Is Kestrel sufficient for an asp.net core website running on AWS ECS behind an ALB?

Question

I'm getting ready to deploy an ASP.NET Core MVC website to production. The application will be deployed to AWS ECS (EC2 Container Service). Kestrel isn't recommended for serving traffic from the internet, and it is recommended that a reverse proxy sits in front. My question is, is an AWS ALB good enough? It does SSL termination, load balancing, and supports HTTP/2 and WebSocket.

I believe that I'm giving up compression (to my knowledge neither ALB or Kestrel supports it). What is missing from this setup? Should I be looking at an additional reverse proxy (haproxy/nginx)? The additional complexity is enough that I don't want to go down that route if I don't have to.

Answer 1

If you don't need compression (it has small SEO advantages), you are good to go.

There are a few things to note about your kestrel application which im sure you are aware of when placing it behind a referse proxy:

• The notion of request url is gone: since the proxy forwards the request the request url is always the proxy itself.
• Also the protocol will always be http and never https.
• Load balancer switches between applications every time, so things that worked fine (that didnt work fine but you didnt realize) with static properties now might fall over.

The downside of ALB i can image could be that you have no control over how load balancing is happening. If this is not an issue for you than i think pretty much any reverse proxy should be fine for you. (you can even make a simple reverse proxy in nodejs if you like).