We have the following setup:
- Global Accelerator
- Endpoint group with EC2 instances
- Health checks on the instances (interval 10s, threshold 1)
We can boot and add EC2 instances to the endpoint group in under 60s, but then it takes the Global Accelerator health check up to multiple minutes to mark the instance as healthy (and actually send traffic).
There is actually a message in the AWS Console about this stating:
"When you add an EC2 instance as an endpoint, the health status might take a few minutes to update with the correct status. Make sure that the health check port on the instance is included in the IP address ranges for Route 53 health"
A few minutes is way to long for us to scale up when we need it. Is there some way to solve this?
https://x.com/koenbok/status/1824030241360126429
Hello! I can answer that: among other things, because ALBs scale really slowly so they are not a viable option for us
Yep what Artur says. ALB can like only double the capacity every 5 minutes or so. Because we're building a web hosting platform we need a setup where we need to be able to scale up very quickly when we get attacked. We can't effectively the normal Level 7 ddos defenses, because we have need to do our own tls termination due to a large amount of custom domains.
ALB or ASG scale up slowly? If you have an ASG you can have a warm Pool to bring your EC2s into a Target Group much quicker