Nginx in front of AWS elastic load balancer?

Question

We are looking into setting up our application on AWS. This will run on 3 load balanced web servers. We have been looking into how to prevent DDOS attacks and how to serve a static page during maintenance and are looking at going with Nginx. So the setup would be Nginx in front of an elastic load balancer.

As with our setup when there is an upgrade to the application we update Nginx to serve a static maintenance page while a whole new stack comes online with its own elastic load balancer and to switch to the new application stack we will update the Nginx config to point to the new elastic load balancer.

Does this make any sense? the reason i am asking is that I cannot find anything on this type of setup online.

Thanks,

Colin.

Answer 1

I see zero value going in this path- Putting a single instance of nginx will just increase the complexity of the setup, cost more and most important will introduce a new single point of failure and performance/latency bottleneck (and will make your env much more vulnerable to DDOS).

AWS infrastructure is 100% programmable - learn how to control the ELB programatically : how to direct the traffic to a static site during maintenance (could be nginx hosted on one of your instances), and how to support your upgrade workflows.

Answer 2

The elastic load balancer works by using many ip-addresses. If you do dig amazon.com you can see how it's distributed with a low ttl. Once your nginx-server runs out of open ports it will go down.

It's however a very good idéa to use balancers in-front of your app-server. This scales very well with auto-scaling groups.

When you do the transition, just lower your CNAME ttl and point it to a new load balancer.