AWS LB - QnA

-

 

***AWS Load Balancer interview Question***

1. What are the different types of Load Balancers provided by AWS?

Classical Load Balancer - Deprecated.

Application Load Balancer.

Network Load Balancer.

2. When would you choose ALB over NLB or CLB?

ALB - Primarily works in the Application Layer. Supports HTTP layer customization like path based forwarding, Host header, HTTP request method, Source IP based routing.

NLB - Operates at Networking layer. Provide much better performance compared to ALB. NLB's target group can be an ALB.

3. How does path-based routing work in an Application Load Balancer?

Path based routing allows to route traffic based on the request path.

E.g., If your domain name is www.example.com, we can configure path based routing like www.example.com/welcome

www.example.com/signin

Path based traffic can be routed to a "Target Group", "Redirect to URL", "Return Fixed Response".

4. How does AWS Auto Scaling integrate with Elastic Load Balancing (ELB)?

Integration of ASG with ELB is through "Target Group".

5. What is a Target Group in ALB/NLB, and how does it work?

Target group is a collection of EC2 instances that serves traffic for a load balancer requests. Lot of customization can be made at the target group layer like load balancing mode, sticky session, idle timeout, cross zone load balancing, health check and others.

6. What is a Sticky Session in AWS Load Balancers?

Sticky session is a common load balancing feature, which lets traffic from a client to reach a specific backend end server based on cookie for a certain amount of time.

7. How can you secure your Load Balancer?

Ensure the security group attached to the load balancer allow traffic from valid sources, make sure the domain is HTTPs instead of HTTP,  implement WAF for handle malicious traffic and throttling/rate limiting. 

8. What are the health checks in Elastic Load Balancer, and how do they work?

Health checks ensure the backend servers serving traffic are healthy. Health check configured at the target group level, checking the health via HTTP/TCP protocol.

9. Can you explain Cross-Zone Load Balancing?

Enables to distribute traffic across the backend servers equally (balanced).

10. How do you monitor and troubleshoot issues with an AWS Load Balancer?

Monitor the load balancer stats via CloudWatch. Troubleshooting depends on the scenario. But, LB is just a reverse proxy. 

11. What is SSL/TLS termination, and how is it implemented in AWS ELB?

SSL/TLS termination, allows the HTTPS traffic to be terminated at the LB end and forward it as HTTP traffic to the backend servers. This is to reduce the packet size and improve network performance. Its configured at the listener(HTTPS based) with SSL cert.

12. What happens if one of your Availability Zones fails when using an ELB?

Health check fails at the target group level and the nodes becomes "Unhealthy". Traffic routed to other EC2 instances in other AZ's (If the ELB is configured in multi AZ).

13. How do you configure an AWS Application Load Balancer for WebSocket traffic?

WebSocket (Port 80/443). This is a regular target group configuration with backend service running on port 80/443. Create a listener on port 80/443 and forward as usual.

14. How does the pricing work for AWS Load Balancers? 

Refer to AWS pricing page.

15. What is the difference between listener rules and target groups in ALB?

Listener is at the load balancer side which listens to incoming request and forwards the request to target group.

16. What is the purpose of connection draining in AWS ELB (now known as deregistration delay)?

Deregistration is taking EC2 instance out of the target group. It (deregistration delay) helps to complete the requests inflight/in progress before taking the instances out of traffic from a target group.

17. How does a Network Load Balancer achieve low latency?

Because it operates at the Network Layer(Layer3) and effectively distributes traffic across backend servers in the target group.

18. Can you use an AWS Load Balancer with on-premise resources? Yes

19. What is the role of AWS Global Accelerator in relation to Elastic Load Balancers?

20. What are some common error codes you might encounter when using an Application Load Balancer? 5xx and 4xx errors are common.

21. How do you configure cross-region load balancing in AWS? 

Configured when creating target group.

22. How do you troubleshoot unhealthy targets in an AWS Load Balancer?

If the target is part of ASG, it will be automatically replaced based on the health check. If its stand alone target, check if the application is healthy, ensure no changes with the security group, resource utilization under threshold, try restarting the application or EC2 instance.

23. How does AWS Elastic Load Balancing integrate with AWS Lambda?

Create a target group with lambda function as target.

24. How do you handle multi-tenant applications with an Application Load Balancer?

This is more on how to handle incoming requests which forwards traffic across multi tenant application using ALB HTTP customization like Header based, path based and other options.

25. What are the key metrics to monitor in CloudWatch for AWS Load Balancers?

Latency, Error Count, Error Rate, Healthy Targets and others.

26. How does Elastic Load Balancer integrate with ECS (Elastic Container Service)?

It follow the same process except the target group is going to be a ECS service that points to a container.

27. What is the difference between a Load Balancer and a Reverse Proxy? 

Both does the same work with slight differences. LB does traffic distribution, Scalability. Reverse proxy sits between client and server, cache content and deliver to the server, it hides server IP address.

28. How do you implement SSL offloading on an AWS Load Balancer? Refer to 11.

29. What is the role of sticky sessions in a multi-instance architecture, and when should you not use them? Refer to 6.

30. How do you configure HTTPS listener rules in an Application Load Balancer?



Comments

Post a Comment

Popular posts from this blog

SRE/DevOps Syllabus

-
Image
  DEVOPS/SRE Principles. Git What is Git? Architecture of Git. Working principle of Git. Create and cloning a repo. Version control branching. Version control commit. Version control managing workflows. Git hooks. Git Reflog. Git Stash. Git Cherry Picking. Undoing changes in different states of Git. Git based terraform template management. AWS CI/CD SDLC Automation. Code Commit. Code Build. Code Deployment. Code Pipeline. Elastic Beankstalk. Code Artifact. CodeGuru. Terraform Terraform Basics. Terraform State. Working with Terraform. Terraform with AWS. Remote State. Terraform Provisioners. Terraform Import, Tainting and Debugging. Terraform Modules. Terraform Functions and Conditional Expressions. Automation using Python - AWS AWS lambda. Automating EC2 with Lambda. Automating S3 with Lambda. Automating VPC with Lambda. Cost optimization with Lambda. SNS,SQS and SES with Python. Managing and Automating AWS Security with Python. Kubernetes - CKAD Application Developer. Kubernetes A...
Read more

AWS Code Commit - CI/CD Series Part 1

-
Image
  This is a multi-part series to show how to implement a CI/CD pipeline in AWS. In this post, We will see how to use AWS Code Commit. AWS CodeCommit is a fully managed source control service that allows you to store and manage your code securely in the cloud.  It provides a private Git repository for your code and supports all Git commands and workflows. CodeCommit also integrates with other AWS services like AWS CodePipeline and AWS CodeBuild, allowing you to automate your entire software release process. This can help you streamline your development workflows and improve the overall efficiency of your team. I created a repo from AWS CodeCommit -> Create Repository. And I begin with cloning the repo locally. So that I can make changes and push it. To clone the repo click on "HTTPS" under Clone URL. I make changes to index.html file. Now push it to AWS CodeCommit. Let’s verify the changes in AWS Code commit. Changes are reflected in AWS CodeCommit. We are done with Part ...
Read more

Docker - Preventing IP overlapping

-
Image
  What is IP address overlapping? When the container IP address overlaps with another IP external, then the application running on the container is not accessible from outside due to the IP address overlapping.  NOTE: This IP address overlapping can happen on the bridge interface IP or docker container IP. Let's see how to address this IP overlapping issue on the bridge interface. I already have a running container.  root@demo:~# docker run -d --name web --network mynet1 nginx:alpine 268647e11011d513d2357ce1c81e0f48787038a83d01d028d31a5b29dbdb885b root@demo:~# docker container ls CONTAINER ID   IMAGE          COMMAND                  CREATED         STATUS         PORTS     NAMES 268647e11011   nginx:alpine   "/docker-entrypoint.…"   4 seconds ago   Up 3 seconds   80/tcp  ...
Read more