Implement Client Affinity

By default AWS Global Accelerator distributes traffic equally between the endpoints in the endpoint groups for the listener. If you have stateful applications, you can choose to have Global Accelerator direct all requests from a user at a specific source (client) IP address to the same endpoint resource to maintain client affinity. You do this by changing the Client Affinity from None (default) to Source IP for the listener.

AWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a user’s connection. For more information, see the documentation.

  1. Open the Amazon Global Accelerator console.
  2. Choose your accelerator (AGAWorkshop by default).
  3. On the accelerator page, select the listener (do not click on it) and then click on Edit
  4. Change the Client affinity from None to Source IP
  5. Click on Save changes

x

Verify that requests from the same clients are served by the same endpoint

  1. cURL from a client located in Sao Paulo, Brazil
$ for i in {1..100}; do curl http://aebd116200e8c28ad.awsglobalaccelerator.com/ --silent >> output.txt; done; cat output.txt | sort | uniq -c ; rm output.txt;
  100 Processed in US-WEST-2 by AGAWorkshop2-Function-5N9U2S8PPDFP
  1. cURL from a client located in Dallas, TX
$ for i in {1..100}; do curl http://aebd116200e8c28ad.awsglobalaccelerator.com/ --silent >> output.txt; done; cat output.txt | sort | uniq -c ; rm output.txt;
  100 Processed in US-WEST-2 by AGAWorkshop-Function-P5UKYRRL0N05
  1. Request from a web browser located in Dallas, TX. Refreshing the page does not change the backend endpoint. x

  2. If you are at an AWS Event, use the web page the instructor shared with you x

The endpoint group in US-WEST-2 region has two endpoints, requests from the same clients are served by the same endpoint (ALB). The web page the instructor shared has four clients (EC2 instances) in different AWS regions (Ohio, Singapore, Paris and Sao Paulo), how would you explain that the Sao Paulo client is served from 2 endpoints, and not the Ohio one? (note that from a real client in Sao Paulo, requests are served by the same endpoint - see the cURL output above)?

CHECKPOINT: You just implemented client affinity, requests from a user at a specific source (client) IP address will be sent to the same endpoint. Ready for the next challenge?


CHALLENGE 5: For business continuity, your management would like to make sure that in case of a failure of an endpoint in an endpoint group, or an issue with ALB or Lambda in a region, your application still serves traffic without problem. Let’s do a POC on continuous monitoring and failover, move to the next lab when you are ready!