Thank you so very much. I am glad I came across your channel. Your step by step instruction are perfect. Not too much information and not too less. Most importantly, you don't assume we know some steps that may throw some of us off. Following your instructions is very easy.
user data script I used (slightly different from that in the video, but posting this in case it helps others): #!/bin/bash sudo yum update -y sudo yum install -y httpd.x86_64 sudo systemctl start httpd.service sudo systemctl enable httpd.service sudo -s echo “Hello World from $(hostname -f)” > /var/www/html/index.html exit Great video!! Saved me a couple hours.
@@TinyTechnicalTutorials Thanks to your demos and 'tiny tutorials,' I just completed a project I’m really proud of! 😅 It’s a WordPress app deployed on ECS and served through an application load balancer. What project would you recommend next to further improve my knowledge and experience?
This is so awesome! Congrats! 🔥💪🤓 For your next project, check out the AWS Projects playlist: ua-cam.com/play/PLwyXYwu8kL0wMalR9iXJIPfiMYWNFWQzx.html. Lots of fun things there. The second video in the list needs an update (it's on my list!) so don't do that one. 😊 The "10 Projects" video has some additional ideas. And if you're looking to build skills for a job, then the "Build a Resume/CV" one is fun, and you'll end up with an actual resume when you're done. Hope that helps, and good luck! 😊
here you don't have need to create another security group for Application Load Balancer, you can easily attached instance 1's existing Security group to the Application Load balancer with >> SSH + HTTP 80/tcp >> "Source:- Anywhere IPv4".
This has been helpful. Two noteworthy things to share: 1) In the tutorial an ALB-SG was created and then added to the default. Initially, in an effort to keep things tidy, I deleted the default security group and the demo didn't work. I'm not sure how these two SG's interact but when I left the default in there, everything works. Do you know why this is? 2) My next step is to integrate a SSL certificate for HTTPS to terminate at the ALB. I'm curious to see how this plays out and if I hit any roadblocks.
Hi Matthew! 👋😊 Hmmm...interesting. You shouldn't be able to delete the default security group? There's really no interaction between default and the one I created. Default is just more permissive, but if you were using the new one, it should have all the right ports open to allow traffic. Here's more info on that: docs.aws.amazon.com/AWSEC2/latest/UserGuide/default-custom-security-groups.html. Let us know how things went with adding an SSL certificate. 💪
Does LB maintain instance IP's in Target and will forward them in Roundrobin, right ? If yes, what if a new instance added to that target due to scaling how does it behaves ?
Hi Lokesh! 👋 Sorry for such a slow response. Yes, the load balancer maintains the instance IPs in the target group and forwards traffic to them in a round-robin fashion. When a new instance is added due to scaling, it will automatically be included in the load balancing process once it passes the health checks. The round-robin algorithm will then distribute traffic to all healthy instances, including the newly added one. Hope that helps! 🤓
Good tutorial; solved an issue I had. I don't find aws a very user-friendly environment; many different browser tabs to open and configure something else and return back... Not even mentioning their documentation. 😬
In the Network Mapping(5:57) part of the video, is there a reason you pick all the different availability zones? Is it because you want users from all those zones to be able to access our ALB? Because also when we created the 2 EC2 instances you selected 2 different availability zones which is confusing me from the network mapping part of the video?
For this simple application, we don't need multiple AZs selected, but that's usually a best practice so that your application is highly available (i.e., if one AZ goes down, the other can take over). But you're right...I could have just selected one in this case. 😊
Are your ec2s in public subnets? Mine are in private subnets and therefore the 'public ip' or the 'alb dns' dont load anything in browser...how do i achieve this?
Yes, my instances are in public subnets. If yours are in private subnets, they won't be able to get out to the internet (and other things won't be able to get IN). You could do something like route traffic from the private subnet to a NAT Gateway in a public subnet (this is commonly used so instances can get OUT to the internet to do software updates). But is there a reason you've got them in private subnets? If not, then the easiest approach would be to create new instances in a public subnet...then everything should magically work. 🤓
@@TinyTechnicalTutorialsthanks for your quick reply, it is a company software application and I think they require it in the private subnet, however I may be wrong about that, is there any risks to having an ec2 in public subnet that is hosting software like Weblogic? Will look to see if there is a NAT attached.
Awesome and Amazing demo! It's always great to see theory in action! Thanks for all that you do for us! You always make things crystal clear for me!! And as always, be well, be safe and Cheers!!
Hi Le! Here you go... #!/bin/bash # User data for new EC2 instances # install httpd (Linux 2 version) yum update -y yum install -y httpd systemctl start httpd systemctl enable httpd echo "Hello World! This is $(hostname -f)" > /var/www/html/index.html
Hi zj! 😊 Yes, you can definitely create a load balancer that works with HTTPS. Here's some documentation to get you started: docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html
@@TinyTechnicalTutorials thankyou so much mam as azure 104 is a bit difficult and you explain very well That's why I"m anxiously waiting for you lectures
Ahhh, good catch! That default one gets selected automatically. I should have removed it and only used the newly-created sg. Note to self for when I refresh the video! Thanks for pointing it out. 🙏🤓🌟
Hey Tuhairwe! :) I think you must be talking about the part where we create two new EC2 instances? Yeah, they did a pretty major overhaul on that UI. There used to be a way to go back to the older version, but I think that option went away. So sorry...keeping up with UI changes is a never-ending battle! :( All the same configuration options are available on the new UI, but they're just in slightly different places. For updating the security groups, scroll down to "Network settings." In that same area ("Network settings"), you can also update the subnets/availability zones by clicking on the "Edit" button. And then to paste in the "user data"/startup script, you'll need to scroll down to "Advanced details," expand that, then scroll down to the user data section. After you have the two instances created, the rest of the UI (to create the load balancer, etc.) should be the same as what's in the video. Hope that helps get you started!
Hi Puneet - Good question! Yes, you can define different listener rules and then direct traffic to different target groups based on those. Here's some more detail: docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html#application-load-balancer-components
Hi Puneet! Not sure if you still need this, but just published a video showing how to route to different target groups: ua-cam.com/video/0XMsnAgHXoo/v-deo.html. Enjoy! :)
Thank you for the step-by-step explanation. However, when I tried mimicking your steps using an Windows 2022 Base EC2 (instead of a Linux EC2), I could not replicate your output. Will the script you show in the demo also run on a Window's EC2 or are there any other changes needed as well? Also, some the options (not just the cosmetic look and feel) in launching EC2 instances have changed since you published this video... (e.g. selecting an availability zone). Also adding tags or naming security groups was not possible at creation - perhaps not be a big deal since you can do so afterwards. It's a bit frustrating to not be able to debug and make it work. Any advice?
Hi Tony! Thanks for watching! 😊 You're right...that script is only applicable to Linux instances. For Windows instances, you'll need to set up IIS instead and then create web pages. I found a walk-through here that might help: k21academy.com/amazon-web-services/aws-solutions-architect/create-configure-a-load-balancer-on-ec2-server/. Unfortunately, the UI screenshots are slightly dated as well (a never-ending challenge! 😊), but hopefully it'll get you started as far as how to set up the instances, IIS and the web pages. For the security groups, the important part is to have rules for RDP (port 3389) and HTTP (port 80). Then for the load balancing part, the UI in my video is more up-to-date than what's shown in the walk-through, so that part is hopefully a bit more straightforward. Hope that helps!
@@TinyTechnicalTutorials MANY THANKS for the prompt reply! Just a short while before seeing your response, I retried the steps with Amazon Linux EC2 instances, and was delighted to see them working as described in your videos! Happy camper again! Also realized, of course, that the script was specific to Linux EC2 instances. 😃 Best wishes and please continue posting these great videos!
@@TinyTechnicalTutorials I tried using the exisiting group without the new group with port 80, and it didn't work. But as I added port 80 later on it worked. Any thoughts as to why this is happening?
For demonstration purposes I see you are using just port 80 in the LB as the listener, but in the real world if you have an application you want to put a certificate in the LB and listen on port 443 for the LB no???
1. If we have route 53 pointing to a ELB, does the DNS resolution return a single IP address of the ELB? I think this is the case, but would like to confirm 🙂 2. If we have route 53 pointing to a Cloudfront, does the DNS resolution return a single IP address of the closest edge location? I think this is the case, but would like to confirm 🙂 Thank you!
Hey Praveen! 👋 1. I've searched through the FAQs (aws.amazon.com/route53/faqs/) and found this: "IP addresses associated with load balancers can change at any time due to scaling up, scaling down, or software updates. Route 53 responds to each request for an Alias record with one or more IP addresses for the load balancer." 2. I can't find a definitive answer for how it works with Cloudfront, but I would imagine it's the same since you don't really know what the IP address is for the edge location and/or that IP address can change. If you find something more concrete, feel free to update here! 😊
@@TinyTechnicalTutorialsthank you. I was just bouncing ideas to clear my knowledge gaps 😊 Agree and as you suggest, the DNS wont return a single ip address especially for those setup with alias resources. Ill tatoo this in my brains.
What else do you want to learn in AWS? Let me know below in the comments!
please do LAB on Site to site VPN
ECS, codepipeline
Added it to my list. Thanks, Puneet!
How about AWS WAF?
Ooh, I like it! I've added it to my list for future videos. Thanks for the suggestion!
Thank you so very much. I am glad I came across your channel. Your step by step instruction are perfect. Not too much information and not too less. Most importantly, you don't assume we know some steps that may throw some of us off. Following your instructions is very easy.
Awwww...this is SUCH a nice comment!! Thanks so much. Really appreciate it! 🙏🌟🤓
Thank you so much!!! Finally found an amazing tutorial with traffic routing simulation!
Thanks so much! Glad it helped! :)
Excellent explanation. Clear, concise, and to the point. Great work! God Bless.
Awwwww...thank you SO much!! 🙏🌟🥰 Really appreciate the support!
You're my favorite teacher in here!!
Awww, shucks! Thanks for such a nice comment, Raim! Made my day. :)
Great video and explanation, thank you for the simple visuals!
Awwww...thanks for watching, and for such a nice comment (and sorry for the slow response)! 🥰🔥
user data script I used (slightly different from that in the video, but posting this in case it helps others):
#!/bin/bash
sudo yum update -y
sudo yum install -y httpd.x86_64
sudo systemctl start httpd.service
sudo systemctl enable httpd.service
sudo -s
echo “Hello World from $(hostname -f)” > /var/www/html/index.html
exit
Great video!! Saved me a couple hours.
Awesome--thanks so much, Patrick! :)
Super simple explanation. Thanks for uploading!
Thanks for the nice note, Brandon! Glad it was helpful! :)
Thank you for this wonderful demo
Awww...thanks so much! 😊🌟🙏
@@TinyTechnicalTutorials
Thanks to your demos and 'tiny tutorials,' I just completed a project I’m really proud of! 😅 It’s a WordPress app deployed on ECS and served through an application load balancer.
What project would you recommend next to further improve my knowledge and experience?
This is so awesome! Congrats! 🔥💪🤓 For your next project, check out the AWS Projects playlist: ua-cam.com/play/PLwyXYwu8kL0wMalR9iXJIPfiMYWNFWQzx.html. Lots of fun things there. The second video in the list needs an update (it's on my list!) so don't do that one. 😊 The "10 Projects" video has some additional ideas. And if you're looking to build skills for a job, then the "Build a Resume/CV" one is fun, and you'll end up with an actual resume when you're done. Hope that helps, and good luck! 😊
@@TinyTechnicalTutorials Thank you ❤️
thanks for the quick demo.
You bet! Thanks for watching! 🙏🤓🌟
For production, https must be used correctly. Can the change from http to https be made in some way?
here you don't have need to create another security group for Application Load Balancer, you can easily attached instance 1's existing Security group to the Application Load balancer with >> SSH + HTTP 80/tcp >> "Source:- Anywhere IPv4".
Thanks for the comment, Chetan! You are correct! I could have re-used the security group that was created earlier when setting up instances.
This has been helpful. Two noteworthy things to share: 1) In the tutorial an ALB-SG was created and then added to the default. Initially, in an effort to keep things tidy, I deleted the default security group and the demo didn't work. I'm not sure how these two SG's interact but when I left the default in there, everything works. Do you know why this is? 2) My next step is to integrate a SSL certificate for HTTPS to terminate at the ALB. I'm curious to see how this plays out and if I hit any roadblocks.
Hi Matthew! 👋😊 Hmmm...interesting. You shouldn't be able to delete the default security group? There's really no interaction between default and the one I created. Default is just more permissive, but if you were using the new one, it should have all the right ports open to allow traffic. Here's more info on that: docs.aws.amazon.com/AWSEC2/latest/UserGuide/default-custom-security-groups.html.
Let us know how things went with adding an SSL certificate. 💪
All is working fine, thank you so much "obviously with some slight changes on the AWS interface but all working fine" 👏
Yay! The UI updates are a never-ending battle. Glad you got it working! :)
Great Video and nice to get something working as sometimes you can watch and it doesn't always go to plan.
Awesome! I'm so glad it worked!! Thanks for watching! 😊
Does LB maintain instance IP's in Target and will forward them in Roundrobin, right ? If yes, what if a new instance added to that target due to scaling how does it behaves ?
Hi Lokesh! 👋 Sorry for such a slow response. Yes, the load balancer maintains the instance IPs in the target group and forwards traffic to them in a round-robin fashion. When a new instance is added due to scaling, it will automatically be included in the load balancing process once it passes the health checks. The round-robin algorithm will then distribute traffic to all healthy instances, including the newly added one. Hope that helps! 🤓
Good tutorial; solved an issue I had.
I don't find aws a very user-friendly environment; many different browser tabs to open and configure something else and return back... Not even mentioning their documentation. 😬
Thanks so much, Jazz! :) This one in particular does require some round-about flows, so I'm glad it helped!
In the Network Mapping(5:57) part of the video, is there a reason you pick all the different availability zones? Is it because you want users from all those zones to be able to access our ALB? Because also when we created the 2 EC2 instances you selected 2 different availability zones which is confusing me from the network mapping part of the video?
For this simple application, we don't need multiple AZs selected, but that's usually a best practice so that your application is highly available (i.e., if one AZ goes down, the other can take over). But you're right...I could have just selected one in this case. 😊
@@TinyTechnicalTutorials I'm kind of confused still. What is the purpose of selecting availability zones in the network mapping part of the video?
Are your ec2s in public subnets? Mine are in private subnets and therefore the 'public ip' or the 'alb dns' dont load anything in browser...how do i achieve this?
Yes, my instances are in public subnets. If yours are in private subnets, they won't be able to get out to the internet (and other things won't be able to get IN). You could do something like route traffic from the private subnet to a NAT Gateway in a public subnet (this is commonly used so instances can get OUT to the internet to do software updates). But is there a reason you've got them in private subnets? If not, then the easiest approach would be to create new instances in a public subnet...then everything should magically work. 🤓
@@TinyTechnicalTutorialsthanks for your quick reply, it is a company software application and I think they require it in the private subnet, however I may be wrong about that, is there any risks to having an ec2 in public subnet that is hosting software like Weblogic? Will look to see if there is a NAT attached.
Awesome and Amazing demo! It's always great to see theory in action! Thanks for all that you do for us! You always make things crystal clear for me!! And as always, be well, be safe and Cheers!!
Thanks as always, Sam! Cheers!! 😎
these are brilliant! you have another sub :)
Awwwww...thanks so much! This made my day (though a bit late in the response!)!! 🥰🙏🔥
Please how do I get the User Data script?
Hi Le! Here you go...
#!/bin/bash
# User data for new EC2 instances
# install httpd (Linux 2 version)
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "Hello World! This is $(hostname -f)" > /var/www/html/index.html
What if the app in the server store files and images that uploaded from the app in the same app folder, like uploads. Is that going to work as normal
Thank you so much! Thats so helpful!
I'm so glad! Thanks for watching! 😊
Hey, can I check if i can create a load balancer that takes in HTTPS requests instead?
Hi zj! 😊 Yes, you can definitely create a load balancer that works with HTTPS. Here's some documentation to get you started: docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html
Thankyou so much for explaining ererythimg in short time
You bet! Short and sweet. 🥰🙏🌟
@@TinyTechnicalTutorials can you also make videos on azure
I'll probably add some Azure at some point...stay tuned! ☁
@@TinyTechnicalTutorials thankyou so much mam as azure 104 is a bit difficult and you explain very well
That's why I"m anxiously waiting for you lectures
nice..... well explained, thank you : )
You bet! Thanks for watching, and for such a nice comment! 🙏🤓🌟
6:54 you select the newly created sg, but there's also an existing "default sg-088a..." already selected, why is that
Ahhh, good catch! That default one gets selected automatically. I should have removed it and only used the newly-created sg. Note to self for when I refresh the video! Thanks for pointing it out. 🙏🤓🌟
Tiny do we have a different console?am trying to follow along but am not even seeing where you are getting that window lol
Hey Tuhairwe! :) I think you must be talking about the part where we create two new EC2 instances? Yeah, they did a pretty major overhaul on that UI. There used to be a way to go back to the older version, but I think that option went away. So sorry...keeping up with UI changes is a never-ending battle! :(
All the same configuration options are available on the new UI, but they're just in slightly different places. For updating the security groups, scroll down to "Network settings." In that same area ("Network settings"), you can also update the subnets/availability zones by clicking on the "Edit" button. And then to paste in the "user data"/startup script, you'll need to scroll down to "Advanced details," expand that, then scroll down to the user data section. After you have the two instances created, the rest of the UI (to create the load balancer, etc.) should be the same as what's in the video.
Hope that helps get you started!
Well explained, thanks a lot
Glad it was helpful! Thanks for watching! :)
thanks mam,expecting more videos
For sure! :)
This is really good. Thanks!
Thanks so much, Fisher! :) Really appreciate it!
Hi. Is ALB also consider as API gateway where we define certain rules and based in that rules , request will redirect to different target group.
Hi Puneet - Good question! Yes, you can define different listener rules and then direct traffic to different target groups based on those. Here's some more detail: docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html#application-load-balancer-components
Hi Puneet! Not sure if you still need this, but just published a video showing how to route to different target groups: ua-cam.com/video/0XMsnAgHXoo/v-deo.html. Enjoy! :)
This is great! Thank you so much!
I'm so glad! 😊 Thanks for watching!
Please create a video where the ALB serves multiple TGs.
I've added it to my list!
Thank you for the step-by-step explanation. However, when I tried mimicking your steps using an Windows 2022 Base EC2 (instead of a Linux EC2), I could not replicate your output. Will the script you show in the demo also run on a Window's EC2 or are there any other changes needed as well? Also, some the options (not just the cosmetic look and feel) in launching EC2 instances have changed since you published this video... (e.g. selecting an availability zone). Also adding tags or naming security groups was not possible at creation - perhaps not be a big deal since you can do so afterwards. It's a bit frustrating to not be able to debug and make it work. Any advice?
Hi Tony! Thanks for watching! 😊
You're right...that script is only applicable to Linux instances. For Windows instances, you'll need to set up IIS instead and then create web pages. I found a walk-through here that might help: k21academy.com/amazon-web-services/aws-solutions-architect/create-configure-a-load-balancer-on-ec2-server/.
Unfortunately, the UI screenshots are slightly dated as well (a never-ending challenge! 😊), but hopefully it'll get you started as far as how to set up the instances, IIS and the web pages. For the security groups, the important part is to have rules for RDP (port 3389) and HTTP (port 80).
Then for the load balancing part, the UI in my video is more up-to-date than what's shown in the walk-through, so that part is hopefully a bit more straightforward. Hope that helps!
@@TinyTechnicalTutorials MANY THANKS for the prompt reply! Just a short while before seeing your response, I retried the steps with Amazon Linux EC2 instances, and was delighted to see them working as described in your videos! Happy camper again! Also realized, of course, that the script was specific to Linux EC2 instances. 😃 Best wishes and please continue posting these great videos!
Awesome! Glad you were able to figure it out. Cheers! 😊
Why do we need to add another security group with inbound port 80 when we already have an existing security group that allows traffic on all ports?
I have also observed that it does not work without adding the a new group with inbound port 80.
Hi Mayank! Good eye. 😊 You could actually use the security group you created earlier...the one I created was duplicative.
@@TinyTechnicalTutorials I tried using the exisiting group without the new group with port 80, and it didn't work. But as I added port 80 later on it worked. Any thoughts as to why this is happening?
Any ideas as to why it does not work?
I cannot seem to connect to either of my EC2s Both say "site cant be reached *insert ip* Refused to connect"
Hmmm...I haven't seen that error before. 🤔 Maybe this will help? stackoverflow.com/questions/36732875/cant-connect-to-public-ip-for-ec2-instance
very good work you are doing, delivering us great value. thanks a lot. what I can do for you?
Much appreciated! I'm so glad the videos are helpful. 🙏🌟😊 Really the only thing you can do on your side is watch the ads? 😁
Nice and clear, thank you :)
Glad you liked it! Thanks for the comment!
For demonstration purposes I see you are using just port 80 in the LB as the listener, but in the real world if you have an application you want to put a certificate in the LB and listen on port 443 for the LB no???
Yes! You got it. In the real world, you'd likely be using a certificate/TLS and port 443. 👍
This video is great.
Thanks so much, Shourav! :)
1. If we have route 53 pointing to a ELB, does the DNS resolution return a single IP address of the ELB? I think this is the case, but would like to confirm 🙂
2. If we have route 53 pointing to a Cloudfront, does the DNS resolution return a single IP address of the closest edge location? I think this is the case, but would like to confirm 🙂
Thank you!
Hey Praveen! 👋
1. I've searched through the FAQs (aws.amazon.com/route53/faqs/) and found this: "IP addresses associated with load balancers can change at any time due to scaling up, scaling down, or software updates. Route 53 responds to each request for an Alias record with one or more IP addresses for the load balancer."
2. I can't find a definitive answer for how it works with Cloudfront, but I would imagine it's the same since you don't really know what the IP address is for the edge location and/or that IP address can change. If you find something more concrete, feel free to update here! 😊
@@TinyTechnicalTutorialsthank you. I was just bouncing ideas to clear my knowledge gaps 😊 Agree and as you suggest, the DNS wont return a single ip address especially for those setup with alias resources. Ill tatoo this in my brains.
😊
Hello your the best!
No, YOU are the best! Thanks for watching!! 🤓🌟🙏
can i show this as POC in my company?
Sure, no problem! Thanks for checking! :)
@@TinyTechnicalTutorials thank you, i am learning AWS and my company wants me to do some poc
You the best!!!!
Awwww...thanks so much!! 🤓🙏🌟
As simple as usual)
Yay! :)
Thanks your knowleage
You bet! Glad it helped! :)
Thanks!
Wow, D A - you're officially my first donation!!!! ❤ Thanks SO much! 🙏
روعة شكراا جزيلا لك
Thanks so much! 😊
font size ants
Thanks for the feedback, Simran! :) I'll remember to increase the font size more in future videos.
Thank you so much!
You're welcome! Thanks for watching! 🙏🤓🌟