Network load balancers
In this article:
Network load balancers#
Load balancers distribute inbound traffic among virtual machines for more even load distribution. Traffic is received by listeners and forwarded to target groups, where it is then distributed among targets.
Note
You can create up to 50 load balancers per project. Every balancer can have up to 50 listeners.
Load balancer operations#
For load balancer to operate, in addition to the load balancer itself, you should create at least one listener and an associated target group with at least one resource. Listeners and target groups can be created together with a load balancer. However, it is more handy to create target groups separately. You can add listeners after the load balancer has been created.
Note
You can also create a balancer and associate it with an existing target group in the Target Groups section.
Create network load balancer#
To create a network load balancer:
Go to the Load balancing section Load balancers and click Create.
Set the basic parameters of the balancer:
Type – The load balancer type. Now, the only supported type is NLB, i.e. network load balancer.
Name – The load balancer name. The name must not be longer than 32 characters, can only contain Latin letters, numbers and hyphens, and must not start or end with a hyphen.
Scheme – This setting defines which clients the load balancer can work with. In case of the
internalscheme, the load balancer handles requests to internal addresses only from clients in the same VPC. In case of theinternet-facingscheme, the load balancer can handle requests to external addresses from any clients in the Internet.
To go to the next step, click Next.
Specify the network mapping parameters:
VPC – VPC in which the load balancer will be placed. All other balancer components, such as target groups and targets, must be created in the same VPC.
Subnet – Subnet in which the network interface of the load balancer will be created.
Private IP or Elastic IP – IP address that will be assigned to the network interface depending on the scheme you have selected. If you select the
internalscheme, specify an internal IP address from the selected subnet, while in case of theinternet-facingscheme, specify an external Elastic IP address. You can also leave this field empty, in which case the IP address will be assigned automatically.
To map subnets in other availability zones to the balancer, click Add subnet.
To go to the next step, click Next.
Add listeners and associate target groups with them. You may skip this step and add listeners later.
Protocol – Protocol whose traffic the listener will receive. A load balancer can have both TCP and UDP traffic listeners simultaneously.
Port – Port which the listener receives traffic at.
Forwarding to – This option allows you to associate a target group with the listener. You can select an
existing target groupfrom the list or add anew target group. In the latter case, specify the target group name, port the traffic is forwarded to, and targets included in the group.Note
Targets must be in the same availability zones as the subnets selected in the previous step.
To add a listener, click Add
If necessary, you can add more listeners right away by repeating the steps above, or you can delete unnecessary ones by clicking Delete listeners.
To go to the next step, click Next.
Check balancer settings. If you need to change any of them, go back to the corresponding step. If everything is OK, click Create to create the balancer.
It may take some time for the balancer to check health of the targets (if those are specified). The health check duration depends on the health check settings for the target groups.
Note
To start the balancer, you need to specify neither a listener nor targets. However, if those are not specified, the balancer will not handle traffic, even when in the Active state.
Map subnet#
When a subnet is mapped to a balancer, a network interface is created in this subnet. The mapped subnet and corresponding interface can be neither changed nor deleted. However, you can map the load balancer to subnets from those availability zones where the load balancer does not have a network interface yet.
To add a subnet:
Go to the Load balancing section Load balancers.
Select the load balancer from the table and click Map subnet. Alternatively, click the load balancer name to go to its page and click Map subnet in the Information tab.
Specify the network mapping parameters:
Subnet – Subnet in which an additional network interface of the load balancer will be created. It must be in the same VPC as the subnets you have already mapped.
Private IP or Elastic IP – IP address that will be assigned to the network interface depending on the scheme you have selected. In case of the
internalscheme, specify an internal IP address from the selected subnet, while in case of theinternet-facingscheme, specify an external Elastic IP address. You can also leave this field empty, in which case an IP address will be assigned automatically.
To map other subnets to the balancer, click Add subnet.
To map subnets, click Map.
Delete load balancer#
Together with the balancer, all listeners belonging to it are deleted. However, deleting a balancer does not affect the associated target groups and their targets.
To delete a load balancer:
Go to the Load balancing section Load balancers.
Select the load balancer from the table and click Delete. Alternatively, click the load balancer name to go to its page and click Delete in the Information tab.
Confirm the action.
Listener operations#
Add listener#
Note
You can also add a listener for the target group in the Target Groups section.
To add a listener:
Go to the Load balancing section Load balancers.
Select the load balancer from the table and click Add listener. Alternatively, click the load balancer name to go to its page, open the Listeners tab, and click Add.
Add listeners and associate target groups with them.
Protocol – Protocol whose traffic the listener will receive. A load balancer can have both TCP and UDP traffic listeners simultaneously.
Port – Port which the listener receives traffic at.
Forwarding to – This option allows you to associate a target group with the listener. You can select an
existing target groupfrom the list or add anew target group. In the latter case, specify the target group name, port the traffic is forwarded to, and targets included in the group.
To add a listener, click Add.
If you need to add more listeners, repeat the above steps.
Modify listener settings#
Unlike the balancer creation wizard or the listener adding dialog, you cannot create a target group when modifying listener settings. If you want a listener to forward traffic to a new target group, create it first.
To change the listener settings:
Go to the Load balancing section Load balancers.
Click the load balancer name to go to its page and open the Listeners tab.
Select the listener from the table and click Modify.
Change the listener settings you need:
Protocol – Protocol whose traffic is to be received by the listener.
Port – Port which the listener receives traffic at.
Forwarding to – Target group to which the listener will forward traffic.
To apply settings, click Change.
Delete listener#
Deleting a listener does not affect the associated target group or its targets. After deleting a listener, you can associate its target group with another listener, including the one belonging to another load balancer.
Go to the Load balancing section Load balancers.
Click the load balancer name to go to its page and open the Listeners tab.
Select the listener from the table and click Delete.
Confirm the action.
Using DNS with load balancers#
User traffic is routed to the load balancer using its DNS name. A domain name is generated for each balancer when it is created.
The DNS name of an internet-facing load balancer looks as follows: <name>-<nlb-id>.nlb.cloud.ngn.com.tr, while that of an internal load balancer looks as follows: <name>-<nlb-id>.nlb.<vpc-id>.internal.
Note
The domain name of an internal load balancer is resolved only by a DNS server inside the respective VPC.
Traffic forwarding#
If a user domain (for example, service1.example.com) needs to be forwarded to a load balancer, then create a DNS resource record of the CNAME type in the example.com zone and specify the DNS name of the balancer, for example:
private-service.example.com. IN CNAME service1.lb-12345678.nlb.cloud.ngn.com.tr.
public-service.example.com. IN CNAME service2.lb-90abcdef.nlb.vpc-12345678.internal.
Availability improvement#
Load balancers do not currently support automatic traffic distribution across multiple availability zones. To improve service availability, you can include resources from multiple availability zones into a target group. To do this, when creating a load balancer, specify a subnet in each availability zone where the targets are placed. This will create a load balancer that is available at multiple IP addresses (public in case of an internet-facing network load balancer or private in case of an internal network lood balancer).
Traffic coming to a specific IP address of the balancer is routed by the listener to targets in the same availability zone as the network interface of the load balancer to which this IP address is assigned. To distribute inbound traffic between several IP addresses and, accordingly, availability zones, you can use the DNS name of the balancer. If an availability zone has at least one target in the OK state, then the IP address of the balancer instance from this availability zone is added to DNS. For example, if the balancer is running in three availability zones and each of them has at least one available target, then a DNS name request will return all three IP addresses at once in random order.
In case of failure, the balancer instance is recovered automatically by the cloud tools.
DNS records for a specific availability zone#
If a balancer has its instances in multiple availability zones and its traffic needs to be forwarded to an instance in a specific availability zone, then zonal DNS records can be used. Such a record is created when a subnet is added for the balancer. Thus, for example, for an internet-facing load balancer with subnets in two availability zones, az1 and az2, the DNS names will be as follows:
az1.service1.nlb-12345678.nlb.cloud.ngn.com.tr. IN A 192.0.2.1
az2.service1.nlb-12345678.nlb.cloud.ngn.com.tr. IN A 192.0.2.2
For comparison, global DNS records look like this:
service1.nlb-12345678.nlb.cloud.ngn.com.tr. IN A 192.0.2.1
service1.nlb-12345678.nlb.cloud.ngn.com.tr. IN A 192.0.2.2
DNS records for availability zones always return one and the same IP address, regardless of the state of the targets.
If all targets in an availability zone are unavailable, then traffic forwarded to the corresponding balancer instance according to the DNS record will not be handled until at least one target returns to the OK state.
Load balancer information#
The resource page displays data about the target group, its listeners, and network interfaces. To open a specific load balancer page, go to the Load balancing section Load balancer and click its name in the resource table.
The Information tab shows general information about the load balancer:
balancer name;
creation date;
state;
balancer type;
scheme in use;
VPC where the balancer was created;
availability zones where there are network interfaces of the balancer;
the number of listeners;
the number of network interfaces.
In addition, here you can map subnets to a balancer and delete it.
The Listeners tab displays a list of listeners in use along with the following information:
port to which traffic comes;
protocol in use;
action to be taken with the link to the target group.
Note
In case of network load balancers, each listener supports only one action – forwarding traffic to a specified target group.
In addition, here you can add a listener, change its settings, and delete it.
The Network Interfaces tab displays the list of network interfaces used by the load balancer, with the following information:
network interface ID;
brief description;
state;
subnet;
availability zone;
VPC;
IP address.
Depending on the balancer scheme selected, either its private IP address or the assigned Elastic IP address is displayed.