Tuesday, July 1, 2025

AWS Global Accelerator | Overview & Hands-on

 

AWS Global Accelerator – Explained

AWS Global Accelerator is a networking service that improves the availability, performance, and global reach of twtech applications with a global static IP front end and intelligent traffic routing to the closest edged location.

What AWS Global Accelerator Does

AWS Global Accelerator directs user traffic to the optimal endpoint (e.g., EC2, ALB, NLB) based on health, geography, and latency using AWS’s global network.

 Key Features

Feature

Description

Static IPs

Two fixed IPs (or bring your own) that act as a front door to your app.

Global Network Routing

Uses the AWS backbone (not public internet) to route traffic.

Health Checks

Automatically checks endpoint health and reroutes traffic on failure.

Traffic Distribution

Supports weighted routing and traffic dials to shift or control traffic.

IP Address Whitelisting

Easier for corporate firewalls — IPs don’t change.

Anycast

Uses Anycast IPs to route users to the nearest healthy AWS edge location.

 How AWS Global Accelerator Works

  1. twtech associates two static Anycast IP addresses with your accelerator.
  2. Users around the world hit these IPs — they’re routed via the nearest AWS edge location.
  3. Traffic is forwarded over AWS’s global network to the nearest/healthy regional endpoint (ALB, NLB, EC2).
  4. If an endpoint becomes unhealthy, traffic is shifted to another one without DNS changes.

 Use Cases

Use Case

Description

 Global Applications

Serve users worldwide with low latency and high availability.

 Failover

High availability with automatic failover between regions.

 Security Compliance

IP whitelisting for clients (e.g., financial services).

 Gaming, Media, APIs

Real-time apps benefit from stable, low-latency routing.

 Global Accelerator vs. CloudFront

Similarities: 

• They both use the AWS global network and its edge locations around the world

• Their both services integrate with AWS Shield for DDoS protection. 

Differences:

Feature

Global Accelerator

CloudFront

Purpose

Optimized TCP/UDP routing

Content caching and delivery

Use Case

APIs, gaming, VoIP

Static/streaming content

Static IPs

Yes

No

Latency Optimization

Yes

Yes, but for cache hits only

Protocol

TCP, UDP

HTTP/HTTPS

 Pricing as of July.1-2025

  • Charged per:
    • Accelerator ($0.025/hour)
    • GB of data transferred over the AWS network
    • Number of endpoint groups

twtech-insights:

 Traffic within AWS (over Global Accelerator) is usually more expensive than regular regional traffic — Global Accelerator should be used only where low latency or there is need for high availability... justified.

Two Anycast IP are created for twech application, then Anycast IP sends traffic directly to the Edge Locations, eventually the Edge locations send traffic to twtech application.

AWS Global Accelerator works great with Elastic IP, EC2 instances, ALB, NLB, public or private. 

Project: Hands-on

How twtech uses aws Global Accelerator for its application.

Search for the aws service: Global Accelerator

Create an accelerator: twtech-global-accelerator

Before creating the global accelerator:  First, twtech need to setup its application on ec2 instances.


Choose OS type: Amazon Linux 2023


Edit network settings: To create a security rule that allow http traffic for the application.



Go advanced details: Add userdata that bootstraps the application as the instance is being provisioned.

Scroll down to user data: to upload or paste the script

Bootstrap user-data for:  httpd

# Link to script:

https://github.com/Devopspat35/Package-management/blob/master/http-user-data

#!/bin/bash

yum update -y

yum install -y httpd

systemctl start httpd

systemctl enable httpd

echo " <h1> twtech hello-app from $(hostname -f) in us-east-2 </h1>" > /var/www/html/index.html

Verify the summary and launch the instance.


Verify the instance provisioned with the app: twtech-webapp
How twtech verifies that the application Is successfully bootstrapped with :Public IPv4  address


If the browser does not work, try another:  Here is my google chrome

Try another browser like:  Firefox Mozilla It works.

How twtech follows the same steps to provision instances and applications in different regions:

Canada (central)

Make sure the instances have the same name: twtech-webapp

Also create a security group that: allows http traffic

# User-data to bootstrap http in: canada central

#!/bin/bash

yum update -y

yum install -y httpd

systemctl start httpd

systemctl enable httpd

echo " <h1> twtech hello-app from $(hostname -f) in canada-central </h1>" > /var/www/html/index.html


Also verify that the application is accessible in:  Canada central

And:

Asia Pacific: Tokyo

twtech must create a security group in each region: To allows http traffic to the application



# User-data to bootstrap http in: Asia Pacific Tokyo

#!/bin/bash

yum update -y

yum install -y httpd

systemctl start httpd

systemctl enable httpd

echo " <h1> twtech hello-app from $(hostname -f) in Asia Pacific-Tokyo </h1>" > /var/www/html/index.html

Also verify that the application is accessible inAsia Pacific -Tokyo

Go back to global accelerator console to create: twtech-global-accelerator


Assign a name: twtech-global-accelerator


Add listeners: TCP Port 80 (TCP means Transmission Control Protocol)

Add endpoint groups:

Add another endpoint group: for other region where the application is running.. canada-central



Add another endpoint group for application in:  Asia pacific-Tokyo (ap-northeast-1)


Create accelerator: twtech-global-accelerator.

Add endpoints: twtech-webapp-instances



Create global accelerator: twtech-global-accelerator

NB:

The gobal accelerator is created with:  Two static IPv4 addresses.

This is also associated with a DNS name: a912fe7557exxxxxx.awsglobalaccelerator.com

Status will eventually change

From: In progress 

To:  Deployed


Click on the created global accelerator to see details: twtech-global-accelerator




How twtech verifies that its global accelerator is working seamlessly,

 with DNS name:  a912fe7557exxxxxx.awsglobalaccelerator.com

Again it may not be compatible with the browser: google chrome

Try another browser: firefox moxilla

Yes: twtech has just installed its application on its instance in Ohio, Canada and Tokyo , then created a global accelerator to route traffic to its applications in these regions.

NB:

New Traffic is routed to the closest application to twtech-admin located in:  us-east-2 (Ohio)

Health checks failovers: 

If the instance stops or fails in ohio, traffic is immediately routed to the next nearest health location: Canada central

Health checks will immediately identify the instance in us-east-2 (Ohio) as: unhealthy instances will trigger global accelerator to route traffic to the nearest healthy loction (Canada-central)

From:

To:

Refresh page:

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Kubernetes Clusters | Upstream Vs Downstream.

  The terms "upstream" and "downstream" in the context of Kubernetes clusters often refer to the direction of code fl...