AWS 推出新的 Load Balancer:NLB (Network Load Balancer)

從一開始推出的 ELB (Elastic Load Balancer),到 ALB (Application),現在則推出了 NLB (Network):「New Network Load Balancer – Effortless Scaling to Millions of Requests per Second」。

有這些特性:

  1. Static IP Addresses
  2. Zonality
  3. Source Address Preservation
  4. Long-running Connections
  5. Failover

雖然不能確定 AWS 用的技術是什麼,但這裡面有好幾個很明顯就是 DSR (Direct Server Return) 架構的特性 (包括了限制與優點)。

另外也因為不用處理 L7 的內容,效能比起 ELB/ALB 好很多,夠大的用量下,價錢也低不少。對於不少非 HTTP/HTTPS 的應用應該很好用,就算是 HTTP/HTTPS,單純一點的應用應該也不錯...

在 AWS 的 NGINX Plus

主要是看到「Quick Start Update: Deploy NGINX Plus on the AWS Cloud」這篇才知道在 AWS Marketplace 上有「NGINX Plus - Amazon Linux AMI (HVM)」可以用,而且有三十天試用期可以使用:

30 Day Free Trial Available - NGINX Plus is a high performance load balancer, edge cache and origin server for web content, streaming media and API traffic. It complements the load balancing capabilities of Amazon ELB and ALB by adding support for multiple HTTP, HTTP/2, and SSL/TLS services, content-based routing rules, caching, autoscaling support, and traffic management policies. NGINX Plus for AWS is provided and supported by the original creators of NGINX web server.

所有機器的年約都是 USD$2500/year,使用 t2.{nano,micro,small} 的話因為 hourly 的價錢乘以一年後反而還比較便宜,記得別亂買...

另外這代表可以直接付錢測試功能... (或是免費,如果 free trial 還沒用)

AWS ALB 可以設定 IP address 當作後端伺服器了

AWS ALB 推出直接設定 IP address 當作後端伺服器的功能:「New – Application Load Balancing via IP Address to AWS & On-Premises Resources」。

ip – Targets are registered as IP addresses. You can use any IPv4 address from the load balancer’s VPC CIDR for targets within load balancer’s VPC and any IPv4 address from the RFC 1918 ranges (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) or the RFC 6598 range (100.64.0.0/10) for targets located outside the load balancer’s VPC (this includes Peered VPC, EC2-Classic, and on-premises targets reachable over Direct Connect or VPN).

這樣就能拿 ALB 當 load balancer 把部份內容接到自己機房內的伺服器群了,一種隨便串的概念... (可以透過 AWS Direct Connect 或是 VPN 直接串,所以對外的部份就直接是 AWS 端,對內要怎麼接就隨便接...)

nginx 的 mirror 功能

nginx 1.13.4 出的新功能,ngx_http_mirror_module

The ngx_http_mirror_module module (1.13.4) implements mirroring of an original request by creating background mirror subrequests. Responses to mirror subrequests are ignored.

範例其實就講的還蠻清楚的:

location / {
    mirror /mirror;
    proxy_pass http://backend;
}

location /mirror {
    internal;
    proxy_pass http://test_backend$request_uri;
}

如果拿 nginx 當 load balancer 的人,可以用這個功能做些事情...

CodeDeploy 跟 ELB/ALB 整合了...

看到 CodeDeployELB/ALB 整合的消息:「AWS CodeDeploy now integrates with Elastic Load Balancer」。

不過看同事在「AWS 替 CodeDeploy 加入 Load balancer 的功能」這邊提到的效能問題,看起來頗慘...

至少是個整合後的方法... 也許之後會改善吧。

在 F5 設備上使用 Let's Encrypt 憑證

找資料的時候翻到 F5 官方有給一篇導引,介紹如何自動化 Let's Encrypt 的憑證:「Lightboard Lessons: Automating SSL on BIG-IP with Let's Encrypt!」。

在 F5 的 GitHub 上也有一包「f5devcentral/lets-encrypt-python」可以看看。

還沒仔細看 & 測試,但大概有些輪廓了。看起來要考慮到裡面用的 letsencrypt.sh 已經改名成 dehydrated,另外就是實際測試了...

其實憑證貴的不是費用,是跑採購流程的成本... 單 domain 的如果可以用 Let's Encrypt 解決的話會可以省下不少功夫。

ALB (Application Load Balancer) 支援對 Host 的分流了

大概是有時候 cluster 太小,ELB 或是 ALB 的費用反而比 cluster 還貴,再加上 ALB 提供起來算方便,所以就推出這樣的功能了:「New – Host-Based Routing Support for AWS Application Load Balancers」。

現在可以針對 Host 欄位決定導到不同的 cluster 上了:

然後讓 ALB 可以設的 rule 數量增加:

As part of today’s launch we are raising the maximum number of rules per Application Load Balancer from 10 to 75, and also introducing a new rule editor.

這個功能有種微妙的感覺 XDDD

Linode 推出 $5/month 方案,DigitalOcean 推出 load balancer

LinodeDigitalOcean 這兩家有名的 VPS 都推出新的功能:「High-Memory Instances and $5 Linodes」、「Load Balancers: Simplifying High Availability」。

Linode 另外將 $10/month 方案的硬碟空間加大:

And finally, the existing Linode 2GB ($10/mo) plan is receiving a free storage upgrade from 24GiB to 30GiB.

本來對外的速度限制在 125Mbps max 拉到 1000Mbps:(本來的資料可以參考之前的頁面)

And finally finally, we’ve also increased the outbound network speed limit on all plans to be at minimum 1000 Mbits. Existing Linodes will need to reboot to pick up the new value, that’s it!

AWS CodeDeploy 支援 BlueGreenDeployment

AWS CodeDeploy 推出了 BlueGreenDeployment 的功能:「AWS CodeDeploy Introduces Blue/Green Deployments」。

BlueGreenDeployment 的目的不計成本想辦法把上線的 downtime 壓到最低,而且當出問題時 rollback 的時間壓到最低的方法:

One of the challenges with automating deployment is the cut-over itself, taking software from the final stage of testing to live production. You usually need to do this quickly in order to minimize downtime.

Blue-green deployment also gives you a rapid way to rollback - if anything goes wrong you switch the router back to your blue environment.

其實就是直接跑兩個環境 (所以成本比較高),一套跑舊的一套跑新的,然後在前面的 load balancer 切換:

The blue-green deployment approach does this by ensuring you have two production environments, as identical as possible.

AWS 正式進入 IPv6 的世界

AWS 總算是進入全面支援 IPv6 了:「AWS IPv6 Update – Global Support Spanning 15 Regions & Multiple AWS Services」。

之前不少服務都支援了,主要是差 EC2 與新出的 ALB,這一次大量服務都上了 IPv6 (但還不是全部),算是讓 AWS 正式進入 IPv6 的世界:

Today I am happy to share the news that IPv6 support for EC2 instances in VPCs is now available in a total of fifteen regions, along with Application Load Balancer support for IPv6 in nine of those regions.