Load Balancing & CDN
Load Balancing & CDN¶
1. Load Balancing Overview¶
1.1 What is a Load Balancer?¶
A load balancer is a service that distributes incoming traffic across multiple servers.
Benefits: - High availability (automatic exclusion of failed servers) - Scalability (easy to add/remove servers) - Performance improvement (load distribution) - Security (DDoS mitigation, SSL offloading)
1.2 Service Comparison¶
| Category | AWS | GCP |
|---|---|---|
| L7 (HTTP/HTTPS) | ALB | HTTP(S) Load Balancing |
| L4 (TCP/UDP) | NLB | TCP/UDP Load Balancing |
| Classic | CLB (legacy) | - |
| Internal | Internal ALB/NLB | Internal Load Balancing |
| Global | Global Accelerator | Global Load Balancing |
2. AWS Elastic Load Balancing¶
2.1 Load Balancer Types¶
| Type | Layer | Use Case | Features |
|---|---|---|---|
| ALB | L7 | Web apps, microservices | Path/host routing, WebSocket |
| NLB | L4 | High performance, static IP needed | Millions RPS, ultra-low latency |
| GWLB | L3 | Firewall, IDS/IPS | Transparent gateway |
2.2 ALB (Application Load Balancer)¶
# 1. ๋์ ๊ทธ๋ฃน ์์ฑ
aws elbv2 create-target-group \
--name my-targets \
--protocol HTTP \
--port 80 \
--vpc-id vpc-12345678 \
--health-check-path /health \
--health-check-interval-seconds 30 \
--target-type instance
# 2. ์ธ์คํด์ค ๋ฑ๋ก
aws elbv2 register-targets \
--target-group-arn arn:aws:elasticloadbalancing:...:targetgroup/my-targets/xxx \
--targets Id=i-12345678 Id=i-87654321
# 3. ALB ์์ฑ
aws elbv2 create-load-balancer \
--name my-alb \
--subnets subnet-1 subnet-2 \
--security-groups sg-12345678 \
--scheme internet-facing \
--type application
# 4. ๋ฆฌ์ค๋ ์์ฑ
aws elbv2 create-listener \
--load-balancer-arn arn:aws:elasticloadbalancing:...:loadbalancer/app/my-alb/xxx \
--protocol HTTP \
--port 80 \
--default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:...:targetgroup/my-targets/xxx
Path-Based Routing:
# ๊ท์น ์ถ๊ฐ (/api/* โ API ๋์ ๊ทธ๋ฃน)
aws elbv2 create-rule \
--listener-arn arn:aws:elasticloadbalancing:...:listener/xxx \
--priority 10 \
--conditions Field=path-pattern,Values='/api/*' \
--actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:...:targetgroup/api-targets/xxx
2.3 NLB (Network Load Balancer)¶
# NLB ์์ฑ (์ ์ IP)
aws elbv2 create-load-balancer \
--name my-nlb \
--subnets subnet-1 subnet-2 \
--type network \
--scheme internet-facing
# TCP ๋ฆฌ์ค๋
aws elbv2 create-listener \
--load-balancer-arn arn:aws:elasticloadbalancing:...:loadbalancer/net/my-nlb/xxx \
--protocol TCP \
--port 80 \
--default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:...:targetgroup/tcp-targets/xxx
2.4 SSL/TLS Configuration¶
# ACM ์ธ์ฆ์ ์์ฒญ
aws acm request-certificate \
--domain-name example.com \
--subject-alternative-names "*.example.com" \
--validation-method DNS
# HTTPS ๋ฆฌ์ค๋ ์ถ๊ฐ
aws elbv2 create-listener \
--load-balancer-arn arn:aws:elasticloadbalancing:...:loadbalancer/app/my-alb/xxx \
--protocol HTTPS \
--port 443 \
--certificates CertificateArn=arn:aws:acm:...:certificate/xxx \
--default-actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:...:targetgroup/my-targets/xxx
# HTTP โ HTTPS ๋ฆฌ๋ค์ด๋ ํธ
aws elbv2 modify-listener \
--listener-arn arn:aws:elasticloadbalancing:...:listener/xxx \
--default-actions Type=redirect,RedirectConfig='{Protocol=HTTPS,Port=443,StatusCode=HTTP_301}'
3. GCP Cloud Load Balancing¶
3.1 Load Balancer Types¶
| Type | Scope | Layer | Use Case |
|---|---|---|---|
| Global HTTP(S) | Global | L7 | Web apps, CDN integration |
| Regional HTTP(S) | Regional | L7 | Single-region apps |
| Global TCP/SSL | Global | L4 | TCP proxy |
| Regional TCP/UDP | Regional | L4 | Network LB |
| Internal HTTP(S) | Regional | L7 | Internal microservices |
| Internal TCP/UDP | Regional | L4 | Internal TCP/UDP |
3.2 HTTP(S) Load Balancer¶
# 1. ์ธ์คํด์ค ๊ทธ๋ฃน ์์ฑ (๋น๊ด๋ฆฌํ)
gcloud compute instance-groups unmanaged create my-group \
--zone=asia-northeast3-a
gcloud compute instance-groups unmanaged add-instances my-group \
--zone=asia-northeast3-a \
--instances=instance-1,instance-2
# 2. ํฌ์ค ์ฒดํฌ ์์ฑ
gcloud compute health-checks create http my-health-check \
--port=80 \
--request-path=/health
# 3. ๋ฐฑ์๋ ์๋น์ค ์์ฑ
gcloud compute backend-services create my-backend \
--protocol=HTTP \
--health-checks=my-health-check \
--global
# 4. ์ธ์คํด์ค ๊ทธ๋ฃน์ ๋ฐฑ์๋์ ์ถ๊ฐ
gcloud compute backend-services add-backend my-backend \
--instance-group=my-group \
--instance-group-zone=asia-northeast3-a \
--global
# 5. URL ๋งต ์์ฑ
gcloud compute url-maps create my-url-map \
--default-service=my-backend
# 6. ๋์ HTTP ํ๋ก์ ์์ฑ
gcloud compute target-http-proxies create my-proxy \
--url-map=my-url-map
# 7. ์ ์ญ ์ ๋ฌ ๊ท์น ์์ฑ
gcloud compute forwarding-rules create my-lb \
--global \
--target-http-proxy=my-proxy \
--ports=80
3.3 SSL/TLS Configuration¶
# 1. ๊ด๋ฆฌํ SSL ์ธ์ฆ์
gcloud compute ssl-certificates create my-cert \
--domains=example.com,www.example.com \
--global
# 2. HTTPS ๋์ ํ๋ก์
gcloud compute target-https-proxies create my-https-proxy \
--url-map=my-url-map \
--ssl-certificates=my-cert
# 3. HTTPS ์ ๋ฌ ๊ท์น
gcloud compute forwarding-rules create my-https-lb \
--global \
--target-https-proxy=my-https-proxy \
--ports=443
# 4. HTTP โ HTTPS ๋ฆฌ๋ค์ด๋ ํธ
gcloud compute url-maps import my-url-map --source=- <<EOF
name: my-url-map
defaultUrlRedirect:
httpsRedirect: true
redirectResponseCode: MOVED_PERMANENTLY_DEFAULT
EOF
3.4 Path-Based Routing¶
# URL ๋งต์ ๊ฒฝ๋ก ๊ท์น ์ถ๊ฐ
gcloud compute url-maps add-path-matcher my-url-map \
--path-matcher-name=api-matcher \
--default-service=default-backend \
--path-rules="/api/*=api-backend,/static/*=static-backend"
4. Health Checks¶
4.1 AWS Health Checks¶
# ๋์ ๊ทธ๋ฃน ํฌ์ค ์ฒดํฌ ์ค์
aws elbv2 modify-target-group \
--target-group-arn arn:aws:elasticloadbalancing:...:targetgroup/my-targets/xxx \
--health-check-protocol HTTP \
--health-check-path /health \
--health-check-interval-seconds 30 \
--health-check-timeout-seconds 5 \
--healthy-threshold-count 2 \
--unhealthy-threshold-count 3
# ๋์ ํฌ์ค ์ํ ํ์ธ
aws elbv2 describe-target-health \
--target-group-arn arn:aws:elasticloadbalancing:...:targetgroup/my-targets/xxx
4.2 GCP Health Checks¶
# HTTP ํฌ์ค ์ฒดํฌ
gcloud compute health-checks create http my-http-check \
--port=80 \
--request-path=/health \
--check-interval=30s \
--timeout=5s \
--healthy-threshold=2 \
--unhealthy-threshold=3
# TCP ํฌ์ค ์ฒดํฌ
gcloud compute health-checks create tcp my-tcp-check \
--port=3306
# ํฌ์ค ์ฒดํฌ ์ํ ํ์ธ
gcloud compute backend-services get-health my-backend --global
5. Auto Scaling Integration¶
5.1 AWS Auto Scaling Group + ALB¶
# ์์ ํ
ํ๋ฆฟ ์์ฑ
aws ec2 create-launch-template \
--launch-template-name my-template \
--launch-template-data '{
"ImageId": "ami-12345678",
"InstanceType": "t3.micro",
"SecurityGroupIds": ["sg-12345678"]
}'
# Auto Scaling Group ์์ฑ (๋์ ๊ทธ๋ฃน ์ฐ๊ฒฐ)
aws autoscaling create-auto-scaling-group \
--auto-scaling-group-name my-asg \
--launch-template LaunchTemplateName=my-template,Version='$Latest' \
--min-size 2 \
--max-size 10 \
--desired-capacity 2 \
--vpc-zone-identifier "subnet-1,subnet-2" \
--target-group-arns "arn:aws:elasticloadbalancing:...:targetgroup/my-targets/xxx"
# ์ค์ผ์ผ๋ง ์ ์ฑ
aws autoscaling put-scaling-policy \
--auto-scaling-group-name my-asg \
--policy-name cpu-scaling \
--policy-type TargetTrackingScaling \
--target-tracking-configuration '{
"TargetValue": 70.0,
"PredefinedMetricSpecification": {
"PredefinedMetricType": "ASGAverageCPUUtilization"
}
}'
5.2 GCP Managed Instance Group + LB¶
# ์ธ์คํด์ค ํ
ํ๋ฆฟ ์์ฑ
gcloud compute instance-templates create my-template \
--machine-type=e2-medium \
--image-family=ubuntu-2204-lts \
--image-project=ubuntu-os-cloud \
--tags=http-server
# ๊ด๋ฆฌํ ์ธ์คํด์ค ๊ทธ๋ฃน ์์ฑ
gcloud compute instance-groups managed create my-mig \
--template=my-template \
--size=2 \
--zone=asia-northeast3-a
# ์คํ ์ค์ผ์ผ๋ง ์ค์
gcloud compute instance-groups managed set-autoscaling my-mig \
--zone=asia-northeast3-a \
--min-num-replicas=2 \
--max-num-replicas=10 \
--target-cpu-utilization=0.7
# ๋ก๋๋ฐธ๋ฐ์์ ์ฐ๊ฒฐ
gcloud compute backend-services add-backend my-backend \
--instance-group=my-mig \
--instance-group-zone=asia-northeast3-a \
--global
6. CDN (Content Delivery Network)¶
6.1 AWS CloudFront¶
# CloudFront ๋ฐฐํฌ ์์ฑ (S3 ์ค๋ฆฌ์ง)
aws cloudfront create-distribution \
--distribution-config '{
"CallerReference": "my-distribution-2024",
"Origins": {
"Quantity": 1,
"Items": [{
"Id": "S3-my-bucket",
"DomainName": "my-bucket.s3.amazonaws.com",
"S3OriginConfig": {
"OriginAccessIdentity": ""
}
}]
},
"DefaultCacheBehavior": {
"TargetOriginId": "S3-my-bucket",
"ViewerProtocolPolicy": "redirect-to-https",
"AllowedMethods": {
"Quantity": 2,
"Items": ["GET", "HEAD"]
},
"CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
"Compress": true
},
"Enabled": true,
"DefaultRootObject": "index.html"
}'
# ์บ์ ๋ฌดํจํ
aws cloudfront create-invalidation \
--distribution-id EDFDVBD632BHDS5 \
--paths "/*"
CloudFront + ALB:
# ALB๋ฅผ ์ค๋ฆฌ์ง์ผ๋ก ํ๋ CloudFront
{
"Origins": {
"Items": [{
"Id": "ALB-origin",
"DomainName": "my-alb-12345.ap-northeast-2.elb.amazonaws.com",
"CustomOriginConfig": {
"HTTPPort": 80,
"HTTPSPort": 443,
"OriginProtocolPolicy": "https-only"
}
}]
}
}
6.2 GCP Cloud CDN¶
# 1. ๋ฐฑ์๋ ์๋น์ค์ CDN ํ์ฑํ
gcloud compute backend-services update my-backend \
--enable-cdn \
--global
# 2. Cloud Storage ๋ฒํท์ CDN ์ค๋ฆฌ์ง์ผ๋ก
gcloud compute backend-buckets create my-cdn-bucket \
--gcs-bucket-name=my-static-bucket \
--enable-cdn
# 3. URL ๋งต์ ๋ฒํท ์ถ๊ฐ
gcloud compute url-maps add-path-matcher my-url-map \
--path-matcher-name=static-matcher \
--default-backend-bucket=my-cdn-bucket \
--path-rules="/static/*=my-cdn-bucket"
# 4. ์บ์ ๋ฌดํจํ
gcloud compute url-maps invalidate-cdn-cache my-url-map \
--path="/*"
6.3 CDN Cache Policy¶
AWS CloudFront Cache Policy:
# ์บ์ ์ ์ฑ
์์ฑ
aws cloudfront create-cache-policy \
--cache-policy-config '{
"Name": "MyPolicy",
"DefaultTTL": 86400,
"MaxTTL": 31536000,
"MinTTL": 0,
"ParametersInCacheKeyAndForwardedToOrigin": {
"EnableAcceptEncodingGzip": true,
"HeadersConfig": {"HeaderBehavior": "none"},
"CookiesConfig": {"CookieBehavior": "none"},
"QueryStringsConfig": {"QueryStringBehavior": "none"}
}
}'
GCP Cloud CDN Cache Mode:
# ์บ์ ๋ชจ๋ ์ค์
gcloud compute backend-services update my-backend \
--cache-mode=CACHE_ALL_STATIC \
--default-ttl=3600 \
--max-ttl=86400 \
--global
7. Cost Comparison¶
7.1 Load Balancer Cost¶
| Service | Fixed Cost | Processing Cost |
|---|---|---|
| AWS ALB | ~$18/month | $0.008/LCU-hour | |
| AWS NLB | ~$18/month | $0.006/NLCU-hour | |
| GCP HTTP(S) LB | ~$18/month | $0.008/GB throughput | |
| GCP TCP/UDP LB | $18/month per region | Additional per rule |
7.2 CDN Cost¶
| Service | Data Transfer (first 10TB) |
|---|---|
| AWS CloudFront | ~$0.085/GB (US/Europe) |
| GCP Cloud CDN | ~$0.08/GB (US/Europe) |
8. Monitoring¶
8.1 AWS CloudWatch Metrics¶
# ALB ๋ฉํธ๋ฆญ ์กฐํ
aws cloudwatch get-metric-statistics \
--namespace AWS/ApplicationELB \
--metric-name RequestCount \
--dimensions Name=LoadBalancer,Value=app/my-alb/xxx \
--start-time 2024-01-01T00:00:00Z \
--end-time 2024-01-01T23:59:59Z \
--period 300 \
--statistics Sum
# ์ฃผ์ ๋ฉํธ๋ฆญ:
# - RequestCount
# - HTTPCode_Target_2XX_Count
# - TargetResponseTime
# - HealthyHostCount
# - UnHealthyHostCount
8.2 GCP Cloud Monitoring¶
# ๋ฉํธ๋ฆญ ์กฐํ
gcloud monitoring metrics list \
--filter="metric.type:loadbalancing"
# ์๋ฆผ ์ ์ฑ
์์ฑ
gcloud alpha monitoring policies create \
--display-name="High Latency Alert" \
--condition-display-name="Latency > 1s" \
--condition-filter='metric.type="loadbalancing.googleapis.com/https/backend_latencies"' \
--condition-threshold-value=1000 \
--notification-channels=projects/PROJECT/notificationChannels/xxx
9. Next Steps¶
- 11_Managed_Relational_DB.md - Databases
- 17_Monitoring_Logging_Cost.md - Monitoring Details