This is Part II of Introduction to EC2 Auto Scaling
This blog has been written for AWS UG Madurai - AWS Cloud Practitioner BOOT CAMP
We are going to use
us-east-1
region for this workshop
Table of Contents
- Create a Key Pair
- Create a Security Group
- Create an Application Load Balancer
- Create a Launch Template
- Create an Auto Scaling Group
- Verification and Monitoring
- Clean Up
- Summary
- Referrals
Step 1. Create a Key Pair
- Navigate to EC2 > Key Pairs > Create Key Pair
Step 2. Create a Security Group
We are going to create two Security Groups and use Security Group chaining concept
-
Navigate to EC2 > Security Groups > Create a new security group for your ALB, and set the following values:
- Name:
ALBSG
- Add two Inbound rules to allow
HTTP
traffic from0.0.0.0/0
and::/0
(IPV6) - Create another Security Group with a rule to allow
SSH
from your IP and another rule to allowHTTP
fromALBSG
- Name:
Step 3. Create an Application Load Balancer
- Navigate to EC2 > Load Balancers.
- Click Create Load Balancer.
- Click the Create button under the Application Load Balancer and set the following values:
- Name:
ASALB
- Scheme:
internet-facing
- IP address type:
ipv4
- Load Balancer Protocol:
HTTP
- Port:
80
- Leave the default
VPC
. - Select
us-east-1a
andus-east-1b
AZs.
- Name:
- Click Next: Configure Security Settings
- Note: Ignore the warning as we are not using HTTPS.
- Select
AppLBSG
and Click Next - Configure Routing and enter the following values:
- Name:
ASALBTG
- Target type:
Instance
- Protocol:
HTTP
- Port:
80
- Name:
- Expand Advanced health check settings, and reduce the healthy and unhealthy threshold checks to 2.
- Note: This means the load balancer can respond faster and instances come into service and vice versa.
- Click Next: Register Targets.
- Click Next: Review.
- Click Create
- Copy
DNS Name
of the load balancer, open a new tab and enter the URLhttp://DNS Name
.- The URL will error with
503 Service Temporarily Unavailable
as we have no operational EC2 instances associated with the load balancer at this stage.
- The URL will error with
Step 4. Create a Launch Template
We can use Launch template or Launch Configurations. Launch Template are preferred over Launch Configurations as we can have different versions of the template. Also we can't modify a launch configuration after we have created it.
Create a launch template that will be used by the Auto Scaling group. The launch template defines what the instances are and how they are created.
- Navigate to EC2 > Instances > Launch Templates.
- Create a new template, and call it
ASLT
for the name. - Select
Provide guidance to help me set up a template that I can use with EC2 Auto Scaling
- Search for
AMI
, and pick theAmazon Linux
. - Set the instance type as
t2.micro
. - Select
key pair
you created earlier. - Select the
EC2SG
security group you created earlier. - Expand Advanced Details, and paste the following user data.
- Note: These are commands to install a web server and download website content.
- Click Create Launch Template.
- Click Close.
#!/bin/bash
yum update -y
yum install -y httpd
yum install -y wget
cd /var/www/html
curl http://169.254.169.254/latest/meta-data/local-hostname > index.html
service httpd start
sudo amazon-linux-extras install epel -y
sudo yum install -y stress
Step 5. Create an Auto Scaling Group
Note: Make sure the load balancer is ready at this point.
- EC2 > Auto Scaling > Auto Scaling Groups
- Click Create Auto Scaling group.
- Call the group
ASG
. - Select Launch Template, and choose the template named
ASLT
. - We are using
default VPC
, which will be selected, so selectus-east-1a
andus-east-1b
as subnets. - Click Next.
- Select
Attach to an existing load balancer
. - Select target group
ASALBTG
. - Leave the default for Health checks, which is
EC2
. - Select Enable group metrics collection with CloudWatch.
- For Group Size, enter the following values:
- Desired Capacity:
2
- Minimum Capacity:
2
- Maximum Capacity:
6
- Desired Capacity:
- For Scaling Policies, select
Target Tracking Policy
and enter the following values:- Scaling Policy Name:
Target Tracking Policy
- Metric type:
Average CPU utilization
- Target value:
30
- Instances need:
300
- Scaling Policy Name:
- Click Next at
Add Notifications
. - Click Next at
Add tags
. - Click Create
Auto Scaling Group
.
Step 6. Verification and Monitoring
- Connect to one of the EC2 instances via SSH by running
chmod 400 AS-KP.pem
andssh -i "AS-KP.pem" ec2-user@ec2-44-195-41-102.compute-1.amazonaws.com
- Put some CPU load on the server by executing
stress --cpu 4 --timeout 300
- After a few minutes, watch the number of instances increase under
EC2
orASG > Instance Management
. It enacts the scale-out policy. - After a few minutes, the stress test will stop and the ASG enacts the scale-in policy.
- Navigate to EC2 > Auto Scaling > Auto Scaling Groups > Activity and check under
Activity History
, there should be two or more EC2 instances launched - Copy
DNS Name
of the load balancer, open a new tab and enter the URLhttp://DNS Name
. Keep refreshing a few times, you would start seeing something similar toip-XXX-XX-XX-XXX.ec2.internal
and anotherip-YYY-YY-YY-YYY.ec2.internal
Here is a sample of the stress test:
[ec2-user@ip ~]$ stress --cpu 4 --timeout 300
stress: info: [3598] dispatching hogs: 4 cpu, 0 io, 0 vm, 0 hdd
stress: info: [3598] successful run completed in 300s
Scale Out
CloudWatch Metric
Auto Scaling Groups Activity
Scale In
Clean Up
- Delete
ASG
underAuto Scaling groups
. - Delete
ASLT
underLaunch Templates
- Delete
ASALB
underLoad Balancers
- Wait until the Load balancer
ASALB
is deleted and then deleteASALBTG
underTarget Groups
- Delete
AS-KP
underKey Pairs
- Delete Security Groups
EC2SG
first and thenAppLBSG
due to Security Group chaining.
Summary
- Use Security Group chaining to improve security of your application
- Best practice is to scale out fast and scale in slowly to prevent oscillation
- There should be a gap between scale-in and scale-out thresholds with step scaling, for example, lets say you have 3 instances, and the CPU goes to 60%, triggering the +1 step scaling policy. If the load stays constant, it will now be distributed to all 4 instances and the average CPU will drop to around 45% and the scale-in alarm will go off. This will then keep happening in a loop until the load goes up or down enough for one of the alarms to stay in the alarm state and the ASG reaches the minimum or maximum.
Referrals
- Amazon EC2 Auto Scaling
- Cover Image by @marbocatcat from unsplash.
Top comments (0)