Three target types of ALB (Instance, IP, Lambda) and Auto Scaling

TOC

Configuration to check all target types of ALB

There are three types of resources that can be specified as ALB targets.

instance
The targets are specified by instance ID.

ip
The targets are IP addresses.

lambda
The target is a Lambda function.
Target type

This time, we will actually build three different target types and check their behavior.

Environment

We will create four ALB target groups. We will create a group for each of the three target types described above, and for the Instance type only, we will create two groups: one for EC2 instances and the second for EC2 Auto Scaling groups.

Use path-based routing to associate each target group with a single ALB, and the correspondence between URLs and target groups is as follows

/: Target Group 1
/instance/：Target Group 1
/autoscaling/：Target Group 2
/ip/：Target Group 3
/lambda/：Target Group 4

The EC2 instances we are going to create will have Apache installed in common, will run as a web server, and will listen for HTTP at 80/tcp.

CloudFormation Template Files

We will build the above configuration using CloudFormation. The CloudFormation template is located at the following URL.

https://github.com/awstut-an-r/awstut-fa/tree/main/028

Explanation of points in template files

For each target type, we will check how to create an ALB target group.
For more information about path-based routing in ALB, please refer to the following page.

Target Type 1-1: instance

Confirm the ALB target group for EC2 instances.

Resources:
  ALBTargetGroup1:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      HealthCheckPath: !Ref Path1
      HealthCheckPort: traffic-port
      HealthCheckProtocol: HTTP
      Name: !Sub "${Prefix}-ALBTargetGroup1"
      Port: !Ref HTTPPort
      Protocol: HTTP
      Targets:
        - Id: !Ref Instance1
      TargetType: instance
      VpcId: !Ref VPC
Code language: YAML (yaml)

Set the TargetType property to “instance” to target an EC2 instance, and specify the ID of the target instance in the Targets property.
When targeting an EC2 instance, you will need to set parameters for the health check system. The parameter that is the key in this configuration is the HealthCheckPath property. It specifies the location where the contents will be placed.

Target Type 1-2: instance (Auto Scaling)

Check the ALB target group for the EC2 Auto Scaling group.

Resources:
  ALBTargetGroup2:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      HealthCheckPath: !Ref Path2
      HealthCheckPort: traffic-port
      HealthCheckProtocol: HTTP
      Name: !Sub "${Prefix}-ALBTargetGroup2"
      Port: !Ref HTTPPort
      Protocol: HTTP
      #Targets:
      TargetType: instance
      VpcId: !Ref VPC
Code language: YAML (yaml)

Even when targeting an Auto Scaling group, set the TargetType property to “instance”. However, do not use the Targets property. This is because the Auto Scaling group resource side will be associated with the ALB target group. Please refer to the following page for details.

Target Type 2: ip

Check how to specify the target on an IP address basis.

Resources:
  ALBTargetGroup3:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      HealthCheckPath: !Ref Path3
      HealthCheckPort: traffic-port
      HealthCheckProtocol: HTTP
      Name: !Sub "${Prefix}-ALBTargetGroup3"
      Port: !Ref HTTPPort
      Protocol: HTTP
      Targets:
        - Id: !Ref Instance2PrivateIp
      TargetType: ip
      VpcId: !Ref VPC
Code language: YAML (yaml)

To specify an IP address as a target for ALB, set the TargetType property to “ip” and the Targets property to that IP address. The key point in setting this type is that there is a limit to the number of IP addresses that can be specified.

When the target type is ip, you can specify IP addresses from one of the following CIDR blocks:

・The subnets of the VPC for the target group
・10.0.0.0/8 (RFC 1918)
・100.64.0.0/10 (RFC 6598)
・172.16.0.0/12 (RFC 1918)
・192.168.0.0/16 (RFC 1918)

You can’t specify publicly routable IP addresses.
Target type

Note that, as described above, you cannot specify a global address, such as an Elastic IP address or a public IP address that can be given to an EC2 instance.

Target Type 3: lambda

Check the ALB target group for Lambda.

Resources:
  ALBTargetGroup4:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    DependsOn:
      - Permission
    Properties:
      HealthCheckEnabled: false
      Name: !Sub "${Prefix}-ALBTargetGroup4"
      Targets:
        - Id: !Ref FunctionArn
      TargetType: lambda
Code language: YAML (yaml)

Set the TargetType property to “lambda” to target Lambda functions, and specify the ARN of the target function in the Targets property.
The key point in setting the Lambda function as the ALB target is that the Port and Protocol properties do not need to be set. Please note that setting these properties will cause an error. Also, if the target is a Lambda function, the health check is disabled by default. Therefore, we will not configure any settings related to health checks.

Another point is that you need to grant permission to the ALB to call the Lambda function.

  Permission:
    Type: AWS::Lambda::Permission
    Properties:
      FunctionName: !Ref FunctionName
      Action: lambda:InvokeFunction
      Principal: elasticloadbalancing.amazonaws.com
Code language: YAML (yaml)

Create a resource-based policy for Lambda and grant the ALB the permission to invoke this function.

Architecting

We will use CloudFormation to build this environment and check its actual behavior.

Create CloudFormation stack and check resources in stacks

We will create a CloudFormation stack.
For information on how to create a stack and check each stack, please refer to the following page

After checking the resources in each stack, here is the information on the main resources created this time

ALB: fa-028-ALB
Target group 1: fa-028-ALBTargetGroup1
Target group 2: fa-028-ALBTargetGroup2
Target group 3: fa-028-ALBTargetGroup3
Target group 4: fa-028-ALBTargetGroup4

We will also check the resource creation status from the AWS Management Console.

First, we will check the ALB.

The ALB has been created.

Next, check the listener rules.

You can check the correspondence between URLs and target groups.

Check each target group.

You can see that targets have been registered in each target group. Notice that the content of the registered targets is different for each target type.
For example, in target groups 1 and 2 where instances and Auto Scaling groups are registered, the instance ID is displayed.
Target group 3, where IP is specified, shows the private address given to the target instance.
Target group 4, where the Lambda function is specified, shows the name and ARN of the function.

Operation check

Now that everything is ready, let’s access the ALB.

First, we will access the instances.

We received a response from the instance in target group 1. We now know that we can set the instance as the target of ALB.

Next, access EC2 Auto Scaling.

We found out that we can successfully access the EC2 Auto Scaling by setting the target type to an instance even when targeting Auto Scaling.

Next, we will access the EC2 instance specified by the IP address.

We now know that we can also target ALB by specifying the IP address.

Finally, let’s access the Lambda function.

The Lambda function in target group 4 responded, indicating that the Lambda function can be made a target of the ALB.

Summary

We have now confirmed the resources (three types) that can be specified as ALB targets.
When targeting EC2 Auto Scaling, we confirmed that we can specify the target type as instance.