Setup AWS Application Load Balancer with Auto Scaling Group

In a well-designed cloud architecture, efficiently managing user traffic and scaling resources is crucial for achieving high availability and performance. AWS ensures smooth traffic distribution with AWS Elastic Load Balancer (ELB) and dynamically allocates resources as needed using Auto Scaling Group (ASG).

AWS Elastic Load Balancer (ELB) automatically directs incoming requests across multiple targets, such as EC2 instances, containers, and IP addresses, within multiple Availability Zones (AZs). AWS provides different types of ELB such as Application, Network and Gateway Load balancers. In this article, we will walk through setting up an AWS Application Load Balancer (ALB) configured with an Auto Scaling Group (ASG). The ASG will be linked to a Target Group of EC2 instances to ensure dynamic load balancing and high availability. We will achieve this setup using AWS CLI commands.

In this hands-on exercise, we will set up an AWS environment with an ALB and ASG step by step. First, we will create a security group to allow necessary inbound traffic. Then, we will define a launch template that specifies the configuration for EC2 instances, including a user-data script to set up a simple web server. Next, we will create an Auto Scaling Group (ASG) to ensure that our application scales dynamically based on demand. After that, we will set up a Target Group to manage incoming traffic and distribute it efficiently to the EC2 instances in our ASG. Finally, we will create an ALB, configure a listener, and link everything together to enable seamless load balancing.

Prerequisites

• You will need an AWS account. If you don’t have one, this guide will walk you through setting up a free-tier AWS account.
• Generate aws access keys to configure local CLI environment. The access keys are required to deploy the CloudFormation stack using the AWS CLI. Section 9 of this blog explains that process.

Advantages of Configuring ALB with an ASG

Integrating an Application Load Balancer (ALB) with an Auto Scaling Group (ASG) enhances application availability and resilience. The key benefits include:

1. Automatic Scaling – ASG ensures that the right number of instances run based on demand, automatically adding or removing instances as traffic changes.
2. High Availability – ALB distributes traffic across multiple healthy instances in different AZs, preventing single points of failure.
3. Cost Optimization – With ASG, you only pay for the resources needed at a given time, reducing costs during low-traffic periods.
4. Better Fault Tolerance – If an instance becomes unhealthy, ALB redirects traffic to available healthy targets, ensuring uninterrupted service.

By the end of this guide, you will have a fully functional, scalable, and highly available architecture that automatically adjusts to changing traffic demands. This setup is ideal for web applications that require resilience and scalability without manual intervention.

Let's start!

Step 1: Create a Security Group

To enable secure access to an EC2 instance for both SSH and HTTP traffic, we first create a security group in AWS using the aws ec2 create-security-group command, which specifies a group name and a description. This security group acts as a virtual firewall that controls inbound and outbound traffic to the EC2 instance.

aws ec2 create-security-group --group-name my-test-security-group --description "Security Group for My ALB" --region <your-region-id>

Next, we grant access for SSH (port 22) by using the aws ec2 authorize-security-group-ingress command, allowing incoming traffic from any IP address (0.0.0.0/0).

aws ec2 authorize-security-group-ingress --group-name my-test-security-group --protocol tcp --port 22 --cidr 0.0.0.0/0 --region <your-region-id>

Similarly, we allow HTTP traffic (port 80) using the same command.

aws ec2 authorize-security-group-ingress --group-name my-test-security-group --protocol tcp --port 80 --cidr 0.0.0.0/0 --region <your-region-id>

This configuration ensures that the EC2 instance can accept SSH connections for management and HTTP connections for web traffic, both from any IP address.

Let's check this security group in aws management console,

Step 2: Create a Launch Template

We will manually create a launch template using the AWS Management Console.

1. Go to the EC2 Dashboard in the AWS Management Console.
2. Click Launch Templates and then Create launch template.
3. Set the template name to MyLaunchTemplate.
4. Choose an AMI (here we choose Amazon Linux 2023 AMI, which is eligible for free tier account).
5. Select an instance type (e.g., t2.micro).
6. We can skip creating key pair in this excercise.
7. Choose the previously created security group (my-test-security-group).
8. Expand Advanced details and paste the following user data to install and configure a simple web server an click Create launch template.

#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd

# Get the EC2 instance's availability zone
EC2AZ=$(TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` && curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/placement/availability-zone)

# Create a simple HTML file with the availability zone info
echo '<center><h1>Hello from Web Server in Availability Zone: AZID </h1></center>' > /var/www/html/index.txt
sed "s/AZID/$EC2AZ/" /var/www/html/index.txt > /var/www/html/index.html

Note: In AWS, every virtual machine (EC2 instance) has some information about itself, like its ID, region, security groups, etc. AWS stores this information as instance metadata. To get this metadata, AWS provides a special internal IP address: 169.254.169.254.

Step 3: Create an Auto Scaling Group (ASG)

Now we will create an Auto Scaling group named "my-auto-scaling-group" using a launch template we previously created "MyLaunchTemplate." It sets the desired capacity to 2 instances, with a minimum of 1 and a maximum of 5 instances, distributed across two availability zones. The instances are launched in two different subnets within a Virtual Private Cloud (VPC) to ensure scalability and high availability.

aws autoscaling create-auto-scaling-group --auto-scaling-group-name my-auto-scaling-group \
  --launch-template "LaunchTemplateName=MyLaunchTemplate" \
  --min-size 1 --max-size 5 --desired-capacity 2 \
  --availability-zones "<availablity-zone-1>" "<availablity-zone-2>" \
  --vpc-zone-identifier "<subnet-id-1>,<subnet-id-2>"

Note: Replace <subnet-id-x> and <availablity-zone-x> according to your setup.

Step 4: Create Target Group and Load Balancer

1. Create a Target Group (TG1):

Creates an HTTP-based target group named "my-target-group" on port 80 within a specified VPC.

aws elbv2 create-target-group --name my-target-group --protocol HTTP --port 80 --vpc-id <vpc-id>

Note: Target group is created but no ec2 instances registered yet. We will create ec2 instances in comming sections.

2. Create an Application Load Balancer (ALB1):

Creates an Application Load Balancer named "my-alb" with specified subnets and security groups for traffic management.

aws elbv2 create-load-balancer --name my-alb --subnets <subnet-id-1> <subnet-id-2> --security-groups <security-group-id>

Note: Replace <subnet-id-1>, <subnet-id-2> and <security-group-id> by actual values.

Note: You need to note down LoadBalancerArn, which we will use in coming sections.

3. Create a Listener and link it to the Target Group:

Creates an HTTP listener on port 80 for the specified ALB and forwards traffic to the defined target group. A listener is needed to define how incoming traffic on a specific port (like port 80) should be routed to the target group, ensuring that the load balancer can forward requests to the correct resources.

aws elbv2 create-listener --load-balancer-arn <alb-arn> --protocol HTTP --port 80 --default-actions Type=forward,TargetGroupArn=<target-group-arn>

4. Attach the Target Group to the Auto Scaling Group:

Links the specified target group to the Auto Scaling group "ASG1" to manage the scaling and load balancing of instances.

aws autoscaling attach-load-balancer-target-groups --auto-scaling-group-name ASG1 --target-group-arns <target-group-arn>

The Auto Scaling Group will launch 2 EC2 instances, as specified by the desired capacity. Both instances will be marked as healthy once they pass the required health checks.

We can also view the Load Balancer, which shows an HTTP listener associated with an EC2 target group.

We can check the Target Group to see that both instances are healthy.

Step 5: Testing Load Balancer

In order to test ALB, go to ALB dashboard and note ALB DNS name

Write ALB DNS name in browser

Keep refreshing you will see response form different AZ,

Step 6: Deleting the Setup

To delete the setup, follow these commands:

aws elbv2 delete-load-balancer --load-balancer-arn <alb-arn>
aws autoscaling delete-auto-scaling-group --auto-scaling-group-name ASG1 --force-delete

Delete Target Group

Delete Launch Template

Conclusion

By following these steps, you have successfully set up an AWS Application Load Balancer (ALB) with an Auto Scaling Group (ASG) and a Target Group using AWS CLI. This setup ensures that your application scales dynamically while maintaining high availability and fault tolerance.