options you can specify like health checks,
# but that is specific to you
aws elbv2 create-target-group --name app-a-target-group --protocol HTTP --port 80 --vpc-id vpc-(YOUR VPC ID)

aws elbv2 create-target-group --name app-b-target-group --protocol HTTP --port 80 --vpc-id vpc-(YOUR VPC ID)

The above two commands should each output a JSON blob that looks like the one below. Take note of the TargetGroupArn value because you will need that to associate the target group with your autoscaling groups.

{
  "TargetGroups": [
      {
          "HealthCheckPath": "/",
          "HealthCheckIntervalSeconds": 30,
          "VpcId": "vpc-(YOUR VPC ID)",
          "Protocol": "HTTP",
          "HealthCheckTimeoutSeconds": 5,
          "HealthCheckProtocol": "HTTP",
          "UnhealthyThresholdCount": 2,
          "HealthyThresholdCount": 5,
          "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/app-a-target-group/73e2d6bc24d8a067",
          "Matcher": {
              "HttpCode": "200"
          },
          "HealthCheckPort": "traffic-port",
          "Port": 80,
          "TargetGroupName": "my-targets"
      }
  ]
}

Now attach the target groups to their respective autoscaling groups.

# Attach the target groups to your ASGs
aws autoscaling attach-load-balancer-target-groups --auto-scaling-group-name asg-group-a --target-group-arn TARGET_GROUP_A_ARN

aws autoscaling attach-load-balancer-target-groups --auto-scaling-group-name asg-group-b --target-group-arn TARGET_GROUP_B_ARN

Now create the application load balancer. You will need two subnets from the same region that are in different availability zones.

aws elbv2 create-load-balancer --name node-app-alb \
--subnets SUBNET-A SUBNET-B (...) --security-groups [SECURITY-GROUP ...]

The above command will return another JSON blob that contains an ARN of the load balancer, as shown below. Keep this around as you will need it for creating listeners.

arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/node-app-alb/1234567890123456

Now we will configure path-based routing for app-A.

# Create a listener for app-a
# This command will return an ARN for the listener, use that in the next command
aws elbv2 create-listener --load-balancer-arn (ALB ARN) \
--protocol HTTP --port 80  \
--default-actions Type=forward,TargetGroupArn=(ARN FOR APP-A TARGET GROUP)

# create a path routing rule for your new listener to route requests for app-a
aws elbv2 create-rule --listener-arn (APP-A LISTENER ARN) --priority 10 \
--conditions Field=path-pattern,values='/appa/*' \
--actions Type=forward,TargetGroupArn=(ARN FOR APP-A TARGET GROUP)

You can repeat the previous block for appb path routing.