β€œπŸŒπŸŒŸBeginner’s Guide to Load Balancing on AWS Using NGINX and ALB”

Gujjar ApurvGujjar Apurv
9 min read

πŸ”° Introduction

In this guide, I’ll walk you through how I deployed a basic NGINX web server setup using AWS services like EC2, ALB, Subnets, and VPC. Each server displays a simple custom message and the traffic is distributed using an Application Load Balancer. This small project helped me and you understand how load balancing works in AWS and how to connect multiple EC2 instances behind an ALB.

πŸ“‘ Index / Table of Contents

  1. Introduction
     – Brief about the project and objective

  2. Architecture Overview
     – Visual diagram
     – Basic AWS services used

  3. VPC and Subnet Setup
     – Create custom VPC
     – Create 3 public subnets (in 3 AZs)
     – Enable auto-assign public IP

  4. Internet Gateway and Routing
     – Create and attach IGW
     – Route Table setup and association with subnets

  5. Security Groups Configuration
     – ALB Security Group
     – EC2 Security Group

  6. Launching EC2 Instances
     – 3 Ubuntu instances
     – Subnet & AZ mapping
     – Key pair and public IPs

  7. Installing NGINX on EC2
     – Commands to install & start NGINX
     – Enable on boot

  8. Customizing Web Content
     – Unique message per server (Server 1, Server 2, Server 3)

  9. Creating Application Load Balancer (ALB)
     – ALB across all 3 subnets
     – Target group (port 80)
     – Health checks & registration

  10. Testing the Setup
     – Access via ALB DNS
     – Load balancing behavior

  11. Conclusion

🧩 1. Introduction

In this small project, I worked on deploying a simple web server setup using NGINX on EC2 instances behind an Application Load Balancer (ALB) in AWS. The goal was to understand how to:

  • Launch EC2 instances across multiple subnets

  • Install and configure NGINX on Ubuntu servers

  • Set up an ALB to distribute incoming traffic

  • Serve custom responses from each EC2 to test load balancing

Each server was placed in a different Availability Zone and returned a different message like β€œServer 1”, β€œServer 2”, and β€œServer 3” to help visualize ALB routing.

This project is ideal for beginners who want hands-on experience with core AWS services like EC2, VPC, Subnets, IGW, Security Groups, and ALB.

πŸ—ΊοΈ 2. Architecture Overview

This project is built using basic yet important AWS services that work together to host a simple web application and distribute traffic across multiple servers.


🧱 Main AWS Services Used:

  • VPC – Custom Virtual Private Cloud to isolate the network

  • Subnets – 3 public subnets across different Availability Zones (AZs)

  • Internet Gateway (IGW) – Allows internet access to instances

  • Route Table – Connects subnets to the IGW for public access

  • EC2 Instances (Ubuntu) – Hosts NGINX and serves static content

  • Security Groups – Control inbound/outbound traffic to ALB and EC2

  • Application Load Balancer (ALB) – Distributes HTTP traffic to EC2s

  • Target Group – Links ALB to backend EC2 instances


πŸ–ΌοΈ Architecture Diagram:

This setup ensures that any request to the ALB is routed to one of the EC2 instances in a round-robin fashion. You can test this by hitting the ALB DNS in a browser and seeing different responses.

🌐 3. VPC and Subnet Setup

The first step in deploying any AWS infrastructure is creating a VPC (Virtual Private Cloud), which acts like your private network in the cloud.

In this setup, we create one VPC and divide it into 3 public subnets, each in a different Availability Zone (AZ) for better availability and distribution.


🧱 3.1 Create Custom VPC

  1. Go to the VPC Dashboard in AWS.

  2. Click β€œCreate VPC” and choose VPC only.

  3. Enter:

    • Name: server-vpc

    • IPv4 CIDR block: 10.0.0.0/16

    • Leave IPv6 and other options as default.

  4. Click Create VPC.


🌍 3.2 Create 3 Public Subnets

Now create three subnets in different AZs:

Subnet NameAZCIDR Block
Subnet-1ap-south-1a10.0.1.0/24
Subnet-2ap-south-1b10.0.2.0/24
Subnet-3ap-south-1c10.0.3.0/24

For each subnet:

  1. Go to Subnets β†’ Create subnet

  2. Select the VPC you created.

  3. Assign AZ, name, and CIDR.

  4. βœ… Enable Auto-assign public IPv4 for each subnet (important for public access).

🌐 4. Internet Gateway and Routing

To allow EC2 instances in public subnets to connect to the internet (for updates, package installs, etc.), we need two things:

  • An Internet Gateway (IGW)

  • A Route Table that connects subnets to the IGW


πŸ”Œ 4.1 Create and Attach Internet Gateway (IGW)

  1. Go to VPC Dashboard β†’ Internet Gateways

  2. Click Create Internet Gateway

    • Name: server-igw
  3. Once created, click Actions β†’ Attach to VPC

    • Select your VPC (server-vpc)

    • Click Attach


🧭 4.2 Create Route Table for Public Access

  1. Go to Route Tables β†’ Create route table

    • Name: Public-RT

    • Select your VPC (My-VPC)

  2. Click Create


βž• 4.3 Add Route to IGW

  1. Open Public-RT β†’ Go to Routes β†’ Edit routes

  2. Click Add route

    • Destination: 0.0.0.0/0

    • Target: Select your Internet Gateway (My-IGW)

  3. Click Save changes


πŸ”— 4.4 Associate Route Table to Public Subnets

  1. Open Public-RT β†’ Go to Subnet Associations

  2. Click Edit subnet associations

  3. Select all 3 public subnets:

    • Subnet-1 (10.0.1.0/24)

    • Subnet-2 (10.0.2.0/24)

    • Subnet-3 (10.0.3.0/24)

  4. Save

πŸ” 5. Security Groups Configuration

Security Groups (SGs) in AWS act like virtual firewalls that control inbound and outbound traffic to your EC2 instances and Load Balancer.
We’ll create two separate SGs β€” one for the ALB and one for the EC2 instances.


πŸ›‘οΈ 5.1 Create ALB Security Group

This SG allows the ALB to accept incoming HTTP requests from the internet.

  1. Go to EC2 β†’ Security Groups β†’ Create Security Group

  2. Name: ALB-SG

  3. Description: Allows HTTP access from anywhere

  4. VPC: Select server-vpc

  5. Add Inbound Rule:

    • Type: HTTP

    • Port: 80

    • Source: Anywhere (0.0.0.0/0)

  6. Leave outbound as default

  7. Click Create Security Group


πŸ–₯️ 5.2 Create EC2 Security Group

This SG allows EC2 instances to accept traffic only from the ALB, not directly from the internet.

  1. Create another SG: EC2-SG

  2. Description: Allows HTTP from ALB only

  3. VPC: Select My-VPC

  4. Add Inbound Rule:

    • Type: HTTP

    • Port: 80

    • Source: Custom

    • Select ALB-SG as source (it will show in the dropdown)

  5. Click Create Security Group


πŸ”„ Attach SGs to Resources

  • While creating the ALB, attach ALB-SG

  • While launching each EC2 instance, attach EC2-SG

πŸ’» 6. Launching EC2 Instances

Now that our networking and security are in place, it's time to launch 3 EC2 instances one in each public subnet β€” to host our NGINX web servers.

We’ll use Ubuntu 22.04 as the OS for simplicity and compatibility.


πŸ”Έ 6.1 Launch EC2 Instances (Repeat 3 Times)

  1. Go to EC2 β†’ Instances β†’ Launch Instance

  2. Enter:

    • Name: Server-1 (change to Server-2 and Server-3 for others)

    • AMI: Ubuntu Server 22.04 LTS (64-bit)

    • Instance type: t2.micro (free tier eligible)

  3. Key Pair: Select an existing one or create a new one
    (Make sure to download and keep the .pem file safe)


πŸ“ 6.2 Network Settings per Instance

For each instance:

Server NameSubnetAvailability Zone
Server-1Subnet-1ap-south-1a
Server-2Subnet-2ap-south-1b
Server-3Subnet-3ap-south-1c
  • Auto-assign Public IP: Enabled βœ…

  • Security Group: Attach the EC2-SG you created earlier


🟒 6.3 Launch All Instances

  1. Launch each instance with its respective subnet

  2. Wait for running status

  3. Copy the public IP of each instance (we’ll use them to SSH and install NGINX)

πŸ”§ 7. Installing NGINX on EC2

After your EC2 instances are running, SSH into each one and install NGINX:

# Update and install NGINX
sudo apt update -y
sudo apt install nginx -y

# Start NGINX and enable on boot
sudo systemctl start nginx
sudo systemctl enable nginx

Repeat the above steps on all 3 EC2 instances.


🎨 8. Customizing Web Content

We want each EC2 instance to return a unique message (e.g., Server 1, Server 2, etc.) so we can test the ALB behavior.

On Server 1:

echo "Server 1" | sudo tee /var/www/html/index.nginx-debian.html

On Server 2:

echo "Server 2" | sudo tee /var/www/html/index.nginx-debian.html

On Server 3:

echo "Server 3" | sudo tee /var/www/html/index.nginx-debian.html

βš™οΈ 9. Creating Application Load Balancer (ALB)

Now we create an Application Load Balancer that will distribute incoming traffic across the 3 servers.

πŸ”Ή ALB Setup:

  1. Go to EC2 β†’ Load Balancers β†’ Create Load Balancer

  2. Choose Application Load Balancer

  3. Enter:

    • Name: server-alb

    • Scheme: Internet-facing

    • Listeners: HTTP (Port 80)

  4. Availability Zones: Select your VPC and the 3 subnets:

    • Subnet-1 (ap-south-1a)

    • Subnet-2 (ap-south-1b)

    • Subnet-3 (ap-south-1c)

  5. Attach ALB-SG as the security group.


πŸ”Έ Target Group Setup:

  1. Create a new Target Group

    • Target type: Instances

    • Protocol: HTTP

    • Port: 80

  2. Register all 3 EC2 instances

  3. Keep health checks as default (or use /)

Once done, the ALB will start running and routing traffic.


πŸ” 10. Testing the Setup

After your ALB status is active:

  1. Go to Load Balancers β†’ Select your ALB

  2. Copy the DNS name (e.g., my-alb-123456789.ap-south-1.elb.amazonaws.com)

  3. Open it in your browser:

http://<your-alb-dns>

πŸŒ€ Refresh multiple times β€” you should see:

  • Server 1

  • Server 2

  • Server 3

This confirms round-robin load balancing is working across your EC2 instances

βœ… Conclusion

In this hands-on project, we successfully created a load-balanced web server architecture on AWS using core services like VPC, EC2, Subnets, Security Groups, and an Application Load Balancer (ALB).

Each EC2 instance ran NGINX, hosted a unique web page, and was deployed in a separate Availability Zone, ensuring high availability and better traffic distribution. The ALB handled incoming traffic and distributed it across the servers in a round-robin fashion β€” a basic yet powerful demonstration of load balancing on AWS.

This project gave me a practical understanding of:

  • How networking works in AWS (VPC, Subnets, IGW, Routing)

  • How to configure EC2 and secure them with Security Groups

  • How to use ALB to manage and balance web traffic

  • How to test and validate a real cloud setup end-to-end

πŸ‘¨β€πŸ’» About the Author

This series isn't just about using AWS; it's about mastering the core services that power modern cloud infrastructure.


πŸ“¬ Let's Stay Connected

1
Subscribe to my newsletter

Read articles from Gujjar Apurv directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Gujjar Apurv
Gujjar Apurv

Gujjar Apurv is a passionate DevOps Engineer in the making, dedicated to automating infrastructure, streamlining software delivery, and building scalable cloud-native systems. With hands-on experience in tools like AWS, Docker, Kubernetes, Jenkins, Git, and Linux, he thrives at the intersection of development and operations. Driven by curiosity and continuous learning, Apurv shares insights, tutorials, and real-world solutions from his journeyβ€”making complex tech simple and accessible. Whether it's writing YAML, scripting in Python, or deploying on the cloud, he believes in doing it the right way. "Infrastructure is code, but reliability is art."