Home Uncategorized AWS ELB resources should have connection draining enabled

AWS ELB resources should have connection draining enabled

-

The concept of fault tolerance and high availability remains the same as far as cloud computing is concerned. The whole system is not supposed to stop even if there is a failure or outage in any one of the components across your infrastructure. It is recommended to follow certain practices for your AWS ELBs which can help in providing users with a complete fault-tolerant cloud environment.

What is AWS ELB (Elastic Load Balancing)?

AWS ELB (Elastic Load Balancing) distributes incoming traffic of your application across multiple resource targets, such as EC2 instances, containers, IP addresses, etc. A load balancer can manage and balance the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones. Elastic Load Balancing consists of three types of load balancers – Application Load Balancers (best suited for load balancing of HTTP and HTTPS traffic), Network Load Balancers (best suited for load balancing of Transmission Control Protocol (TCP) traffic where extreme performance is required) and Classic Load Balancers (provides basic load balancing across multiple Amazon EC2 instances).

Enable connection draining feature for Elastic Load Balancing

Enabling connection draining feature in a load balancer makes sure that any back-end instances you have deregistered will complete requests in progress before the deregistration process starts. Also, if a back-end instance fails to keep up with the recommended health checks, then the load balancer does not send any new requests to the unhealthy instance. Although it will still allow existing requests to complete.

AWS ELB connection draining prevents breaking open network connections while taking an instance out of service, updating its software, or replacing it with a fresh instance that contains updated software. Connection draining avoids the situation of broken connection being displayed as a half-drawn web page, an aborted file download, or a failed web service call. It is recommended that connection draining should be enabled for your Elastic Load Balancers to ensure fault tolerance in your cloud infra.

Centilytics provides an insight which warns the user whenever a load balancer with disabled connection draining is detected.

Insight descriptions:

There can be 1 possible scenario:

Severity Description
Warning This indication will be displayed when your AWS (ELB) Elastic load balancer does not have connection draining enabled.

 

Description of further columns are as follows:

  1. Account Id: This column shows the respective account ID of the user’s account.  AWS ELB 66
  2. Account Name: This column shows the Account Id of the user’s account.AWS ELB 33
  3. Region: This column shows the region in which the resources exist.AWS ELB
  4. Identifier: This column shows the name of the load balancer.AWS ELB 2

Filters applicable:

Filter Name Description
Account Id Applying the account Id filter will display data for the selected account Id.
Region Applying the region filter will display data according to the selected region.
Severity Applying severity filter will display data according to the selected severity type i.e. selecting critical will display all resources with critical severity. Same will be the case for Warning and OK severity types
Resource Tags Applying resource tags filter will display those resources which have been assigned the selected resource tag. For e.g., A user has tagged some public snapshots by a resource tag named environment. Then selecting an environment from the resource tags filter will display all those resources tagged by the tag name environment.
Resource Tags Value Applying resource tags value filter will display data which will have the selected resource tag value. For e.g. – Let’s say a user has tagged some resource by a tag named environment and has a value say production (environment: production). Hence, the user can view data of all the resources which have “environment:production” tag assigned. The user can use the tag value filter only when a tag name has been provided.

 

Compliances covered:

Compliance Name Reference No. Link
Trusted Advisor https://console.aws.amazon.com/trustedadvisor/home?#/category/fault-tolerance

 

Cloud

Cloud Management