Create and manage Application Load Balancer

Prev Next

Available in VPC

Application Load Balancer is a Load Balancer with a more flexible configuration for web applications that use HTTP or HTTPS. It provides a static IP, enables URL-based branching, and provides 3 load balancing algorithms.

Create Application Load Balancer

To create an Application Load Balancer, follow these steps:

  1. Access the NAVER Cloud Platform console.
  2. Click Services > Networking > Load Balancer in order.
  3. Click the Load Balancer menu.
  4. Click [Create Load Balancer] > [Create Application Load Balancer] in order.
  5. When the create Load Balancer screen appears, proceed with the following steps in order:
Note

The 3. Set certificate step appears only when a listener is added with the HTTPS protocol in the 2. Create Load Balancer (set listener) step.
If you added listeners only with HTTP protocol, the 3. Set certificate step does not appear. Skip the step and proceed in order.

1. Create Load Balancer

Enter the information for the Application Load Balancer you want to create, and the click [Next] button.

  • Network: select the network type for Load Balancer.

    • Private IP: it processes the load balancing from the internal server using a Private IP within VPC. It cannot be accessed from outside VPC.
    • Public IP: the Public IP is set to allow calling from outside VPC or the Internet. It processes the load balancing, and you can utilize it by connecting with the domains or CDN services of customers using the random domain provided with the Public IP.

  • Load processing capacity: select the size of Load Balancer depending on the load processing capacity.

    • You can select a Small, Medium, Large, or Extra-large option based on the load processing capacity.
    • Each size can handle at least 30,000/60,000/90,000/120,000 loads, respectively, based on connections per second (CPS).
    • Due to SSL offloading, HTTPS is expected to have roughly 1/10th of the capacity compared to HTTP, although this can vary based on the authentication key method and size.

  • Target VPC: select the VPC to create a Load Balancer in.

  • Select subnet: select the Zone and Subnet to use to create the Load Balancer.

    Caution
    • The selected Zone and Subnet cannot be changed after the Load Balancer creation is completed.
    • Create and select a dedicated Subnet.
    • You can only select the Subnet included in the VPC you selected from Target VPC.
      • If you select Private IP, you can only select the Subnet created with a Private Load Balancer Subnet.
      • If you select Public IP, you can only select the Subnet created with Public Load Balancer Subnet.
      • For more information on how to create Subnets, see Create Subnet.
    • You do not need to create separate Subnets for each Load Balancer, however, we recommend a Subnet in the C Class (255.255.255.0) scale.

  • Public IP: select a Public IP that you possess or subscribe to a new Public IP.

2. Create Load Balancer (set listener)

  1. Select the protocol (HTTP/HTTPS) that the basic listener of Load Balancer will operate with.
  2. Set up the port to which the basic listener of Load Balancer will bind.
  3. Click the [Add] button.
    • A listener is added.
    • Repeat steps 1 to 3 to add multiple listeners.
    • To delete an added listener, click the [Delete] button.
  4. Click the [Next] button.

3. Set certificate

Note

Set certificate appears only when a listener is added in 2. Create Load Balancer (set listener) with the HTTPS protocol.

  1. Select the appropriate certificate for the service from those registered in Certificate Manager.
Note

Only RSA-2048 or higher, or ECDSA P256 public key algorithm certificates are supported.

  1. Select the TLS protocol version at the TLS minimum support version.
    • You can select from TLSv1.0, TLSv1.1, and TLSv1.2.
  2. Select the Cipher Suite that the HTTPS listeners will support in Set Cipher Suite.
    • You can select the encryption feature for the Load Balancer to provide at the encryption negotiation with the client.
    • You can select Select All to select all Cipher Suites available.

4. Select target group

Select the target group to apply load balancing and click the [Next] button.

  • To do this, the target group must be created in advance. If there is no created target group, click the [Create target group] button to create a target group. (See Create target group)
  • Among target groups created, only target groups that can be connected are displayed.
    • Application Load Balancer can only select a target group created with HTTP or HTTPS protocol.
Caution

The bandwidth of Load Balancer Subnet must be added to ACG of the bound server and NACL as an access source and allowed port.

5. View setting information

View the setting information for Load Balancer and click the [Create Load Balancer] button.

Manage Application Load Balancer

You can change the Load Balancer, Subnet, and listener settings for the created Application Load Balancer and view the monitoring information as a graph.

Note

You can change the server applied to Load Balancer in the Target Group menu. For more information, see Target setting.

Set Application Load Balancer

To view the setting information and change the setting for Load Balancer, follow these steps:

  1. On the NAVER Cloud Platform console, click Services > Networking > Load Balancer in order.
  2. Click the Load Balancer menu.
  3. Select the Load Balancer to view or change the setting information and click the [Change Load Balancer settings] button.
    • The change Load Balancer settings popup window appears and you can view the setting information of the Load Balancer.
  4. After applying changes, click the [OK] button.
    • You can change load processing capacity.
      • You can select a Small, Medium, Large, or Extra-large option based on the load processing capacity.
      • Each size can handle at least 30,000/60,000/90,000/120,000 loads, respectively, based on connections per second (CPS).
      • Due to SSL offloading, HTTPS is expected to have roughly 1/10th of the capacity compared to HTTP, although this can vary based on the authentication key method and size.
    • You can change the Idle Timeout.
    • You can change whether access log collection is enabled.

      • To change whether access log collection is enabled, click the [Set] button.

      • Once you enable access log collection, logs from incoming traffic requests processed by the Load Balancer are forwarded to Cloud Log Analytics (CLA) for storage. CLA stores up to 100 GB of data for a period of up to 1 month. To store logs permanently, you can enable Auto export settings to save them in Object Storage.

      • To enable the access log collection, you must first subscribe to CLA. If you cancel the CLA subscription, no further logs will be collected.

      • The following table describes the fields of access log items in order. All fields are separated by spaces.

        Field Description
        HTTP Version HTTP version
        <Example>: HTTP/1.1
        client:port IP address and port of the requested client
        request_processing_time Total duration (ms) from the time the client sets a TCP connection to the time the Load Balancer receives the HTTP request sent by the client
        target_connection_time Run time (ms) that took to set the TCP connection from the Load Balancer to the Target
        target_response_time Duration (ms) from the time the TCP connection to the Target is established to the time the Load Balancer receives the HTTP response from the Target
        response_processing_time Duration (ms) of the session, excluding TCP connection time and HTTP request and response processing time
        target_status_code Target's response status codes
        received_bytes Request size received from client (Byte)
        sent_bytes Response size returned to client (Byte)
        HTTP method HTTP method
        <Example>: GET, POST, and so on
        "request"
        • Bound with double quotation marks
        • Recorded in host/uri+port format
        "user_agent"
        • Bound with double quotation marks
        • User agent strings for identifying a client sending a request
        • Strings consist of 1 or more product identifiers and products [/versions]
        • Strings are logged up to 8 KB
        ssl_cipher
        • [HTTPS] SSL encryption algorithm
        • Set to "-" if it is not the HTTPS listener
          <Example>: AES-SHA
        ssl_version
        • [HTTPS] SSL version
        • Set to "-" if it is not the HTTPS listener
          <Example>: TLS v1
        request_creation_time Time the Load Balancer received requests from the client

Add Subnet

Note
  • When you create the Load Balancer, you can add a subnet only when you select 1 Zone and 1 Subnet.
  • Once you add a Subnet, it cannot be changed.

To add Zones and Subnets where Application Load Balancer will be placed, follow these steps:

  1. On the NAVER Cloud Platform console, click Services > Networking > Load Balancer in order.
  2. Click the Load Balancer menu.
  3. Select the Load Balancer you want to add a subnet to and click the [Change subnet] button.
    • The change Load Balancer subnet popup window appears, and you can view the setting information of the Load Balancer Subnet.
  4. Add Zones and Subnets and click the [OK] button.

Set listener

You can check the registered listeners on the change listener settings screen and manage them by adding, changing, or deleting listeners and rules.

To move listeners to the change settings page, follow these steps:

  1. On the NAVER Cloud Platform console, click Services > Networking > Load Balancer in order.
  2. Click the Load Balancer menu.
  3. Select the Load Balancer to change the listener setting and click the [Change listener settings] button.
    • When you move to the change listener settings screen, you can view the listeners you set upon creating the Load Balancer as a Default.

Add listener

To add listeners, follow these steps:

  1. Click the [Add listener] button on the change listener settings screen.

  2. Select the protocol for the listener you want to add.

    • If you selected HTTPS, click and select the HTTP/2 check box to enable HTTP/2.
    Note

    HTTP/2 is the second version of the HTTP protocol developed by Internet Engineering Task Force (IETF). It reduces the load latency for web pages by applying various methods, including HTTP header data compression, server push technology, and multiplexing 1 TCP connection for multiple requests.

  3. Enter the port number that the listener will bind to.

  4. If you selected HTTPS, select the following items:

    • Select the appropriate certificate for the service from those registered in Certificate Manager.
    • Select the TLS protocol version.
      • You can select from TLSv1.0, TLSv1.1, and TLSv1.2.
    • Select the Cipher Suite that the HTTPS listener will support.
      • You can select the encryption feature for the Load Balancer to provide at the encryption negotiation with the client.

  5. Select the target group the listener's traffic will be forwarded to.

  6. Click [OK].

Change listener

To change listeners, follow these steps:

  1. Click the [Change listener] button on the change listener settings screen.
  2. To apply changes, see Add listener.
  3. Click [OK].

Delete listener

Note
  • Only if the Load Balancer is in the Operatingstatus, you can delete a listener.

To delete a listener, follow these steps:

  1. Select the listener you want to delete on the change listener settings screen.
  2. Click the [Delete listener] button.
  3. Check the content on the delete listener popup window and click the [Delete] button.
    • The selected listener is deleted.

View rules

You can view the registered rules on the view/change rules screen.

Rules have the following characteristics:

  • Each rule consists of a conditional clause and action
  • You cannot delete the Default rules
  • The rules are applied in priority order, and unapplied traffic operates following the Default rules

To view registered rules, follow these steps:

  1. Select the listener you want to view on the change listener settings screen.
  2. Click the [View/change rules] button.
    • Move to the View/change rules screen.

Add rules

To add rules, follow these steps:

  1. Select the listener to add rules to on the change listener settings screen and click the [View/change rules] button.
  2. Click the [Add rules] button on the View/change rules screen.
  3. Enter the priority of the rule.
    • A number between 1 and 9999 can be entered as the priority.
  4. Select the condition and click the [Add] button.
    • For condition types, you can select from Host Header, HTTP Header and Path Pattern.
    • The combined values of Host Header, HTTP Header and Path Pattern cannot exceed 50.
      • Host Header
        • You can enter up to 68 characters.
      • HTTP Header
        • The Header name and value are not case sensitive.
        • The Header name can be up to 40 characters long, while the Header value can be up to 128 characters long.
        • You can enter letters, numbers, hyphens, and underscores for the Header name.
        • You are restricted from entering a reserved word ("host") for the Header name.
        • All characters, except for ASCII control characters (0x00 to 0x1f and 0x7f) are allowed for the Header value. (Note that ? and * are applied as wild cards.)
        • You can enter up to 5 values for each Header name.
      • Path Pattern
        • You can enter up to 128 characters for Path Pattern.
  5. Enter the condition and click the [Add] button.
    • Each conditional clause is operated by And.
    • Each conditional clause of the Host Header and Path Pattern conditions is operated by Or.
    • <Example>: if you add aaa.com and bbb.com to Host Header's conditional clause and add /ccc and /ddd to the Path Pattern's conditional clause, the final condition for the rule to act becomes (aaa.com or bbb.com) and (/ccc or /ddd).
  6. Set the action.
    • You can only select 1 type between Target Group and Redirection for the action type.
    • If the action is a Target Group type, you can designate multiple target groups to give different weightings.
      • <Example>: if you assign 10 weightings to TestTG01 and 90 to TestTG02, the traffic will be distributed at a 1:9 ratio.
    • If the action is a Redirection type, all Requests that match the conditions are forwarded to another URL.
      • For Status Code (ResponseCode), both 301 and 302 are available.
      • You can perform Redirection to the request protocol without modification using #{protocol} of the Protocol dropbox.

Change rules

To change rules, follow these steps:

  1. Select the listener you wish to change a rule for on the change listener settings screen and click the [View/change rules] button.
  2. Select the rule to change on the view/change rules screen and click the [Change rules] button.
  3. To apply changes, see Add rules.
  4. Click [OK].

Delete rules

Note
  • Default rules cannot be deleted. If a default rule is included in the selected rule, the [Delete rules] button is disabled.
  • Even if you delete the rules, the target groups selected for action are not deleted.

To delete a rule, follow these steps:

  1. Select the listener to delete a rule from on the change listener settings screen and click the [View/change rules] button.
  2. Select the rule you wish to delete on the view/change rules screen and click the [Delete rules] button.
  3. Check the content on the delete rules popup window and click the [Delete] button.
    • The selected rule is deleted.

Monitoring Application Load Balancer

You can view the regularly collected information for Concurrent connection, Connection per Second, Traffic In, Traffic Out, Available Host Count, and Unavailable Host Count for the selected cycle each as a graph.

Note

The collection cycle varies depending on the selected period. Monitoring information collected by handling load balancing can be set up and viewed for durations ranging from at least 1 minute to 1 year.

Aggregation interval View period
1-minute cycle Up to 6 hours
5-minute cycle Up to 1 day
30-minute cycle Up to 1 week
2-hour cycle Up to 1 month
1-day cycle 1 month exceeded

To view the monitoring information of the Application Load Balancer, follow these steps:

  1. On the NAVER Cloud Platform console, click Services > Networking > Load Balancer in order.
  2. Click the Load Balancer menu.
  3. Select a Load Balancer to monitor and click the [Monitoring] button.
    • The basic monitoring popup window for the Load Balancer appears, allowing you to view the monitoring information as graphs.
    • Select the period to view the monitoring information collected for the selected period.
    • Click the [Refresh] button to refresh the viewed graphs.
    • Click i_loadbalancer_enlargement to view an extended graph and click the [x] button to download the collected monitoring information as an Excel file.

Delete Application Load Balancer

Caution

If you delete a Load Balancer, rules set to the Route Table are also deleted. If you are using the Route Table rules in another service, they may not function normally after deleting a Load Balancer.

To delete an Application Load Balancer, follow these steps:

  1. On the NAVER Cloud Platform console, click Services > Networking > Load Balancer in order.
  2. Click the Load Balancer menu.
  3. Select a Load Balancer to delete and click the [Delete Load Balancer] button.
  4. Check the content in the delete Load Balancer popup window and click the [Delete] button.
    • The selected Load Balancer is deleted.
    • The public IP in use can be returned together. The unreturned IPs can be reassigned.