02. Internet → ALB → Target Group → ASG → EC2
Internet → ALB → Target Group → ASG → EC2
Prerequisites
1
2
3
4
5
6
7
8
- EC2
- NAT Gateway
- IGW
- Subnet
- Route Table
- Application Load Balancer (ALB)
- Target Group
- Auto Scaling Group (ASG)
1. What we need
- Internet Gateway (IGW)
- Application Load Balancer (ALB)
- Target Group
- Auto Scaling Group (ASG)
- Route Tables
2. Setup
✔️ Architecture
Internet → Internet Gateway (IGW) → Public Route Table → ALB (Public Subnet) → Listener → Target Group → EC2 (Private Subnet, managed by ASG)
✔️ Network Setup
VPC
10.0.0.0/16
Subnets
Public Subnet A: 10.0.1.0/24 (ALB)
Public Subnet B: 10.0.2.0/24 (ALB)
Private Subnet A: 10.0.11.0/24 (EC2)
Private Subnet B: 10.0.12.0/24 (EC2)
✔️ Route Tables
Public Route Table
10.0.0.0/16 → local
0.0.0.0/0 → Internet Gateway
Private Route Table
10.0.0.0/16 → local
0.0.0.0/0 → NAT Gateway
(Note: NAT is not used for inbound traffic)
✔️ Initial State
EC2-1: 10.0.11.10 (AZ1)
EC2-2: 10.0.12.10 (AZ2)
ASG: Min: 2
Desired: 2
Max: 6
2. Example
Step 1 — User → Internet → IGW (TCP + HTTPS)
User sends request:
Client IP: 203.0.113.10
Destination DNS: myapp.com
Resolved ALB IP: 3.25.100.50
Step 2 — IGW → Public Route Table → ALB
Packet enters VPC:
Destination: 3.25.100.50 (ALB)
Routing:
10.0.0.0/16 → local
0.0.0.0/0 → IGW
Step 3 — ALB → Target Group (L7 Routing)
ALB processes request at Layer 7:
/api/* → Target Group A
✔️ Load Distribution
Total Traffic: 120 req/sec
Instances: 2
EC2-1: 60 req/sec
EC2-2: 60 req/sec
Step 4 — Target Group → EC2 (HTTP over VPC)
ALB forwards request:
ALB → 10.0.11.10:80
Protocol conversion:
Client → ALB: HTTPS (443)
ALB → EC2: HTTP (80)
✔️ Internal Routing
Source: 10.0.1.50 (ALB private IP)
Destination: 10.0.11.10 (EC2)
Route:
10.0.0.0/16 → local
✔️ Initial State
Each EC2 handles 100 req/sec at ~60% CPU
Total Traffic: 120 req/sec
EC2-1: 60 req/sec → CPU ~35%
EC2-2: 60 req/sec → CPU ~35%
🚀 Scaling Scenario
Total Traffic: 360 req/sec
Before scaling:
EC2-1: 180 req/sec → CPU ~90%
EC2-2: 180 req/sec → CPU ~90%
✔️ CloudWatch Metrics
CPUUtilization: 90%
RequestCountPerTarget: 180
✔️ Scaling Policy
CPU > 70% for 3 minutes → +1 EC2
✔️ First Scale-out
EC2-3: 10.0.11.20
✔️ Redistribution
360 ÷ 3 = 120 req/sec
EC2-1: 120 req/sec → CPU ~70%
EC2-2: 120 req/sec → CPU ~70%
EC2-3: 120 req/sec → CPU ~70%
✔️ Second Scale-out
EC2-4: 10.0.12.20
✔️ Final State
360 ÷ 4 = 90 req/sec
EC2-1: 90 req/sec → CPU ~55%
EC2-2: 90 req/sec → CPU ~55%
EC2-3: 90 req/sec → CPU ~55%
EC2-4: 90 req/sec → CPU ~55%