DAY3 -Monitoring & Scaling
Published: (January 30, 2026 at 07:20 PM EST)
2 min read
Source: Dev.to
Source: Dev.to
Overview
Today’s hands‑on lab covers monitoring and scaling EC2 instances using an Application Load Balancer (ALB), an Auto Scaling Group (ASG), and CloudWatch.
Network Setup
- Subnet: Use the public subnet created in the Day 1 hands‑on.
- Route: Add a default route to the private route table associated with private subnets so that instances in those subnets can reach the Internet.
Security Groups
ALB Security Group
- Inbound: HTTP 80 from
0.0.0.0/0 - Outbound: All traffic (default)
EC2 Security Group
- Inbound: HTTP 80 from the ALB security group created above
- Outbound: All traffic (default)
Target Group
- Target type: Instances
Launch Template
Create a launch template for the ASG with the following settings:
- AMI: Amazon Linux 2023
- User data:
#!/bin/bash
set -e
dnf -y update
dnf -y install nginx
systemctl enable --now nginx
TOKEN=$(curl -s -X PUT "http://169.254.169.254/latest/api/token" \
-H "X-aws-ec2-metadata-token-ttl-seconds: 21600")
INSTANCE_ID=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" \
http://169.254.169.254/latest/meta-data/instance-id)
cat > /usr/share/nginx/html/index.html <<EOF
## Day3: ALB + ASG (Private EC2)
InstanceId: ${INSTANCE_ID}
EOFAuto Scaling Group (ASG)
- Launch template: Use the template created above.
- Scheme: Internet‑facing
After the ASG is created, verify that the ALB’s DNS name loads the page showing the instance ID. Ensure the target group status is healthy.
Scaling Policy
- In the ASG console, navigate to Automatic scaling → Create dynamic scaling policy.
- Connect to an EC2 instance via SSM (as in Day 2) and run the following commands to generate CPU load for ten minutes:
sudo dnf -y install stress-ng
cd /tmp
stress-ng --cpu 2 --timeout 10m- Wait a few minutes and observe the scaling activity in the ASG dashboard.
Cleanup Order
Delete resources in the following order to avoid dependency failures:
- Auto Scaling Group
- Launch template
- ALB and target group
- Subnets, route tables, and NAT resources
- Security groups
Key Exam Points
- NAT Gateway: Managed service; automatically associated with an Elastic IP (EIP).
- NAT Instance: EC2 instance with an EIP or public IP; you must manage failover and load balancing.
ALB vs. NLB
| Feature | ALB | NLB |
|---|---|---|
| Protocol | HTTP/HTTPS (layer 7) | TCP, TLS, UDP (layer 4) |
| Routing | URL‑based, host‑based, path‑based; can target Lambda functions; integrates with ACM for certificates | High‑throughput, static IP (EIP); ideal for latency‑sensitive workloads (e.g., financial systems) |
| Use Cases | Web applications requiring URL routing or SSL termination | High‑speed, low‑latency traffic or services needing a fixed IP address |
Scaling of Resources
- EC2: ASG + ALB/NLB + scaling metrics (CPU, request count, etc.)
- Lambda: Concurrency limits, driven by event sources (SQS, Kinesis, etc.)
- ECS/EKS: Service Auto Scaling
See you soon in Day 4 hands‑on!