I have an application on EC2 that now needs to have it's backend load balanced. I'm trying to maintain my backend servers such that they are not publicly visible.
Is there anyway to use the Elastic Load Balancer to manage my backend servers?
I know that I can manage EC2 instances such that they only get traffic from an ELB, but how to I ensure that only my front end servers are the ones that are able to call the ELB in the first place? (e.g. I want to ensure that nobody's web browser can hit the ELB and thus get access to my backend servers)
To be clear: I don't currently have 2 ELB instances -- what I have is several front end web servers that currently connect to 1 backend machine that does some processing. I need to create another backend server to handle increased load on my backend machine and am trying to figure out the best way to scale so that >10 web servers can balance across the now 2 backend servers.
If ELB cannot do this, what is is the recommended solution?
I think you may be confused. Your front-end servers should be the ELB. The general flow of application traffic would be:
So yes, you can certainly configure things such that internet clients have no visibility to what your back-end infrastructure looks like.
I'm not particularly familiar with ELB, so I can't really comment on that, but I've found for internal load-balancing haproxy is the best bet. I'm a fan of L3 solutions like LVS for front-end load-balancing, but internally the network routing issues get complex, and you usually don't care about the sorts of problems that a proxy introduces, so unless ELB can clearly do what you need, I'd go with haproxy.