What are possible causes for this problem?

By:
On:
In: SOA-C02
Tagged:
With: 0 Comments
A company is managing a website with a global user base hosted on Amazon EC2 with an Application Load Balancer (ALB).To reduce the load on the web servers, a SysOps administrator configures an Amazon CloudFront distribution with the ALB as the origin.After a week of monitoring the solution, the administrator notices that requests are still being served by the ALB and there is no change in the web server load.

What are possible causes for this problem?

(Choose two.)

CloudFront does not have the ALB configured as the origin access identity.

The DNS is still pointing to the ALB instead of the CloudFront distribution.

The ALB security group is not permitting inbound traffic from CloudFront.

The default, minimum, and maximum Time to Live (TTL) are set to 0 seconds on the CloudFront distribution.

The target groups associated with the ALB are configured for sticky sessions.

Explanations:

CloudFront does not require an origin access identity (OAI) for an ALB. OAI is typically used for S3 buckets, not ALBs.

If the DNS is still pointing to the ALB instead of the CloudFront distribution, requests will bypass CloudFront and go directly to the ALB, causing no reduction in load on the web servers.

The ALB security group does not need to permit inbound traffic specifically from CloudFront. It needs to permit inbound traffic from general IP ranges (which includes CloudFront IPs).

If the TTL is set to 0 seconds, CloudFront will treat every request as a cache miss and always forward traffic to the ALB, preventing any caching benefits.

Sticky sessions (also known as session affinity) would cause requests to be sent to the same server, but they wouldn’t prevent CloudFront from reducing the load on the web servers by caching.

Leave a Reply

Your email address will not be published. Required fields are marked *

three × four =