Use GA to accelerate ALB backend applications - Global Accelerator

If your service deployed on Application Load Balancer (ALB) is accessible to global users, user experience may be reduced by high network latency, network jitters, and packet loss caused by poor Internet quality. To address the preceding issues, you can integrate ALB with Global Accelerator (GA) to allow user requests to be routed to the nearest access points, which forward requests to servers over Alibaba Cloud internal networks.

Examples

A company deployed a high-availability service on ALB in the China (Hangzhou) region, and the service is accessible to global users in multiple regions. Due to the poor quality of cross-border Internet connections, some users experience high network latency.

To address the preceding issues, the company uses ALB with GA to route user requests to the nearest access points, which greatly improves user experience.

Prerequisites

An ALB instance is created and managed. For more information, see Create and manage an ALB instance.
A server group is created for the ALB instance. For more information, see Create and manage server groups.
Two Elastic Compute Service (ECS) instances are added to the server group, and applications are deployed on the ECS instances. In this example, the ECS instances are named ECS01 and ECS02.
In this example, the Alibaba Cloud Linux 3 operating system is used. NGINX is used to configure the backend HTTP service that uses port 80.
Sample commands for deploying test applications on ECS instances
Sample command for deploying testing applications on ECS01:
```
yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "Hello World !  This is ECS01." > index.html
```
Sample command for deploying testing applications on ECS02:
```
yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "Hello World !  This is ECS02." > index.html
```
A custom domain name is registered. An ICP number is obtained for the domain name. A CNAME record that maps the domain name to the CNAME of the ALB instance is created.
An HTTP listener or HTTPS listener is created for the ALB instance. If you use an HTTPS listener, you must create and apply for a certificate or upload a third-party certificate to the Certificate Management Service, and associate your domain name with the certificate.

Procedure

You can use one of the following methods to configure GA to accelerate ALB backend applications:

Add ALB as a backend service in the GA console. You can use custom GA configurations.
Configure GA in the ALB console. This method is suitable for users who want to accelerate ALB applications in an efficient manner.

Add ALB as a backend service in the GA console

Step 1: Configure basic information about the GA instance

In this example, a pay-as-you-go standard GA instance is used.

On the Standard Instance > Instances page of the GA console, click Create Standard Pay-as-you-go Instance.
In the Basic Instance Configuration step, configure the basic information and click Next.

Step 2: Configure an acceleration area

In the Configure Acceleration Area step, add an acceleration region, allocate bandwidth to the region, and then click Next.

In this example, the US (Silicon Valley) region is used. The Acceleration Area parameter is set to US (Silicon Valley), and the ISP Line Type parameter is set to BGP (Multi-ISP). You can use the default values for other parameters or modify the parameters based on your business requirements. For more information, see Add and manage acceleration areas.

Step 3: Configure a listener

In the Configure listeners step, configure the forwarding protocol and the port, and then click Next.

In this example, the Protocol parameter is set to HTTP and the Port parameter is set to 80. You can use the default values for other parameters or modify the parameters based on your business requirements. For more information, see Add and manage intelligent routing listeners.

Note

UDP listeners do not support ALB instances as endpoints.

HTTP监听.png

Step 4: Configure an endpoint group and endpoints

In the Configure an endpoint group step, configure the endpoint and click Next.
In this example, the Region parameter is set to China (Hangzhou), the Backend Service Type parameter is set to ALB, and the Backend Service parameter is set to the ALB instance. Then, read and select Compliance Commitments Regarding Cross-border Data Transfers. You can use the default values for other parameters or modify the parameters based on your business requirements. For more information, see Configure the endpoint groups of intelligent routing listeners.
In the Configuration Review step, confirm the configurations and click Submit.

Step 5: Configure a CNAME record

Configure a CNAME record to map the service domain name to the CNAME assigned by the GA instance. This accelerates access to the service.

If you already created a CNAME record that points to the ALB instance, you can specify North America_United States when you add a CNAME record that points to the GA instance. If the CNAME record works as expected, apply the CNAME record to other regions or retain only the CNAME record that points to the GA instance.

On the Authoritative DNS Resolution page, find the custom domain name and click DNS Settings in the Actions column.
Note
For a domain name that is not registered with Alibaba Cloud, you must add the domain name to the Alibaba Cloud DNS console before you can configure DNS records.
On the DNS Settings page, click Add DNS Record, configure a CNAME record, and then click OK.
In this example, the Record Type parameter is set to CNAME, the Hostname parameter is set to www, the DNS Request Source parameter is set to North America_United States, and the Record Value parameter is set to the CNAME of the GA instance. You can use the default values for other parameters or modify the parameters based on your business requirements. For more information, see Add DNS records.

Step 6: Verify the acceleration performance

In this example, an Internet-facing ALB instance, a GA instance whose backend server is deployed in the China (Hangzhou) region, and a client in the US are used.

Test the network latency after GA is enabled.
1. Visit http://<Custom domain name> from a browser. The result shows that the browser can access the backend service. Refresh the browser multiple times. Requests are distributed between ECS01 and ECS02.
2. Run the curl -o /dev/null -s -w "time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "http[s]://<Custom domain name>" command to query the network latency after GA is enabled.
  The following figure shows the response.
Test the network latency before GA is enabled.
1. Visit http://<Custom domain name> from a browser. The result shows that the browser can access the backend service. Refresh the browser multiple times. Requests are distributed between ECS01 and ECS02.
2. Run the curl -o /dev/null -s -w "time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "http[s]://<Custom domain name>" command to query the network latency before GA is enabled.
  The following figure shows the response.

Compare the network latency by using the following parameters:

time_connect: the period of time that is required for establishing a TCP connection. Unit: seconds.
time_starttransfer: The start time of data transfer. The start time refers to the amount of time from when the client sends a request to the backend server to when the first byte is sent to the client. Unit: seconds.
time_total: The total connection time. The total connection time refers to the period of time from when the client sends a request to when the client receives the last byte from the backend server. Unit: seconds.

Parameter	After GA acceleration (Unit: seconds)	Before GA acceleration (Unit: seconds)	Acceleration performance (Unit: seconds)	Acceleration performance (Unit: percentage)
time_connect	0.008	0.017	Reduced by 0.009	Improved by 52.9%
time_starttransfer	0.207	0.427	Reduced by 0.220	Improved by 51.5%
time_total	0.207	0.427	Reduced by 0.220	Improved by 51.5%

Note

The examples and data in this topic are for reference only. The actual acceleration performance on your service prevails.

In addition, you can use the network detection tool to check the response time before and after you configure GA.

Configure GA in the ALB console

ALB is integrated with GA. You can enable GA in the ALB console. This simplifies GA configurations.

Limits

Each ALB instance can be associated with only one GA instance.
GA is not supported in the following scenarios:
- The ALB instance is not associated with a listener.
- The ALB instance or listener is being modified.
- The ALB instance is associated with a QUIC listener.
- The HTTPS listener associated with the ALB instance is in the following scenarios:
  - Mutual authentication is enabled for the HTTPS listener.
  - The HTTPS listener uses a custom TLS policy.
  - The HTTPS listener uses an additional certificate.
- A listener of the ALB instance is associated with a gRPC server group.
- GA is not available in the region of the ALB instance. For more information about the regions in which GA is available, see Acceleration areas and regions.
- The public CIDR block of the endpoint used by the GA instance is on the IP blacklist of the listener associated with the Internet-facing ALB instance or overlaps with a CIDR block on the IP whitelist. For more information, see How do I view the endpoint group IP addresses of a GA instance?

Step 1: Enable application acceleration for the ALB instance

Log on to the ALB console.
In the top navigation bar, select the region in which the ALB instance is deployed.
On the Instances page, click the ID of the instance that you want to manage.
On the Integrated Services tab, click Create GA.
1. Activate GA: If GA is not activated within your Alibaba Cloud account, read and select the terms of service and activate GA.
2. Acceleration Area: Click the Acceleration Area drop-down list to select an acceleration area. You can select the region where clients are located or the region that is nearest to the clients as the acceleration region of the GA instance. An acceleration area is a collection of Alibaba Cloud regions. Each acceleration area contains one or more Alibaba Cloud regions.
  Note
  - If the acceleration area contains a Chinese mainland region or a backend server is deployed in the Chinese mainland, you must apply for an Internet Content Provider (ICP) number for the domain name.
  - If the acceleration area and the origin server are deployed across borders, read and select the Compliance Commitments for Cross-border Data Transfer. By default, cross-border communication uses premium bandwidth for acceleration.
After you complete the configurations, click OK.
Important
The first time you enable GA, all ALB listener information is synchronized to GA. However, listener configuration updates are not automatically synchronized to GA. You must manually update listener configurations in the GA console.

Step 2: Add a CNAME record

Configure a CNAME record to map the service domain name to the CNAME assigned by the GA instance. This accelerates access to the service.

After you enable GA for your ALB instance, the GA instance information, including the CNAME, is displayed on the Integrated Services tab.

On the Authoritative DNS Resolution page, find the custom domain name and click DNS Settings in the Actions column.
Note
For a domain name that is not registered with Alibaba Cloud, you must add the domain name to the Alibaba Cloud DNS console before you can configure DNS records.
On the DNS Settings page, click Add DNS Record, configure a CNAME record, and then click OK.
In this example, the Record Type parameter is set to CNAME, the Hostname parameter is set to www, the DNS Request Source parameter is set to North America_United States, and the Record Value parameter is set to the CNAME of the GA instance. You can use the default values for other parameters or modify the parameters based on your business requirements. For more information, see Add DNS records.

Step 3: Verify the acceleration performance

In this example, an Internet-facing ALB instance, a GA instance whose backend server is deployed in the China (Hangzhou) region, and a client in the US are used.

Test the network latency after GA is enabled.
1. Visit http://<Custom domain name> from a browser. The result shows that the browser can access the backend service. Refresh the browser multiple times. Requests are distributed between ECS01 and ECS02.
2. Run the curl -o /dev/null -s -w "time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "http[s]://<Custom domain name>" command to query the network latency after GA is enabled.
  The following figure shows the response.
Test the network latency before GA is enabled.
1. Visit http://<Custom domain name> from a browser. The result shows that the browser can access the backend service. Refresh the browser multiple times. Requests are distributed between ECS01 and ECS02.
2. Run the curl -o /dev/null -s -w "time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "http[s]://<Custom domain name>" command to query the network latency before GA is enabled.
  The following figure shows the response.

Compare the network latency by using the following parameters:

time_connect: the period of time that is required for establishing a TCP connection. Unit: seconds.
time_starttransfer: The start time of data transfer. The start time refers to the amount of time from when the client sends a request to the backend server to when the first byte is sent to the client. Unit: seconds.
time_total: The total connection time. The total connection time refers to the period of time from when the client sends a request to when the client receives the last byte from the backend server. Unit: seconds.

Parameter	After GA acceleration (Unit: seconds)	Before GA acceleration (Unit: seconds)	Acceleration performance (Unit: seconds)	Acceleration performance (Unit: percentage)
time_connect	0.008	0.017	Reduced by 0.009	Improved by 52.9%
time_starttransfer	0.207	0.427	Reduced by 0.220	Improved by 51.5%
time_total	0.207	0.427	Reduced by 0.220	Improved by 51.5%

Note

The examples and data in this topic are for reference only. The actual acceleration performance on your service prevails.

In addition, you can use the network detection tool to check the response time before and after you configure GA.

FAQ

What type of GA instance is created?

A pay-as-you-go standard GA instance is created.

What additional fees are charged after GA is enabled?

You are charged GA fees after GA is enabled. GA fees include GA instance fees, capacity unit (CU) fees, and data transfer fees. For more information, see Billing of pay-as-you-go GA instances.

After an ALB listener is added, why is GA not enabled for the listener?

ALB listener information is synchronized to GA only the first time you enable GA. Listener updates are not automatically synchronized to GA. You must manually manage listener information in the GA console.

Why do the access control policies of ALB not take effect after GA is enabled?

After GA is enabled, the accelerated domain name is the domain name of the GA instance. As a result, the ALB control policies do not take effect.

To control access from IP addresses, configure access control policies for the GA instance. For more information, see GA access control.

References

ALB billing overview: describes the billing methods and billable items of ALB.
GA billing overview: describes the billing methods and billable items of GA.
Cross-border acceleration configuration: For cross-border scenarios, BGP (Multi-ISP) Pro is used by default. If you require higher network quality, use cross-border Express Connect circuits.