Day - 71 of DevOps

Day - 71 of DevOps

Gateway Load Balancer (GWLB) in AWS

Welcome to Day 71 of the #100DaysOfDevOps Challenge! Today we will see the Gateway Load Balancer in AWS.

The AWS GWLB is a new managed service in AWS which allows customers to seamlessly deploy and manage multiple inline virtual network appliances in a scalable manner. In addition to that a Virtual Private Cloud (VPC) end-point for GWLB, called the GWLB endpoint (GWLBE) is also being released which allows customers to scale and manage their network services in a centralized manner having a common administrative domain, similar to your existing on-premises deployments. This has many use-cases including deploying network service centrally as-a-services for internal and external customers, thus reducing time, cost and risk.

Auto-Scaling Network Visibility in AWS Cloud

Amazon Web Services (AWS) launched the new Gateway Load Balancing (GWLB) services feature that has lots of significance for Packet Cloud (cloud visibility suite) offering in AWS. Before we dive into how, let’s first understand what AWS GWLB actually is.

Gateway Load Balancer — How It Works

Gateway Load Balancer combines a transparent network gateway (that is, a single entry and exit point for all traffic) and a load balancer that distributes traffic and scales your virtual appliances with the demand.

You can send traffic to GWLB by making simple configuration updates in your VPCs’ route tables. With GWLB, customers can scale their virtual appliances elastically by load balancing traffic across a fleet of virtual appliances. GWLB improves availability by routing traffic flows through healthy virtual appliances, and reroutes flows when an appliance becomes unhealthy.

With GWLB, you can use your own appliances of choice in AWS and rely on GWLB to manage their scale and availability needs, while retaining skillsets and existing processes. You can also scale your virtual appliances elastically by load balancing traffic across a fleet of virtual appliances. The scaling up and down of appliances reduces costs. GWLB sends both directions of the traffic flow to the same appliance, thereby allowing the appliance to perform statefull traffic processing.

GWLB and the virtual apparatuses trade application traffic with one another utilizing GENEVE epitome, which permits GWLB to save the substance of the first traffic. GWLB utilizes Gateway Load Balancer Endpoint (GWLB), another sort of VPC Endpoint controlled by AWS Private Link, which can be a next-bounce in the course table. This improves on inclusion of apparatus benefits across VPC limits.

For example, you can make a Customer VPC where the customer workloads will sit, which will be the VPC where the GWLB Endpoint is deployed. AWS Partner’s appliances will be deployed in the Partner VPC.

No alt text provided for this image

The appliance providers and consumers can reside in different AWS accounts and VPCs. GWLB enables consolidation of appliances, consistency of security policies, reduction in operator errors, and seamless inspection of traffic without having to change the traffic source or destination and requiring NAT translations.

To ensure high availability, you can use the advanced routing capabilities of GWLB to direct traffic to only healthy appliances, and reroute traffic when an appliance becomes unhealthy due to faults. GWLB works across VPCs and user accounts, giving you the option to centralize virtual appliance fleets. The ability to use GWLB across user accounts enables partners to offer their virtual appliances as an AWS-hosted service that customers access from their VPCs. This reduces complexity and improves security.

Benefits

Deploy third-party virtual appliances faster

Gateway Load Balancer takes care of scale, availability, and service delivery so that the AWS Partner Network and AWS Marketplace can deliver virtual appliances more quickly. With Gateway Load Balancer, you can also work with select partners that offer fully managed security solutions making it easier to set up infrastructure security services within minutes.

Scale virtual appliances while managing costs

Hitting the limit of what your virtual appliances can handle can bottleneck your entire network. To prevent this, Gateway Load Balancer automatically scales your virtual appliances up or down, based on demand.

With many virtual appliances available with bring-your-own-license (BYOL) or pay-as-you-go pricing, you have the option to only pay for what you use, and reduce the chances of over provisioning.

Improve virtual appliance availability

To ensure your virtual appliances are available and healthy, Gateway Load Balancer runs health checks on a configurable cadence.

When it detects an unhealthy virtual appliance, Gateway Load Balancer reroutes traffic away from that instance to a healthy one, so you experience graceful failover during both planned and unplanned down time.