AWS Elastic Beanstalk
Developer Guide
AWS services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon AWS.

Configuring a Classic Load Balancer

When you enable load balancing, your AWS Elastic Beanstalk environment is equipped with an Elastic Load Balancing load balancer to distribute traffic among the instances in your environment. Elastic Load Balancing supports several load balancer types. To learn about them, see the Elastic Load Balancing User Guide.

This topic describes the configuration of a Classic Load Balancer. For information about configuring all the load balancer types that Elastic Beanstalk supports, see Load Balancer for Your AWS Elastic Beanstalk Environment.

Note

You can choose the type of load balancer that your environment uses only during environment creation. Later, you can change settings to manage the behavior of your running environment's load balancer, but you can't change its type.

Introduction

A Classic Load Balancer is the Elastic Load Balancing previous-generation load balancer. It supports routing HTTP, HTTPS, or TCP request traffic to different ports on environment instances.

When your environment uses a Classic Load Balancer, Elastic Beanstalk configures it by default to listen for HTTP traffic on port 80 and forward it to instances on the same port. To support secure connections, you can configure your load balancer with a listener on port 443 and a TLS certificate.

The load balancer uses a health check to determine whether the Amazon EC2 instances running your application are healthy. The health check makes a request to a specified URL at a set interval. If the URL returns an error message, or fails to return within a specified timeout period, the health check fails.

If your application performs better by serving multiple requests from the same client on a single server, you can configure your load balancer to use sticky sessions. With sticky sessions, the load balancer adds a cookie to HTTP responses that identifies the Amazon EC2 instance that served the request. When a subsequent request is received from the same client, the load balancer uses the cookie to send the request to the same instance.

With cross-zone load balancing, each load balancer node for your Classic Load Balancer distributes requests evenly across the registered instances in all enabled Availability Zones. If cross-zone load balancing is disabled, each load balancer node distributes requests evenly across the registered instances in its Availability Zone only.

When an instance is removed from the load balancer because it has become unhealthy or the environment is scaling down, connection draining gives the instance time to complete requests before closing the connection between the instance and the load balancer. You can change the amount of time given to instances to send a response, or disable connection draining completely.

Note

Connection draining is enabled by default when you create an environment with the Elastic Beanstalkconsole or the EB CLI. For other clients, you can enable it with configuration options.

You can use advanced load balancer settings to configure listeners on arbitrary ports, modify additional sticky session settings, and configure the load balancer to connect to EC2 instances securely. These settings are available through configuration options that you can set by using configuration files in your source code, or directly on an environment by using the Elastic Beanstalk API. Many of these settings are also available in the Elastic Beanstalk console. In addition, you can configure a load balancer to upload access logs to Amazon S3.

Configuring a Classic Load Balancer Using the Elastic Beanstalk Console

You can use the Elastic Beanstalk console to configure a Classic Load Balancer's ports, HTTPS certificate, and other settings, during environment creation or later when your environment is running.

To configure a Classic Load Balancer in the Elastic Beanstalk console during environment creation

  1. Open the Elastic Beanstalk console.

  2. Use the Create New Environment wizard to start creating your environment.

  3. On the wizard's main page, before choosing Create environment, choose Configure more options.

  4. Choose the High availability configuration preset.

    Alternatively, on the Capacity configuration card, configure a Load balanced environment type. For details, see Capacity.

  5. On the Load balancer configuration card, choose Modify.

  6. Select the Classic Load Balancer option, if it isn't already selected.

    
            Load balancer configuration page - choosing load balancer type
  7. Make any Classic Load Balancer configuration changes that your environment requires.

  8. Choose Save, and then make any other configuration changes that your environment requires.

  9. Choose Create environment.

To configure a running environment's Classic Load Balancer in the Elastic Beanstalk console

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. Choose Configuration.

  4. On the Load balancer configuration card, choose Modify.

    Note

    If the Load balancer configuration card doesn't have a Modify button, your environment doesn't have a load balancer. To learn how to set one up, see Changing Environment Type.

  5. Make the Classic Load Balancer configuration changes that your environment requires.

  6. Choose Apply.

Listeners

Use this list to specify listeners for your load balancer. Each listener routes incoming client traffic on a specified port using a specified protocol to your instances. Initially, the list shows the default listener, which routes incoming HTTP traffic on port 80 to your environment's instance servers that are listening to HTTP traffic on port 80.


          Classic Load Balancer configuration - editing listeners

To configure an existing listener

  1. Select the check box next to its table entry, choose Actions, and then choose the action you want.

  2. If you chose Edit, use the Classic Load Balancer listener dialog box to edit settings, and then choose Save.

For example, you can edit the default listener and change the Protocol from HTTP to TCP if you want the load balancer to forward a request as is. This prevents the load balancer from rewriting headers (including X-Forwarded-For). The technique doesn't work with sticky sessions.


          Classic Load Balancer configuration - changing the default listener's protocol to TCP

To add a listener

  1. Choose Add listener.

  2. In the Classic Load Balancer listener dialog box, configure the settings you want, and then choose Add.

Adding a secure listener is a common use case. The example in the following image adds a listener for HTTPS traffic on port 443. This listener routes the incoming traffic to environment instance servers listening to HTTPS traffic on port 443.

Before you can configure an HTTPS listener, ensure that you have a valid SSL certificate. Do one of the following:

For more detail on configuring HTTPS and working with certificates in Elastic Beanstalk, see Configuring HTTPS for Your Elastic Beanstalk Environment.

For SSL certificate, choose the ARN of your SSL certificate. For example, arn:aws-cn:iam::123456789012:server-certificate/abc/certs/build, or arn:aws-cn:acm:us-west-2:123456789012:certificate/12345678-12ab-34cd-56ef-12345678.


          Classic Load Balancer configuration - adding a secure listener

For details about configuring HTTPS and working with certificates in Elastic Beanstalk, see Configuring HTTPS for Your Elastic Beanstalk Environment.

Sessions

Select or clear the Session stickiness enabled box to enable or disable sticky sessions. Use Cookie duration to configure a sticky session's duration, up to 1000000 seconds.


          Classic Load Balancer settings for session stickiness and duration

Cross-Zone Load Balancing

Select or clear the Load balancing across multiple Availability Zones enabled box to enable or disable cross-zone load balancing.


          Classic Load Balancer settings for cross-zone load balancing

Connection Draining

Select or clear the Connection draining enabled box to enable or disable connection draining. Set the Draining timeout, up to 3600 seconds.


          Classic Load Balancer settings for connection draining and draining timeout

Health Check

Use the following settings to configure load balancer health checks:

  • Health check path – The path to which the load balancer sends health check requests. If you don't set the path, the load balancer attempts to make a TCP connection on port 80 to verify health.

  • Timeout – The amount of time, in seconds, to wait for a health check response.

  • Interval – The amount of time, in seconds, between health checks of an individual instance. The interval must be greater than the timeout.

  • Unhealthy threshold, Healthy threshold – The number of health checks that must fail or pass, respectively, before Elastic Load Balancing changes an instance's health state.


          Classic Load Balancer settings for health check

Note

The Elastic Load Balancing health check doesn't affect the health check behavior of an environment's Auto Scaling group. Instances that fail an Elastic Load Balancing health check are not automatically replaced by Amazon EC2 Auto Scaling unless you manually configure Amazon EC2 Auto Scaling to do so. See Auto Scaling Health Check Setting for details.

For more information about health checks and how they influence your environment's overall health, see Basic Health Reporting.

Configuring a Classic Load Balancer Using the EB CLI

The EB CLI prompts you to choose a load balancer type when you run eb create.

$ eb create Enter Environment Name (default is my-app): test-env Enter DNS CNAME prefix (default is my-app): test-env-DLW24ED23SF Select a load balancer type 1) classic 2) application 3) network (default is 1):

Press Enter to select classic.

You can also specify a load balancer type by using the --elb-type option.

$ eb create test-env --elb-type classic

Classic Load Balancer Configuration Namespaces

You can find settings related to Classic Load Balancers in the following namespaces:

  • aws:elb:healthcheck – Configure the thresholds, check interval, and timeout for load balancer health checks.

  • aws:elasticbeanstalk:application – Configure the health check URL.

  • aws:elb:loadbalancer – Enable cross-zone load balancing. Assign security groups to the load balancer and override the default security group that Elastic Beanstalk creates. This namespace also includes deprecated options for configuring the standard and secure listeners that have been replaced by options in the aws:elb:listener namespace.

  • aws:elb:listener – Configure the default listener on port 80, a secure listener on port 443, or additional listeners for any protocol on any port. If you specify aws:elb:listener as the namespace, settings apply to the default listener on port 80. If you specify a port (for example, aws:elb:listener:443), a listener is configured on that port.

  • aws:elb:policies – Configure additional settings for your load balancer. Use options in this namespace to configure listeners on arbitrary ports, modify additional sticky session settings, and configure the load balancer to connect to Amazon EC2 instances securely.

The EB CLI and Elastic Beanstalk console apply recommended values for the preceding options. You must remove these settings if you want to use configuration files to configure the same. See Recommended Values for details.

Example .ebextensions/loadbalancer-terminatehttps.config

The following example configuration file creates an HTTPS listener on port 443, assigns a certificate that the load balancer uses to terminate the secure connection, and disables the default listener on port 80. The load balancer forwards the decrypted requests to the EC2 instances in your environment on HTTP:80.

option_settings: aws:elb:listener:443: ListenerProtocol: HTTPS SSLCertificateId: arn:aws-cn:acm:us-west-2:123456789012:certificate/12345678-12ab-34cd-56ef-12345678 InstancePort: 80 InstanceProtocol: HTTP aws:elb:listener: ListenerEnabled: false