markrubens - Fotolia


AWS load balancers evolve to meet hybrid cloud needs

New load-balancing options from AWS control traffic according to administrator needs, which increasingly revolve around hybrid cloud workloads.

A load balancer distributes traffic evenly and efficiently to multiple back-end servers to ensure high availability...

and scalability. But users' load-balancing needs have shifted over the years, especially with the rise of hybrid cloud.

As a crucial component of production infrastructure, load balancers can be either software-based or hardware-based. AWS load balancers emerged in 2009 with the release of Elastic Load Balancing, a managed and scalable service that has been an essential AWS tool ever since.

Amazon added Application Load Balancer (ALB) in 2016, a new offering that provides advanced routing features for application architectures. And recently, AWS introduced Network Load Balancer (NLB), which is designed for volatile network workloads and provides more effortless scaling.

ALB and NLB mark substantial upgrades from the older-generation Elastic Load Balancing, which was subsequently renamed Classic Load Balancer.

ALB operates at Layer 7, can inspect packets and can access HTTP/HTTPS headers to balance traffic efficiently. Administrators can also use ALB for content-based routing, which enables them to define URL-based rules for routing requests; to support container-based applications via Amazon EC2 Container Service and other protocols, like WebSocket and HTTP/2; and to improve metrics.

NLB works at Layer 4 and can handle high throughput at low latency, while accepting millions of requests per second. It is API-compatible with ALB and offers features like source address preservation, long-running connections and failover using Route 53 health checks. It also provides a static IP for each availability zone to which it routes traffic, but you could also use elastic IPs.

How ALB, NLB fit into hybrid deployments

As companies turn to hybrid cloud architectures for cloud bursting or failover, their needs surpass the abilities of AWS' Classic Load Balancer. To resolve this, Amazon recently introduced an update for ALB that helps enterprises route traffic beyond the AWS cloud to on-premises IP addresses. NLB also supports this feature.

To manage traffic to local data centers, both AWS load balancers register targets as IP addresses and support the following ranges:,, (RFC 1918 ranges) and (RFC 6598 range). Addresses must be accessible over a virtual private network or AWS Direct Connect. ALB also supports routing to peered Amazon Virtual Private Clouds or EC2-Classic instances.

Though both can serve as hybrid load balancers, ALB and NLB are designed for completely different roles. ALB focuses on HTTPS traffic and integrates with other AWS tools and services, such as CodeDeploy for blue-green deployment and AWS Certificate Manager to manage Secure Socket Layer and Transport Layer Security certificates. NLB is more limited, as it only listens for TCP connections, and it is most commonly used with Auto Scaling groups. But, for example, if you have multiple replicas of a database to which your servers connect, you could put NLB in front of them to route traffic without needing to make your application aware of the back-end setup.

NLB best suits workloads with huge spikes in traffic, as long as you can make do with TCP only. Conversely, ALB scales gradually, so administrators that anticipate big spikes in traffic must request that Amazon pre-warm their load balancer.

Third-party load-balancing options

Third-party tools can also integrate with AWS tools, though they require some potentially prohibitive workarounds. But they can still be useful in hybrid cloud environments.

F5 Networks' BIG-IP offers load balancing for hybrid architectures. It has a Traffic Management Operating System that admins can use on hardware with a SaaS distribution model or on a VM. BIG-IP includes a Local Traffic Manager (LTM) module for load balancing. Though BIG-IP usually balances traffic for locally placed servers, customers can also route traffic to servers in different data centers or clouds.

The BIG-IP LTM includes intelligent load balancing, compatibility with several protocols, application health monitoring and application connection state management. BIG-IP offers several other modules with powerful features, such as iRules, which allows admins to manage IP traffic passing through BIG-IP with easy-to-learn scripting syntax.

F5 Networks offers several editions of BIG-IP that vary based on the amount of throughput and included modules. Prices vary with each option. Customers can also opt for a Bring Your Own License version.

HAProxy, an open source software load balancer, is another popular tool. HAProxy supports both TCP and HTTP load balancing. The software can run on Linux, Solaris and FreeBSD, enabling admins to deploy HAProxy on AWS. HAProxy can balance traffic to both public and private IP addresses, so if it has a route and security access, it can be used as a load balancer for hybrid architectures. ALB and NLB are useful options for many hybrid architectures. These AWS load balancers cover various needs and provide seamless integration with services in the AWS cloud; third-party tools can't provide this same level of integration. Though both AWS load balancers still lack customization and the ability to route traffic using public IP addresses, AWS is headed in the right direction. For AWS customers that rely on a hybrid cloud architecture, the upgraded ALB or the newly released NLB might be the best options.

Next Steps

Hybrid cloud impacts load balancing from AWS

Granular routing options with AWS NLB

What's on the AWS hybrid cloud wish list?

Dig Deeper on AWS network management