Quick Links

Load Balancers are network devices that you can use to distribute traffic across multiple servers. AWS's Elastic Load Balancers are a managed service providing load balancing for your EC2 instances, and enabling the use of Auto-Scaling.

What Is a Load Balancer?

Rather than having one large web server handle all the work of serving your application, Load Balancers allow you to instead have two or three smaller servers that each handle a portion of the work. The Load Balancer sits in front of these servers, and evenly routes incoming traffic to them.

Under the hood, a Load Balancer is just another server running a modified version of HAProxy. You could set this up yourself if you wanted, but like with many other AWS services, it's great having it all managed for you. They're easy to set up, and you won't have to worry about them once they're running.

AWS's Elastic Load Balancers support HTTP/HTTPS traffic at the request level, as well as TCP and UDP at the connection level. They cost $17 a month, plus additional data charges.

Load Balancers enable high availability---two servers are inherently much better than one server, because if a server goes down or has to restart, it won't take your application offline. On AWS, they're also used for Auto-Scaling, a feature that can automatically start additional servers when CPU usage gets too high. This allows your application to scale throughout the day and as necessary. Load Balancers are used in this case to route traffic evenly to each instance in the Auto-Scaling group.

Getting Started

From the EC2 Management Console, select "Load Balancers" in the sidebar, and create a new Load Balancer:

load balancers sidebar

If you're looking to balance HTTP/HTTPS traffic, choose the Application Load Balancer. For everything else, choose Network Load Balancer.

select application load balancer

Give it a name, and make sure it's set to "internet-facing," unless you're balancing internal traffic. By default, only HTTP is enabled, so add a listener for HTTPS:

add HTTPS

You'll need to select at least two subnets in different availability zones for the load balancer to serve. If you're unsure, just select the subnet that your servers are currently in, which you can find under the "Instances" tab in the EC2 Console, and select another one if you're only using one subnet.

select two AZs

On the next screen, you'll need to set up HTTPS. This is done using AWS Certificate Manager, which provisions SSL certificates for encrypting the Load Balancer's traffic. If you already have a cert in ACM, you can select it here, but if not, click "Request a new certificate from ACM" to set up a new one.

create new cert

You'll be brought to a new page, where you'll need to enter in the domain names you plan on using with this Load Balancer. If you want to use subdomains, you can enter them in manually, or just specify a secondary wildcard, like so:

You'll need to verify that you own these domains before the certificate can be issued. Open up your DNS configuration, and add a new CNAME record using the name and value given to you by ACM. If you're using Route 53 as your DNS provider, you can just click the button to create these automatically.

verify dns settings

These may take a while to process, up to an hour, but when it's finished, you "Pending Validation" turn to a green "Validated," and you'll be able to refresh and select the certificate in the load balancer setup.

On the next screen, simply select the security group currently used by your instances, unless you wish to create a new one and manually configure it.

Next, you'll need to create a new "target group" for the Load Balancer to point to. You'll add your instances to this group, and it will balance between them. Make sure "Instance" is set as the type, unless you want to give it a list of IP addresses.

On the next screen, select the instances you wish to use with this Load Balancer.

Once that's done, proceed to the review, and click "Create" to launch your load balancer.