AWS Autoscaling with NetFoundry egress gateways


AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost. Using AWS Auto Scaling, it’s easy to setup application scaling for multiple resources across multiple services in minutes.  Learn more at


Netfoundry provides a way to launch gateway endpoint into an AWS autoscaling group.  This systems should be used to provide dynamic bandwidth capabilities in accessing AWS resources from external sources.  Using the metrics provided by AWS cloudwatch in combination with triggered events, the ASG (Auto Scaling Group) will add additional gateways to the group based on bandwidth consumption.


Use Case

The current use case for the version 1 release of the NetFoundry AWS autoscaling feature is for short lived session applications only.  The current system drops active sessions when auto scaling events occur(scale out/ scale in).  The capability of the auto scaling feature is being enhanced to provide long session use in version 2.




How to enable Auto Scaling

From the console select "Manage Networks"



Under "Manage Network Groups" select the hamburger menu on the side of the intended network:


Enable the feature by toggling the switch:




Launching an AWS Auto Scaling


If you have never added a gateway before please read: Introduction to Gateway Endpoints

Add a new Auto Scaling Gateway:



When prompted, Provide a "Name" and deployment "Region" for the resource & click "Create"

Once the resource has been created, click on the Cloudformation launch button:



The AWS console will prompt you to log in, if you are not already logged in.

The Cloudformation console will start with most of the fields filled out:


You must provide values for the following fields:

Keyname: A drop down list of available ssh public keys to associate with the EC2 instances in the Autoscaling group.

SubnetIds:  A multi select drop down list, allow you to select every subnet to allow the Autoscaling group to launch EC2 instances.  ***To ensure proper use of AWS autoscaling, NetFoundry recommends using subnets from different availability zones.


The default ASG parameters will trigger based on "Network-Out" throughput.  If the bandwidth threshold of 6125000 bytes has been exceeded by the combined metrics of the group, ASG will add an additional instance to compensate for the increased network load.  One gateway per 5 minute interval can be added up to the maximum of 8.  Once the traffic dissipates & the lower threshold of 125000 bytes is met, instances will be removed one at a time every 10 minutes until only one gateway remains.

Advance options can be set in the  "AutoScaling Parameters", You can use these to adjust the AWS ASG logic to match your application timing.



Once complete, Click on "I acknowledge that AWS CloudFormation might create IAM resources" & then click on "Create Stack" 



Your new AWS Autoscaling group is now complete.




Resources Created by Cloudformation

The Cloudformation stack will create the following resources:

Logical ID Type
AutoScalingGroup AWS::AutoScaling::AutoScalingGroup
AutoScalingIAMInstanceProfile AWS::IAM::InstanceProfile
AutoScalingIAMRole AWS::IAM::Role
ClientIdParameter AWS::SSM::Parameter
ClientSecretParameter AWS::SecretsManager::Secret
ClusterIdParameter AWS::SSM::Parameter
EnvironmentParameter AWS::SSM::Parameter
EventRule AWS::Events::Rule
GetParametersIAMPolicy AWS::IAM::Policy
LambdaFunction AWS::Lambda::Function
LambdaIAMRole AWS::IAM::Role
LaunchConfiguration AWS::AutoScaling::LaunchConfiguration
LifecycleHook AWS::AutoScaling::LifecycleHook
NetworkHigh AWS::CloudWatch::Alarm
NetworkIdParameter AWS::SSM::Parameter
NetworkLow AWS::CloudWatch::Alarm
PermissionForEventsToInvokeLambda AWS::Lambda::Permission
ScaleDownPolicy AWS::AutoScaling::ScalingPolicy
ScaleUpPolicy AWS::AutoScaling::ScalingPolicy






Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.