Lab: Creating and Configuring a Network Load Balancer in AWS
Introduction
In this hands-on lab, you will prepare the AWS environment for the Network Load Balancer (configuring subnets, network ACL, and EC2 instances). When the preparation is complete, you will create and configure a Network Load Balancer. After configuration of the load balancer, you will work from the CLI to run a small test on the load balancer and view the results in the CloudWatch service.
Solution
Log in to the live AWS environment using the credentials provided. Make sure you're in the N. Virginia (us-east-1) Region throughout the lab.
Prepare the Environment
Create and Configure a Subnet
Navigate to the VPC Management Console by searching for VPC in the search bar at the top of the AWS Console and selecting VPC from the list of services.
Click Subnets in the left-hand menu, and then click Create subnet.
VPC ID: Select the listed VPC
Subnet name: PublicB
Availability Zone: us-east-1b
IPv4 CIDR block: 10.0.2.0/24
Click Create subnet.
On the Subnets page, with the PublicB subnet selected, click the Route table tab below.
Click the Route table link.
With the route table selected, click the Routes tab below.
Click Edit routes, and then Add route.
Set the following values for the new route:
Destination: 0.0.0.0/0
Target: Select Internet Gateway, and then select the listed internet gateway
Click Save changes.
Click the Subnet associations tab.
For Explicit subnet associations section of the page, click Edit subnet associations.
Select the PublicB subnet and click Save associations.
Edit the Network ACL
Click Subnets in the left-hand menu.
Select the PublicB subnet.
Click the Network ACL tab below, and then click the Network ACL link.
With the NACL selected, click on the Actions button and select Edit inbound rules from the dropdown list.
Update Rule 100 with the following:
Rule number: 100
Type: HTTP (80)
Protocol: TCP (6)
Port range: 80
Source: 0.0.0.0/0
Allow/Deny: Allow
Click Add new rule.
Set the following values:
Rule number: 110
Type: HTTPS (443)
Protocol: TCP (6)
Port range: 443
Source: 0.0.0.0/0
Allow/Deny: Allow
Click Add new rule.
Set the following values:
Rule number: 120
Type: SSH (22)
Protocol: TCP (6)
Port Range: 22
Source: 0.0.0.0/0
Allow/Deny: Allow
Set the following values:
Rule number: 130
Type: Custom TCP
Protocol: TCP (6)
Port Range: 1024-65535
Source: 0.0.0.0/0
Allow/Deny: Allow
Click Save changes.
Create EC2 Instances
Create the WebA Instance
Navigate to the EC2 Management Console and click on Instances in the left-hand menu.
Click Launch instances.
Set the name to WebA.
On the AMI page, select the latest Amazon Linux 2 AMI.
Leave t3.micro selected.
Click in the drop down and select Proceed without a key pair
In the Network settings section, click Edit.
Set the following values:
Subnet: Set to the Public subnet in us-east-1a
Auto-assign Public IP: Enable
Check the option "Select existing Security Group" and from the dropdown, select the EC2SecurityGroup that was created for the lab.
In the Advanced details section, scroll down to the User data -optional section and paste in the following script:
Click Launch Instance.
Click View all instances
Create the WebB Instance
Navigate to the EC2 Management Console and click on Instances in the left-hand menu.
Click Launch instances.
Set the name to WebB.
On the AMI page, select the latest Amazon Linux 2 AMI.
Leave t3.micro selected.
Click in the drop down and select Proceed without a key pair
In the Network settings section, click Edit.
Set the following values:
Subnet: Set to the Public subnet in us-east-1b
Auto-assign Public IP: Enable
Check the option "Select existing Security Group" and from the dropdown, select the EC2SecurityGroup that was created for the lab.
In the Advanced details section, scroll down to the User data -optional section and paste in the following script:
Click Launch Instance.
Click View all instances, and give the WebA and WebB instances a few minutes to pass their status checks.
Create and Configure a Network Load Balancer
Click on Load Balancers in the Load Balancing section of the left-hand menu.
Click Create Load Balancer.
In the Network Load Balancer card, click Create.
In the Basic Configuration section, set the following values:
Load Balancer name: NLB4LAB
Scheme: Internet-facing
In the Network mapping section, from the Select a VPC dropdown, select the listed VPC and then, under Mappings, check both the us-east-1a and us-east-1b checkboxes.
Make sure your Network Load Balancer is created without security groups.
In the Listeners and routing section, click Create target group. It will open a new browser tab.
On the Specify group details page, in the Basic configuration section, set the following values:
Choose a target type: Instances
Target group name: nlbTargets
Protocol: TCP
Port: 80
In the Health checks section, set the following values:
Health check protocol: TCP
Leave the settings in the Advanced health check settings section as-is.
Click Next.
On the Register targets page, select the WebA and WebB instances you created (not the AdminInstance), and click Include as pending below.
Click Create target group.
Close the Target groups tab and navigate back to the Load balancers tab.
On the Create Network Load Balancer page, under Listeners and routing, click on the refresh button next to the Default action | Forward to field.
From the Forward to dropdown, select the nlbTargets target group we just created.
Scroll down and click Create load balancer.
Click View load balancer.
Scroll down to the Load Balancers section in the left-hand menu, right-click on Target Groups, and open it in a new tab.
In the new Target groups tab, select the nlbTargets target group.
Click the Targets tab. After a few minutes and once your NLB is active, you should see both the WebA and WebB instances display a healthy status.
Test and Monitor the Network Load Balancer
Click Load Balancers in the left-hand menu.
Select the NLB4LAB Network Load Balancer and, in the Description tab below, copy the contents of the DNS name field.
Paste the DNS name you copied into a new browser tab and press Enter. It should result in a web page that says Request handled by: WebA or Request handled by: WebB, depending on which instance the request is routed to.
In a second tab, navigate to the EC2 Management Console, and click Instances in the left-hand menu.
From the list of running instances, select the AdminInstance and, from the Details tab below, copy the contents of the Public IPv4 address field.
In the terminal of your choice, log in to the AdminInstance server using the public IP address you just copied:
Note: The unique password is provided in your lab credentials, under Cloud Server public instance.
In the first tab with the Load Balancers page open, with NLB4LAB still selected, from the Description tab, copy the DNS name again.
In the terminal, bombard your load balancer with requests with the following command, using the DNS name you just copied:
Hit Enter. Your terminal will most likely be flooded by a lot of scrolling text telling you which web instance — WebA or WebB — the request was handled by.
Hit Ctrl+C to break out of the loop.
In the first tab with the Load Balancers page open, click the Monitoring tab to keep an eye on the CloudWatch metrics. It may take a few minutes, but you should see the spikes in the different charts representing the simulated traffic.
Last updated
Was this helpful?