Choosing the Right Load Balancer on Amazon: AWS Application Load Balancer vs. NGINX Plus

Anyone running highly available, scalable applications on Amazon Web Services (AWS) now has a few choices for load balancing:

The new option is described in a blog post and product documentation. In this post, we will review the new features in Amazon Load Balancer, then compare its pricing and features to open source NGINX and NGINX Plus. We will also describe the role of Classic Load Balancer with respect to these alternatives.

Note: See our previous blog post for a direct comparison of NGINX Plus and AWS Classic Load Balancer, as well as information on using them together.

New Features In Application Load Balancer

Application Load Balancer (ALB), like Classic Load Balancer, is tightly integrated into AWS. Amazon describes it as a Layer 7 load balancer – though it does lack many of the advanced features that cause people to choose a Layer 7 load balancer in the first place.

In contrast to Classic Load Balancer, ALB introduces several new features:

  • Content‑based routing. Amazon claims content‑based routing for ALB. Currently ALB can only direct traffic based on pattern matches against the URL; rules cannot select targets based on other criteria. One implication of this is that each application (identified by a specific domain) needs a dedicated ALB load balancer.
  • Support for container‑based applications. ALB improves on the existing support for containers hosted on Amazon’s EC2 Container Service.
  • More metrics. With the (limited) content‑based routing in ALB, you can now collect metrics on a per‑microservice basis.
  • WebSocket support. ALB supports persistent TCP connections between a client and server.
  • HTTP/2 support. ALB supports HTTP/2, a superior alternative when delivering content secured by SSL/TLS.

ALB is a significant update for AWS users who have struggled with Classic Load Balancer’s limited feature set, and it goes some way towards addressing the requirements of sophisticated users who need to be able to secure, optimize, and control the traffic to their web applications. However, it does fall short of the capabilities of dedicated reverse proxies (such as NGINX) and load balancers (such as NGINX Plus).

A Better Approach to Control Traffic on AWS

Rather than using Amazon ALB, users can deploy open source NGINX or NGINX Plus on AWS to control and load balance traffic. They may wish to deploy Classic Load Balancer as a frontend to achieve high availability across multiple availability zones. The table compares features supported by ALB, NGINX, and NGINX Plus.

Amazon ALB Open source NGINX NGINX Plus
Load balancing Round‑robin only, with cookie‑based session persistence Multiple load balancing methods (Round Robin, Least Connections, Hash) Adds Least Time method and more session persistence methods
Caching
Caching in the load balancer not supported

Strong support for static file caching and dynamic (application) caching

Static and dynamic caching plus advanced features
High availability and health checks Active monitoring –
Determines server health by checking status code returned for asynchronous HTTP health checks
Passive monitoring –
Identifies failed servers by checking responses to client requests
Both active and passive – Active checks are richer and more configurable than ALB’s
Multiple applications
Each application needs its own ALB instance, as Host header routing and multiple SSL/TLS certificates are not supported

Each NGINX instance fully supports multiple distinct applications

Each NGINX Plus instance fully supports multiple distinct applications
Content-based routing
Only based on the request URL (path‑based routing)

Based on request headers, cookies, or arguments, as well as the request URL
Containerized applications Can load balance to Amazon IDs, ECS container instances, and Auto Scaling groups Requires manual configuration or configuration templates Automated configuration using DNS including SRV records; works with leading registry services
Additional protocols
HTTP/HTTPS only

Also TCP and UDP, with passive health checks

Also TCP and UDP, with active and passive health checks
Portability
All environments (Dev, test, and production) must be on AWS

Any environment can be on any deployment platform
SSL/TLS – Single SSL/TLS certificate
– Single, hardwired SSL/TLS cipher
– Validation of SSL/TLS upstreams ❌
– Multiple SSL/TLS certificates
– Full choice of SSL/TLS ciphers

– Validation of SSL/TLS upstreams ✅ (full validation)

HTTP/2 and WebSocket
Single SSL/TLS certificate, HTTP/2 only

Multiple certificates and protocols

Multiple certificates and protocols
Advanced capabilities
Origin serving, prioritization, rate limiting, and more
Logging and debugging Amazon binary log format Customizable log files and multiple debug interfaces Fully customizable log files and multiple debug interfaces, fully supported by NGINX, Inc.
Monitoring tools
Integrated with Amazon CloudWatch

NGINX Amplify and other third‑party tools

NGINX Amplify and other third‑party tools; extended set of reported statistics
Official technical support
At additional cost

Community support only

Included in price and direct from NGINX, Inc.
Free tier
First 750 hours

Always free

30‑day trial subscription

Of course, you should evaluate your load‑balancing choice not by a feature checklist, but by assessing the capabilities you need to deliver your applications flawlessly, with high security, maximum availability, and full control.

Handling Traffic Spikes

Amazon’s Classic Load Balancer (formerly ELB) suffered from a poor response to traffic spikes. Load balancer instances were automatically sized for the current level of traffic, and it could take many minutes for ELB to respond and deploy additional capacity when spikes occurred. Users had to resort to a manual, forms‑based process to request additional resources in advance of traffic spikes (referred to as “pre‑warming”). It’s likely that ALB will require have similar limitations and require similar processes to scale.

NGINX and NGINX Plus are deployed within standard Amazon instances, and our sizing guide gives an indication of the potential peak performance of each instance type. Pricing for NGINX Plus is the same for all instance sizes, so it’s cost-effective to deploy excess capacity to handle spikes, and it’s quick to deploy more instances – no forms to complete – when more capacity is needed.

Detecting Failed Servers with Health Checks

Our initial testing of Amazon ALB indicates that it does not implement “passive” health checks. A server is only detected as having failed once an asynchronous test verifies that it is not returning the expected status code.

We discovered this by creating an ALB instance to load balance a cluster of instances. We configured a health check with the minimum 5‑second frequency and minimum threshold of 2 failed checks, and sent a steady stream of requests to the ALB. When we stopped one of the instances, for some requests ALB returned a 502 error for several seconds until the health check detected the instance was down. Passive health checks prevent these types of errors from being seen by end users.

ALB’s health checks can only determine the health of an instance by inspecting the HTTP status code (such as 200OK or 404NotFound). Such health checks are unreliable; for example, some web applications replace server‑generated errors with user‑friendly pages, and some errors are only reported in the body of a web page.

NGINX Plus’ health checks are more powerful, matching responses against the body of a response as well as the status code.

Pricing

Finally, the biggest question you face if you deploy the new ALB service is cost. Load Balancing can be a significant part of your AWS bill, and the need to run one load balancer instance per application can make it prohibitively expensive.

ALB carries this limitation, and the pricing seems even more complex. Unless you know precisely how many new connections, how many concurrent connections, and how much data you will manage each month – which is very hard to predict – and you can run the LCU calculation the same way that Amazon does, you’ll be dreading your AWS bill each month.

NGINX Plus on AWS gives you complete predictability. For a fixed hourly cost plus AWS hosting charges, you get a significantly more powerful load‑balancing solution with full support.

Conclusion

NGINX Plus is a proven and superior solution for Layer 7 load balancing, with Layer 4 load‑balancing features as well. It works well in tandem with Amazon’s own ELB/Classic Load Balancer.

ALB is a limited, unproven, and – at deployment volumes – expensive solution. Prudence suggests waiting to hear from other users as to features, functionality, reliability, and expense before depending on any new solution.

We encourage the continuing and growing use of NGINX and NGINX Plus in the AWS environment, already a very popular solution. If you are not already an NGINX Plus user, you can try NGINX Plus for free today.

Cover image
Cut Costs and Increase Flexibility
See why software is the ideal solution for your applications