Q: What is AWS Global Accelerator?
A: AWS Global Accelerator is a networking service that helps you improve the availability and performance of the applications that you offer to your global users. AWS Global Accelerator is easy to set up, configure and manage. It provides a fixed entry point to your applications through static IP addresses and eliminates the complexity of managing specific IP addresses for different AWS Regions and Availability Zones. AWS Global Accelerator always routes user traffic to the optimal endpoint based on performance, reacting instantly to changes in application health, your user’s location, and policies that you configure. Like other AWS services, AWS Global Accelerator is a self-service, pay-per-use offering, requiring no long term commitments or minimum fees.
Q: What can I do with AWS Global Accelerator?
A: With AWS Global Accelerator, you can:
- Associate static IP addresses provided by AWS Global Accelerator and anycast from AWS edge locations to regional AWS resources or endpoints, such as Network Load Balancers, Application Load Balancers, EC2 Instances, and Elastic IP addresses.
- Easily move endpoints between Availability Zones or AWS Regions without needing to update your DNS configuration or change client-facing applications.
- Dial traffic up or down for a specific AWS Region by configuring a traffic dial percentage for your endpoint groups. This is especially valuable for testing performance and updates.
- Control the amount of traffic directed to each endpoint within endpoint groups by assigning weights between your endpoints.
Q: How do I get started with AWS Global Accelerator?
A: You can get started with setting up AWS Global Accelerator through the API or through the AWS Management Console. Because AWS Global Accelerator is a global service, it is not tied to any particular AWS Region. Here are three easy steps to set up AWS Global Accelerator for your application:
- Create an accelerator: You create your accelerator, which provisions static IP addresses associated with it. Then you configure one or more listeners to process inbound connections from end clients to your accelerator, based on the protocol and port that you specify.
- Configure endpoint groups: You choose one or more regional endpoint groups to associate to your accelerator’s listener by specifying the AWS Regions to which you want to distribute traffic. Your listener routes requests to the registered endpoints in this endpoint group. AWS Global Accelerator monitors the health of endpoints within the group using the health check settings defined for each of your endpoints. You can configure traffic dial percentage for each endpoint group, which controls the amount of traffic that an endpoint group will accept. By default, the traffic dial is set to 100% for all regional endpoint groups.
- Register endpoints for endpoint groups: Register endpoints for endpoint groups: You register one or more regional resources, such as Application Load Balancers, Network Load Balancers, EC2 Instances, or Elastic IP addresses in each endpoint group. Then you choose how much traffic is routed to each endpoint.
Q: How does AWS Global Accelerator work with Elastic Load Balancing (ELB)?
A: Both solve the challenge of routing user requests to healthy application endpoints. However, AWS Global Accelerator relies on ELB to provide the traditional load balancing features such as support for internal and non-AWS endpoints, pre-warming, and Layer 7 routing. While ELB provides intra-region load balancing, AWS Global Accelerator provides inter-region traffic management.
A regional ELB load balancer is an ideal target for AWS Global Accelerator. It is possible to precisely distribute incoming application traffic across backends, such as Amazon EC2 instances or Amazon ECS tasks, within an AWS Region with a regional ELB load balancer. AWS Global Accelerator complements ELB by extending these capabilities beyond any single AWS Region, allowing you to provision a global interface for your applications in any number of AWS Regions. If you have workloads that cater to a global client base, we recommend that you use AWS Global Accelerator. If you have workloads hosted in a single AWS Region and used by clients in and around the same AWS Region, you could use an Application Load Balancer or Network Load Balancer to manage such resources.
Q: How is AWS Global Accelerator different from Amazon CloudFront?
A: Global Accelerator and CloudFront are two separate services that use the AWS global network and its edge locations around the world. CloudFront improves performance for both cacheable (e.g., images and videos) and dynamic content (e.g., APIs acceleration and dynamic site delivery). Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in a single or multiple AWS Regions. Global Accelerator is a good fit for non-HTTP use cases, such as gaming (UDP), IoT (MQTT) or Voice of IP, as well as for HTTP use cases that specifically require static IP addresses or deterministic fast regional failover. Both services integrate with AWS Shield for DDoS protection.
Q: Can I use AWS Global Accelerator for my on-premises services?
A: You can’t directly configure on-premises resources as endpoints for your static IP addresses, but you can configure a Network Load Balancer (NLB) in each AWS Region to address your on-premises endpoints. These NLBs can then be endpoints in your AWS Global Accelerator configuration.
Q: What benefits does AWS Global Accelerator provide?
A: Instant regional failover: AWS Global Accelerator automatically checks the health of your applications and routes user traffic only to healthy application endpoints. If the health status changes or you make configuration updates, AWS Global Accelerator reacts instantaneously to route your users to the next available endpoint.
High availability: AWS Global Accelerator has a fault-isolating design that increases the availability of your application. On provisioning AWS Global Accelerator, you are allocated two IPv4 static IP addresses that are serviced by independent network zones. Similar to Availability Zones, these network zones are isolated units with their own physical infrastructure and service static IP addresses from a unique IP subnet. If one static IP address becomes unavailable due to IP blocking, or unreachable networks, AWS Global Accelerator will provide fault tolerance to client applications by rerouting to a healthy static IP address from the other isolated network zone.
No variability around clients caching IP addresses: Because some client devices and internet resolvers cache DNS answers for long durations, you don’t know how long it will take before users have the updated IP addresses in the event of a configuration update, application failure, or change in your routing preference. With AWS Global Accelerator there is no reliance on IP address caching settings of client devices. The change propagation time is a matter of seconds, thereby reducing downtime of your applications.
Improved performance: AWS Global Accelerator ingresses traffic from the edge location that is closest to your end clients through anycast static IP addresses. This traffic traverses the congestion-free and redundant AWS global network, thereby optimizing the path to your application that is running in an AWS Region. AWS Global Accelerator chooses the optimal AWS Region based on the geography of end clients, resulting in reduced first-byte latency and better performance.
Easy manageability: The static IP addresses are fixed and provide a single entry point to your applications. This lets you easily move your endpoints between Availability Zones or between AWS Regions, without having to update the DNS configuration or client-facing applications. Use cases include A/B testing, application updates, and failover simulations. Corporate proxies can also whitelist your application’s static IP addresses in their firewalls.
Fine-grained control: AWS Global Accelerator lets you set weights for your regional endpoint groups. This lets you dial traffic up or down for a specific AWS Region when you conduct performance testing or application updates. In addition, if you have stateful applications, you can choose to direct all requests from a user to the same endpoint, irrespective of the source port and protocol, to maintain client affinity. This gives you fine-grained control.
Q: I operate only in a single AWS Region; is there any benefit I can get from AWS Global Accelerator?
A: Yes. While you might not want to use the intelligent traffic routing capabilities of AWS Global Accelerator, there are a number of advantages to using static IP addresses. First, by using these addresses, you increase the Quality of Service (QoS) for your users by onboarding their traffic onto the AWS global network as close to the user as possible. Instead of traversing multiple hops through the public internet, over potentially congested and non-redundant network paths, to reach your destination AWS Region, you get to leverage the AWS globally redundant network to help uplift your client availability and performance. Second, you get the freedom to easily move your application between AWS Regions without changing your public interface. This means you can plan for the future, knowing that if your needs change you can easily migrate or add additional AWS Regions without worrying about how your users will connect to your applications.
Q: How does AWS Global Accelerator make it easy to move to a multi-region setup?
A: You may want to run your applications in multiple AWS Regions primarily for regional redundancy and for better performance by running your applications closer to your users. By providing a network layer between the application and its clients, AWS Global Accelerator performs health checks and then routes around failed endpoints, without clients needing to be aware of the change. This allows for graceful shutdown and startup of new endpoints, while ensuring that internet traffic is routed to the closest available endpoint, thereby improving availability and performance for your users.
Q: How does AWS Global Accelerator help solve multi-region failover?
A: AWS Global Accelerator provides you with a set of static IP addresses that can map to multiple application endpoints across AWS Regions to improve redundancy. In the event of a failure of your application in a particular AWS Region, AWS Global Accelerator automatically detects the unhealthy endpoints and redirects traffic to the next optimal AWS Region, thus ensuring high availability and disaster recovery.
Q: How fast will my application be able to failover between AWS Regions?
A: AWS Global Accelerator can detect an unhealthy endpoint and take it out of service in less than 1 minute.
Q: What compliance certifications does AWS Global Accelerator support?
A: AWS Global Accelerator certifications make it easier for you to verify our high security standards and meet your own regulatory and compliance obligations. It has been assessed to comply with PCI DSS, ISO 9001, 27001, 27017, 27018, 27018, and SOC (System & Organization Control), in addition to being HIPAA-eligible.
Q: Does AWS Global Accelerator support IPv4 and IPv6?
A: The service currently supports IPv4 addresses.
Q: What protocols does AWS Global Accelerator support?
A: AWS Global Accelerator supports both TCP and UDP.
Q: How is AWS Global Accelerator different from DNS based traffic management solutions?
A: First, because some client devices cache DNS answers for long durations, it is hard to know how long it will take before users have the updated IP addresses in the event of a configuration update, backend failure, or change in routing preferences. With Global Accelerator, there is no reliance on IP address caching settings of client devices. The change propagation time is a matter of seconds, thereby reducing downtime of your applications. Second, with Global Accelerator, you get static IP addresses that are fixed and provide a fixed entry point to your applications. This lets you easily move your endpoints between Availability Zones or between AWS Regions, without having to update the DNS configuration or client-facing applications.
Q: Can I use AWS Global Accelerator with AWS Direct Connect?
A: Today we don’t recommend advertise IP addresses that you use to communicate with AWS Global Accelerator over your AWS Direct Connect public virtual interface. For details on how to use Public Virtual Interfaces with Direct Connect, follow this link.