How to gracefully shut down or remove AWS instances from an ELB group

Question

I have a cloud of server instances running at Amazon using their load balancer to distribute the traffic. Now I am looking for a good way to gracefully scale the network down, without causing connection errors on the browser's side.

As far as I know, any connections of an instance will be rudely terminated when removed from the load balancer.

I would like to have a way to inform my instance like one minute before it gets shut down or to have the load balancer stop sending traffic to the dying instance, but without terminating existing connections to it.

My app is node.js based running on Ubuntu. I also have some special software running on it, so I prefer not to use the many PAAS offering node.js hosting.

Thanks for any hints.

Answer 1

I know this is an old question, but it should be noted that Amazon has recently added support for connection draining, which means that when an instance is removed from the loadbalancer, the instance will complete requests that were in progress before the instance was removed from the loadbalancer. No new requests will be routed to the instance that was removed. You can also supply a timeout for these requests, meaning any requests that run longer than the timeout window will be terminated after all.

To enable this behaviour, go to the Instances tab of your loadbalancer and change the Connection Draining behaviour.

Answer 2

This idea uses the ELB's capability to detect an unhealthy node and remove it from the pool BUT it relies upon the ELB behaving as expected in the assumptions below. This is something I've been meaning to test for myself but haven't had the time yet. I'll update the answer when I do.

Process Overview

The following logic could be wrapped and run at the time the node needs to be shut down.

1. Block new HTTP connections to nodeX but continue to allow existing connections
2. Wait for existing connections to drain, either by monitoring existing connections to your application or by allowing a "safe" amount of time.
3. Initiate a shutdown on the nodeX EC2 instance using the EC2 API directly or Abstracted scripts.

"safe" according to your application, which may not be possible to determine for some applications.

Assumptions that need to be tested

We know that ELB removes unhealthy instances from it's pool I would expect this to be graceful, so that:

1. A new connection to a recently closed port will be gracefully redirected to the next node in the pool
2. When a node is marked Bad, the already established connections to that node are unaffected.

possible test cases:

• Fire HTTP connections at ELB (E.g. from a curl script) logging the results during scripted opening an closing of one of the nodes HTTP ports. You would need to experiment to find an acceptable amount of time that allows ELB to always determine a state change.
• Maintain a long HTTP session, (E.g. file download) while blocking new HTTP connections, the long session should hopefully continue.

1. How to block HTTP Connections

Use a local firewall on nodeX to block new sessions but continue to allow established sessions.

For example IP tables:

iptables -A INPUT -j DROP -p tcp --syn --destination-port <web service port>