Integrate ALB with GA to enable application acceleration - Server Load Balancer

If your service deployed on Application Load Balancer (ALB) is accessible to global users, user experience may be reduced by high network latency, network jitters, and packet loss caused by poor Internet quality. To address the preceding issues, you can integrate ALB with Global Accelerator (GA) to allow user requests to be routed to the nearest access points, which forward requests to servers over Alibaba Cloud internal networks. After ALB is integrated with GA, you can enable GA in the ALB console. This simplifies GA configurations.

GA overview

GA uses stable BGP lines and the congestion-free global network of Alibaba Cloud to accelerate Internet-facing applications. GA can reduce network latency, network jitters, and packet loss when your business system is deployed across regions or accessible to global users. Users can access your business system by connecting to the nearest access points worldwide. GA ensures high availability and high performance of web applications. For more information about GA, see What is Global Accelerator?

After ALB is integrated with GA, you can enable GA in the ALB console, without the need to configure or manage GA in the GA console. This greatly simplifies the configuration process.

Key features

Application acceleration: Requests from global users are routed to the nearest access points to improve user experience.
Simplified configurations: GA can be configured and enabled in the ALB console after simple configurations.

Use scenarios

GA is ideal for accelerating access from global users in multiple regions, such as in the following scenarios:

Game platform acceleration: Game platforms, such as logon systems and ecommerce systems, can use GA to reduce user complaints about slow logons.
Enterprise application acceleration: Multinational corporations can use GA to improve collaboration efficiency and experience of global employees.
Internet application acceleration: Internet applications can use GA to improve user experience and loyalty. GA helps you increase product popularity.

Examples

A company deployed a high-availability service on ALB in a region, and the service is accessible to global users in multiple regions. Due to poor Internet quality, some users experience high network latency.

To address the preceding issues, the company integrates ALB with GA to route user requests to the nearest access points, which greatly improves user experience.

Limits

Each ALB instance can be associated with only one GA instance.
GA is not supported in the following scenarios:
- The ALB instance is not associated with a listener.
- The ALB instance or listener is being modified.
- The ALB instance is associated with a QUIC listener.
- The HTTPS listener associated with the ALB instance is in the following scenarios:
  - Mutual authentication is enabled for the HTTPS listener.
  - The HTTPS listener uses a custom TLS policy.
  - The HTTPS listener uses an additional certificate.
- A listener of the ALB instance is associated with a gRPC server group.
- GA is not available in the region of the ALB instance. For more information about the regions in which GA is available, see Acceleration areas and regions.
- The public CIDR block of the endpoint used by the GA instance is on the IP blacklist of the listener associated with the Internet-facing ALB instance or overlaps with a CIDR block on the IP whitelist. For more information, see How do I view the endpoint group IP addresses of a GA instance?

Prerequisites

An Internet-facing or internal-facing ALB instance is created. For more information, see Create an ALB instance.
A server group is created. For more information, see Create and manage server groups.
Two Elastic Compute Service (ECS) instances are added to the server group, and applications are deployed on the ECS instances. In this example, the ECS instances are named ECS01 and ECS02.
Sample commands for deploying test applications on ECS instances
Sample command for deploying testing applications on ECS01:
```
yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "Hello World ! This is ECS01." > index.html
```
Sample command for deploying testing applications on ECS02:
```
yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "Hello World ! This is ECS02." > index.html
```
(Optional) A custom domain name is prepared. For more information, see Register a domain name on Alibaba Cloud.
A listener is created. For more information, see Add an HTTP listener and Add an HTTPS listener. To create an HTTPS listener, you must purchase or upload an SSL certificate in Certificate Management Service and associate the certificate with the domain name. For more information, see Get started with Certificate Management Service.

Procedure

Step 1: Enable application acceleration for the ALB instance

Log on to the ALB console.
In the top navigation bar, select the region in which the ALB instance is deployed.
On the Instances page, click the ID of the instance that you want to manage.
On the Integrated Services tab, click Create GA.
1. Activate GA: If GA is not activated within your Alibaba Cloud account, read and select the terms of service and activate GA.
2. Acceleration Area: Click the Acceleration Area drop-down list to select an acceleration area. You can select the region where clients are located or the region that is nearest to the clients as the acceleration region of the GA instance. An acceleration area is a collection of Alibaba Cloud regions. Each acceleration area contains one or more Alibaba Cloud regions.
  Note
  - If the acceleration area contains a Chinese mainland region or a backend server is deployed in the Chinese mainland, you must apply for an Internet Content Provider (ICP) number for the domain name.
  - If the acceleration area and the origin server are deployed across borders, read and select the Compliance Commitments for Cross-border Data Transfer. By default, cross-border communication uses premium bandwidth for acceleration.
After you complete the configurations, click OK.
Important
The first time you enable GA, all ALB listener information is synchronized to GA. However, listener configuration updates are not automatically synchronized to GA. You must manually update listener configurations in the GA console.

(Optional) Step 2: Add DNS records

After you enable GA for your ALB instance, the GA instance information, including the domain name, is displayed on the Integrated Services tab.

Copy the domain name and perform the following operations to add a CNAME record that maps the custom domain name to the domain name of the GA instance:

Log on to the Alibaba Cloud DNS console.
On the Domain Name Resolution page, click Add Domain Name.
In the Add Domain Name dialog box, enter the custom domain name and click OK.
Important
Before you create the CNAME record, use a TXT record to verify the ownership of the domain name.
In the Actions column of the domain name that you want to manage, click DNS Settings.
On the DNS Settings page, click Add Record.

In the Add Record panel, configure the parameters and click Confirm. The following table describes the parameters.

Parameter	Description
Record Type	Select CNAME from the drop-down list.
Hostname	Enter the prefix of the domain name.
DNS Request Source	Retain the default value.
Record Value	Enter the CNAME of the domain name. The CNAME is the domain name of the GA instance.
TTL	Select a time-to-live (TTL) value for the CNAME record to be cached on the DNS server. In this example, the default value is used.

Step 3: Test the acceleration result

In this example, an Internet-facing ALB instance, a GA instance whose backend server is deployed in the US (Silicon Valley) region, and a client that uses the China (Hong Kong) acceleration area are used.

Test the network latency after GA is enabled.
If your custom domain name is mapped to the domain name of the GA instance by using a CNAME record, change the accelerated domain name to the custom domain name. If no custom domain name is mapped to the domain name of the GA instance, enter the domain name of the GA instance as the accelerated domain name.
1. Access http://<Accelerated domain name> from your browser. The backend service is accessible. Refresh the browser multiple times. The requests are distributed between ECS01 and ECS02.
2. Run the command curl -o /dev/null -s -w "time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "http[s]://<Accelerated domain name>" to query the network latency after GA is enabled.
  The following figure shows the response.
Test the network latency before GA is enabled.
1. Access http://<ALB domain name> from your browser. The backend service is accessible. Refresh the browser multiple times. Requests are distributed between ECS01 and ECS02.
2. Run the command curl -o /dev/null -s -w "time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "http[s]://<ALB domain name>" to query the network latency before GA is enabled.
  The following figure shows the response.

Compare the results.

Parameter descriptions:

time_connect: the period of time that is required for establishing a TCP connection. Unit: seconds.
time_starttransfer: the start time of data transfer. The start time refers to the period of time from when the client sends a request to the backend server to when the first byte is sent to the client. Unit: seconds.
time_total: the total connection time. The total connection time refers to the period of time from when the client sends a request to when the client receives the last byte from the backend server. Unit: seconds.

Parameter	After GA acceleration (Unit: seconds)	Before GA acceleration (Unit: seconds)	Acceleration effect (Unit: seconds)	Acceleration effect (Unit: percentage)
time_connect	0.007	0.162	Increased by 0.155	Increased by 95.7%
time_starttransfer	0.163	0.321	Increased by 0.158	Increased by 49.2%
time_total	0.163	0.321	Increased by 0.158	Increased by 49.2%

Note

The examples and data in this topic are for reference only. The actual acceleration effect on your service prevails.

What to do next

View the acceleration status

On the Integrated Services tab, the Global Accelerator card displays the ID, domain name, and status of the GA instance.

Disable application acceleration

To disable application acceleration for an ALB instance, delete the GA instance in the GA console or delete the ALB listener and endpoint group that are associated with the GA instance.

FAQ

What type of GA instance is created?

A pay-as-you-go standard GA instance is created.

What additional fees are charged after GA is enabled?

You are charged GA fees after GA is enabled. GA fees include GA instance fees, capacity unit (CU) fees, and data transfer fees. For more information, see Billing of pay-as-you-go GA instances.

After an ALB listener is added, why is GA not enabled for the listener?

ALB listener information is synchronized to GA only the first time you enable GA. Listener updates are not automatically synchronized to GA. You must manually manage listener information in the GA console.

Why do the access control policies of ALB not take effect after GA is enabled?

After GA is enabled, the accelerated domain name is the domain name of the GA instance. As a result, the ALB control policies do not take effect.

To control access from IP addresses, configure access control policies for the GA instance. For more information, see GA access control.

References

By default, cross-border communication uses premium bandwidth for acceleration. If you require higher network quality, use the cross-border Express Connect circuits of China Unicom. For more information, see Select and purchase GA resources.