2020. 2. 5. 13:44ㆍ스터디/AWS Study
Classic Load Balancers: questions on security groups, stickiness
Application Load Balancer (Layer 7 of OSI):
- Support routing based on hostname (users.example.com & payments.example.com)
- Support routing based on path (example.com/users & example.com/payments)
- Support redirects (from HTTP to HTTPS for example)
- Support dynamic host port mapping with ECS
NLB(Layer 4 of OSI) gets a static IP per AZ:
- Public facing: must attach Elastic IP - can help whitelist by clients
- Private facing: will get random private IP based on free ones at time of creation
- Has cross zone balancing
- Has SSL termination (Jan 2019)
The load balancer uses an X.509 certificate (SSL/TLS server certificate)
You can manage certificates using ACM(AWS Certificate Manager)
You can create upload your own certificates alternatively
HTTPS listener:
- You must specify a default certificate
- You can add an optional list of certs to support multiple domains
- Clinets can use SNI (Server Name Indication) to specify the hostname they reach
- Ability to specify a security policy to support older versions of SSl / TLS (legacy clients)
'스터디 > AWS Study' 카테고리의 다른 글
| Auto Scaling Group (0) | 2020.02.09 |
|---|---|
| 마이크로서비스란? (0) | 2020.02.08 |
| Load Balancer Stickiness (0) | 2020.02.05 |
| Load Balancing (0) | 2020.02.02 |
| Scalability & High Availability (0) | 2020.02.02 |