Tutorial / Cram Notes
The Application Load Balancer (ALB) operates at the application layer of the OSI model and can distribute incoming HTTP and HTTPS traffic across multiple targets, such as EC2 instances, containers, and IP addresses. ALBs use health checks to ensure that traffic is only sent to healthy targets.
Health checks for ALB target groups are performed on all targets registered to a target group at a frequency you specify. You can configure the following parameters for ALB health checks:
- HealthCheckIntervalSeconds: The approximate amount of time, in seconds, between health checks of an individual target.
- HealthCheckPath: The destination for the HTTP or HTTPS request used to perform the health check.
- HealthCheckPort: The port used when performing the health check.
- HealthCheckProtocol: The protocol used for health checking (HTTP or HTTPS).
- HealthyThresholdCount: The number of consecutive health checks successes required before considering an unhealthy target healthy.
- UnhealthyThresholdCount: The number of consecutive health check failures required before considering the target as unhealthy.
If a target fails the health checks, the ALB stops sending traffic to it. Once the target is healthy again (based on the HealthyThresholdCount), traffic will resume.
Here is an example of how you might configure health checks for your ALB target group using the AWS Management Console:
- Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
- In the navigation pane, choose ‘Target Groups’.
- Select the target group that you want to modify.
- Choose the ‘Health Checks’ tab.
- Change the health check settings as desired.
Route 53 Health Checks and DNS Failover
Amazon Route 53 is a highly available and scalable DNS web service. It can also perform health checks and reroute traffic in case of an outage. Route 53 can check the health of your application and its endpoints periodically and take defined actions, like rerouting traffic to healthy endpoints.
The health check parameters for Route 53 include:
- IPAddress: The IP address that Route 53 should use when performing the health check.
- Port: The port to use for the health check.
- Type: The type of health check to perform, which could be HTTP, HTTPS, or TCP.
- ResourcePath: The path to request when performing HTTP or HTTPS health checks (for example, “/health”).
- FailureThreshold: The number of consecutive failed health checks that must occur before Route 53 considers the endpoint unhealthy.
With Route 53, you can also configure DNS failover, which utilizes health checks to determine whether an endpoint is healthy and should receive traffic.
For example, to create a health check using the AWS CLI, you could use the following command:
aws route53 create-health-check –caller-reference 2017-04-02 –health-check-config IPAddress=192.0.2.44,Port=80,Type=HTTP,ResourcePath=/,RequestInterval=30,FailureThreshold=3
This command sets up an HTTP health check for the IP address 192.0.2.44 at port 80 with a request interval of 30 seconds and a failure threshold of 3.
In conclusion, when studying for the AWS Certified DevOps Engineer – Professional exam, it is crucial to understand the health check capabilities of AWS services like Application Load Balancer and Route 53. This knowledge ensures that you can configure and manage the necessary checks to maintain application availability and performance. Understanding how to configure and respond to health checks will help you deploy resilient systems that can detect and compensate for outages or failures proactively.
Practice Test with Explanation
True or False: Amazon Route 53 supports TCP, HTTP, HTTPS, and SMTP health checks.
- True
- False
True
Amazon Route 53 supports a variety of health check protocols including TCP, HTTP, HTTPS, and SMTP, among others.
Multiple select: Which AWS services can perform health checks on endpoints? (Select TWO)
- AWS Lambda
- Amazon RDS
- Amazon Route 53
- Elastic Load Balancing
- Amazon EC2 Auto Scaling
Amazon Route 53, Elastic Load Balancing
Amazon Route 53 can perform health checks on endpoints while Elastic Load Balancing performs health checks on the targets in its target groups. AWS Lambda, Amazon RDS, and Amazon EC2 Auto Scaling do not have built-in health check capabilities like ALB and Route
True or False: In Elastic Load Balancing, you cannot customize the health check configuration for your target groups.
- True
- False
False
You can customize the health check settings in an Elastic Load Balancing target group, including the interval, threshold, timeout, and which HTTP/HTTPS path to use.
Single select: What is the purpose of the ‘unhealthy_threshold’ setting in an Application Load Balancer (ALB) target group?
- To determine the number of consecutive successful health checks required to change an unhealthy target to healthy.
- To determine the amount of traffic to route to a new target.
- To determine the number of consecutive failed health checks required to consider the target as unhealthy.
- To define the length of time to wait before performing the first health check on a new target.
To determine the number of consecutive failed health checks required to consider the target as unhealthy.
The ‘unhealthy_threshold’ setting dictates the number of consecutive failed health checks after which the ALB marks a target as unhealthy.
True or False: Route 53 health checks can check the health of application endpoints both inside and outside of the AWS infrastructure.
- True
- False
True
Route 53 can monitor the health and performance of your application endpoints, whether they are AWS resources or external resources.
Single select: What type of Route 53 health check can determine the health of an endpoint with complex requirements involving multiple resources?
- HTTP status check
- TCP connection check
- Database check
- Calculated health check
Calculated health check
Calculated health checks are used to determine endpoint health based on the status of other health checks, which can take into account multiple resources and more complex scenarios.
True or False: An unhealthy target in an Application Load Balancer (ALB) target group will never receive any requests until it is marked healthy again.
- True
- False
False
While it’s generally true that unhealthy targets do not receive requests, the ALB can still distribute requests to unhealthy targets if all targets are unhealthy in order to avoid downtime.
Multiple select: What metrics are typically used by an Application Load Balancer (ALB) when performing health checks on its target groups? (Select TWO)
- Memory usage
- Response time
- HTTP status codes
- CPU utilization
- Successful connection
HTTP status codes, Successful connection
An ALB typically checks if the target group successfully responds to a connection attempt and returns the expected HTTP status code. Memory usage and CPU utilization are not part of ALB health checks.
True or False: Elastic Load Balancing health checks are only performed at a frequency of one check every 30 seconds.
- True
- False
False
The frequency of health checks in Elastic Load Balancing can be configured. The default interval is 30 seconds, but it can be set as low as 5 seconds for ALBs and 10 seconds for other types.
True or False: Route 53 health checks cannot monitor the SSL/TLS configuration of an endpoint.
- True
- False
False
Route 53 can monitor SSL/TLS configurations by using HTTPS health checks, which includes verifying the SSL/TLS certificate on the endpoint.
Single select: Which of the following HTTP status codes indicates a successful health check response by default for an Application Load Balancer (ALB)?
- 4xx
- 5xx
- 3xx
- 2xx
2xx
A 2xx series code indicates a successful response, which typically shows a successful health check by an ALB.
True or False: AWS Network Load Balancers (NLBs) support path-based health checks.
- True
- False
False
AWS Network Load Balancers do not support path-based health checks as they operate at the transport layer (Layer 4), not the application layer (Layer 7) like the Application Load Balancers which support path-based health checks.
Interview Questions
Can you describe the purpose of health checks in AWS Elastic Load Balancing (ELB) and how they benefit application availability?
The purpose of health checks in ELB is to monitor the health of the registered targets. ELB performs health checks on all targets and only routes traffic to those that are healthy, thereby ensuring high availability and fault tolerance. If a target fails health checks, ELB stops sending traffic to it until it passes health checks again.
What types of health checks are supported by AWS Route 53, and how can each type be useful in different scenarios?
AWS Route 53 supports three types of health checks: HTTP, HTTPS, and TCP. HTTP/HTTPS checks monitor the endpoint using a web protocol and can verify the response body, while TCP health checks simply check that a TCP connection can be established. HTTP/HTTPS checks are used for more complex checks that can analyze the content of responses. In contrast, TCP checks are useful when only a basic connectivity check is required.
How do target group health checks differ between Application Load Balancers (ALB) and Network Load Balancers (NLB) within AWS?
Target group health checks for ALB support HTTP, HTTPS, and TCP checks, as well as advanced health checking patterns, including matching response codes and custom request paths. In contrast, NLB health checks only support TCP checks. This is because ALBs are application-level load balancers that handle advanced application-level routing, whereas NLBs operate at the transport layer and are designed for high throughput, low latency connections.
What is the purpose of health check intervals, and how do they impact the resilience of applications in AWS?
Health check intervals specify how often the load balancer will check the health of each target. Shorter intervals can detect and respond to failures more quickly, enhancing application resilience. However, overly frequent checks could potentially overwhelm backend services or result in increased charges. The intervals need to balance responsiveness with efficiency.
Can you explain the concept of “healthy threshold” and “unhealthy threshold” in the context of AWS ELB health checks?
The healthy threshold is the number of consecutive health check successes a target must have before being considered healthy. The unhealthy threshold is the number of consecutive health check failures required before a target is deemed unhealthy. These thresholds help minimize false positives and negatives, ensuring a target’s consistent performance before routing traffic to it or pulling it out of service.
How would you configure health checks in AWS Route 53 to monitor a web application’s endpoint across multiple regions?
In Route 53, you would configure health checks for the web application endpoints in each region. You can then associate these health checks with DNS records and use a failover routing policy or other routing policies like latency-based or geolocation that work with health checks to direct traffic based on endpoint health and other criteria. This can ensure high availability and region-level failover for the application.
What role do health checks play when using Auto Scaling groups in conjunction with an ALB?
Health checks are critical in this scenario as they determine whether an instance is in a “healthy” state. If an instance fails health checks, the ALB stops routing traffic to it, and if integrated with Auto Scaling, the Auto Scaling group can replace the unhealthy instance automatically with a new, healthy one, maintaining the desired capacity of healthy instances.
How might health check configuration impact the response time and performance of an AWS application infrastructure?
If the health check intervals are too frequent or the health check process is too resource-intensive, this can lead to increased response times and reduced performance as backend servers might spend too much time responding to health checks instead of user requests. On the other hand, infrequent checks or lenient thresholds might lead to slower detection of unhealthy instances, affecting overall application performance.
In a multi-tier application architecture, how would you incorporate health checks to ensure high availability?
In a multi-tier architecture, you should incorporate health checks at each layer (e.g., web, application, and database layers). This involves configuring ELB health checks for EC2 instances and using Route 53 health checks for different tiers, if necessary. This layered approach ensures that each component of the application stack is functioning correctly and can contribute to higher overall availability.
What considerations should be taken into account when configuring health check timeouts and intervals for an application that experiences varying loads?
It is essential to consider the expected response time under different load conditions when configuring timeouts and to adjust health check intervals to avoid false positives or negatives due to temporary spikes or load variations. During peak times, longer timeouts might be necessary to account for slower response times, and intervals may need to be adjusted accordingly to avoid marking healthy instances as failed under high load scenarios.
Great post on health check capabilities! It really helped me understand how ALB target groups function.
Can someone explain why Route 53 health checks can be so critical for global applications?
This blog post is very insightful, thanks!
How do you configure health checks for an ALB target group?
Appreciate the detailed explanation. Thanks!
I found that health checks sometimes fail without a clear reason. Anyone else faced this issue?
Well-explained blog! Appreciate the clarity.
For those preparing for the AWS Certified DevOps Engineer – Professional exam, understanding health checks is fundamental.