Possible to create a private node behind an ELB?

Question

I was wondering if this was possible. I have an AWS Elastic Load Balancer that currently has three servers behind it. Those three servers are inside of a VPC. What I'm wondering is possible is if I can create a fourth server either inside or outside of the VPC and put that also behind the ELB to leverage the multiple servers CPU but then make that new server a private node only accesible to a certain IP Range. I'd like to throw up another server that I can do server tweaks to for performance and speed that utilizes the ELB to balance CPU usage so I can test, and if that breaks it doesn't affect anybody.

Answer 1

You could be sneaky about this. Nothing says you can't register instances with multiple ELBs, so what you could do is:

1. Setup a brand new ELB.
2. Limit its security group to your narrow IP range.
3. Register your first three servers with the new ELB. They're now registered with two different ELBs.
4. Register your fourth server with the new ELB, but not the old one.
5. Enable traffic from the new ELB's security group into all four instances on whatever port you're using (presumably 80).

That new, secret, IP-limited ELB will distribute traffic across all four instances, but should give you a reasonably fair testbed for the fourth instance. If the fourth instance falls over, it's safe to conclude it'd behave even worse in 0.0.0.0/0 traffic.

Unfortunately, there's no way I know of to say "forward traffic on these ports from these IPs to only this instance" inside an ELB. That defeats its purpose entirely, even if it's really useful in performance tests.