Create and manage Application Load Balancer
    • PDF

    Create and manage Application Load Balancer

    • PDF

    Article Summary

    Available in VPC

    Application Load Balancer is a Load Balancer with a more flexible configuration for web applications that use HTTP or HTTPS. It provides a fixed IP, enables URL-based branching, and provides 3 load balancing algorithms.

    Create Application Load Balancer

    To create an Application Load Balancer, follow these steps:

    1. Access NAVER Cloud Platform console.
    2. Click Services > Networking > Load Balancer, in order.
    3. Click the Load Balancer menu.
    4. Click [Create Load Balancer] > [Create Application Load Balancer] in order.
    5. When the create Load Balancer screen appears, proceed with the following steps in order:
    Note

    The 3. Set Certificate step appears only when a listener is added with the HTTPS protocol in the 2. Create Load Balancer (set listener) step.
    If you added listeners only with HTTP protocol, the 3. Set Certificate stage does not appear. Skip the stage and proceed in order.

    1. Create Load Balancer

    Enter the information for the Application Load Balancer you wish to create and click the [Next] button.

    • Network: select the network type for Load Balancer.

      • Private IP: it processes the load division from the internal server using a Private IP within VPC. It cannot be accessed from outside.
      • Public IP: the Public IP is set to allow calling from outside VPC or Internet. It processes the load division. You can utilize it by connecting with domains or CDN services of the customers using the random domain provided with the Public IP.
    • Load control capacity: select the size of the Load Balancer depending on the load control capacity.

      • You can select Small/Medium/Large considering the load control capacity.
      • Each size can handle at least 30,000/60,000/90,000 loads, respectively, based on connections per minute (CPS).
      • HTTPS is an SSL Offloading. 1/10 of HTTP’s capacity is expected, however, it may vary by the authentication key method or size.
    • Target VPC: select the VPC to create a Load Balancer in.

    • Select subnet: select the Zone and Subnet to use to create the Load Balancer.

      Caution
      • The selected Zone and Subnet cannot be changed after creating the Load Balancer.
      • Create and select a dedicated Subnet. If the Load Balancer is located in the same Subnet with the server, it does not process the load to the server.
      • You can only select the Subnet included in the selected VPC you chose as Target VPC.
      • For the Singapore Region, you can select the Subnet by the selected network type.
        • If you chose Private IP, you can only select the Subnet created with a Private Load Balancer Subnet.
        • If you chose Public IP, you can only select the Subnet created with Public Load Balancer Subnet.
        • For more information about creating Subnets, see create Subnet.
      • You do not need to create separate Subnets for each Load Balancer, however, we recommend a Subnet in the C Class (255.255.255.0) scale.
    • Official IP: select a Public IP that you possess or subscribe a new Public IP.

    2. Create Load Balancer (set listener)

    1. Select the protocol (HTTP/HTTPS) that the basic listener of Load Balancer will operate with.
    2. Set up the port that the basic listener of Load Balancer will bind to.
    3. Click the [Add] button.
      • A listener is added.
      • Repeat steps 1 to 3 to add multiple listeners.
      • In order to delete an added listener, click the [Delete] button.
    4. Click the [Next] button.

    3. Set Certificate

    Note

    Set Certificate appears only when a listener is added with the HTTPS protocol in 2. Create Load Balancer (set listener).

    1. Select the suitable certificate for the service among the certificates registered in Certificate Manager.
    Note

    Only RSA-2048 or higher or ECDSA P256 public key algorithm certificates are supported.

    1. Select the TLS protocol version at TLS minimum support version.
      • You can select from TLSv1.0, TLSv1.1, and TLSv1.2.
    2. Select the Cipher Suite that the HTTPS listeners will support in set Cipher Suite.
      • You can select the encryption feature for the Load Balancer to provide at the encryption negotiation with the client.
      • You can select Select All to select all Cipher Suites available.

    4. Select Target Group

    Select the Target Group to apply load division and click the [Next] button.

    • To do this, the Target Group need to be created in advance. If there is no created Target Group, click the [Create Target Group] button to create a Target Group. (See create Target Group)
    • Among Target Groups created, only Target Groups that can be connected are displayed.
      • Application Load Balancer can only select a Target Group created with HTTP or HTTPS protocol.
    Caution

    The bandwidth of Load Balancer Subnet must be added to ACG of the bound server and NACL as an access source and allowed port.

    5. View setting information

    Check the setting information for Load Balancer and click the [Create Load Balancer] button.

    Manage Application Load Balancer

    You can change the Load Balancer, Subnet, and listener setting for the created Application Load Balancer and check the monitoring information as a graph.

    Note

    You can change the server applied to Load Balancer in the Target Group menu. For more information, see Target setting.

    Set Application Load Balancer

    To check the setting information and change the setting for Load Balancer, follow these steps:

    1. Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
    2. Click the Load Balancer menu.
    3. Select the Load Balancer to check or change the setting information and click the [Change Load Balancer settings] button.
      • The change Load Balancer settings popup window appears and you can view the setting information of the Load Balancer.
    4. After applying changes, click the [OK] button.
      • Load balancing performance can be changed.
        • You can select Small/Medium/Large considering the load control capacity.
        • Each size can handle at least 30,000/60,000/90,000 loads, respectively, based on connections per minute (CPS).
        • HTTPS is an SSL Offloading. 1/10 of HTTP’s capacity is expected, however, it may vary by the authentication key method or size.
      • You can change the Idle Time out.
      • Activation status of access log collection can be changed.
        • Click the [Set] button to change the activation status for access log collection.

        • Once you activate the access log collection, you can forward the logs occurred from the traffic request incoming through Load Balancer to Cloud Log Analytics (CLA) and save it. CLA stores the data up to 100 GB for a maximum of 1 month. To store it permanently you can save it to Object Storage via set automatic export for logs.

        • To activate the access log collection, you must subscribe to CLA in advance. If you cancel CLA service in the middle, the additional logs will not be collected.

        • The following table describes the fields of access log items in order: All fields are separated by spaces.

          FieldDescription
          HTTP VersionHTTP version
          <example> HTTP/1.1
          client:portIP address and port of the requested client
          request_processing_timeTotal duration (ms) from the time the Load Balancer received a request to the time it transferred the request to Target
          target_connection_timeRun time (ms) that took for setting the TCP connection from Load Balancer to Target
          target_response_timeDuration (ms) that took for sending the response from Target to Load Balancer
          response_processing_timeRun time (ms) that took for setting the TCP connection from Load Balancer to Target
          target_status_codeTarget's response status code
          received_bytesRequest size received from client (Byte)
          sent_bytesResponse size returned to client (Byte)
          HTTP methodHTTP method
          <example> GET, POST, etc.
          "request"
          • Bound with double quotation marks
          • Recorded in host/uri+port format
          "user_agent"
          • Bound with double quotation marks
          • User agent strings for identifying a client sending a request
          • Strings consist of one or more product identifiers and products[/versions]
          • Strings are logged up to 8 KB
          ssl_cipher
          • [HTTPS] SSL encryption algorithm
          • Set to "-" if it is not the HTTPS listener
            <example> AES-SHA
          ssl_version
          • [HTTPS] SSL version
          • Set to "-" if it is not the HTTPS listener
            <example> TLS v1
          request_creation_timeTime the Load Balancer received requests from the client

    Add Subnet

    Note
    • You can only add it if you select one Zone and Subnet when you created the Load Balancer.
    • Once a Subnet is added, it can't be changed.

    To add Zones and Subnets where Application Load Balancer will be placed, follow these steps:

    1. Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
    2. Click the Load Balancer menu.
    3. Select the Load Balancer you wish to add a subnet to and click the [Change subnet] button.
      • Change subnet popup window appears and you can view the setting information of the Load Balancer Subnet.
    4. After adding Zones and Subnets, click the [OK] button.

    Set listener

    You can check the registered listener on the change listener settings screen and add/change/delete them. You can view rules and add/change/delete them.

    To move listeners to the change settings page, follow these steps:

    1. Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
    2. Click the Load Balancer menu.
    3. Select the Load Balancer to change the listener setting and click the [Change listener settings] button.
      • When you move to the change listener settings screen, the listeners you set upon creating the Load Balancer show up as a Default.

    Add listener

    To add listeners, follow these steps:

    1. Click the [Add listener] button on the change listener settings screen.

    2. Select the protocol for the listener you wish to add.

      • If you chose HTTPS, click and select the HTTP/2 check box to activate HTTP/2.
      Note

      HTTP/2 is the second version of HTTP protocol developed by Internet Engineering Task Force (IETF). It reduces the load latency for web pages using various methods, including HTTP header data compression, server push technology, and multiplexing one TCP connection for many requests.

    3. Enter the port number that the listener will bind to.

    4. If you selected HTTPS, select the following items:

      • Select the suitable certificate for the service among the certificates registered in Certificate Manager.
      • Select the TLS protocol version.
        • You can select from TLSv1.0, TLSv1.1, and TLSv1.2.
      • Select the Cipher Suite that the HTTPS listener will support.
        • You can select the encryption feature for the Load Balancer to provide at the encryption negotiation with the client.
    5. Select the Target Group the listener's traffic will be forwarded to.

    6. Click the [OK] button.

    Change listener

    To change listeners, follow these steps:

    1. Click the [Change listener] button on the change listener settings screen.
    2. See Add listener to apply the changes.
    3. Click the [OK] button.

    Delete listener

    Note
    • At least 1 listener must remain, so if 1 listener is added the listener can't be deleted. If you wish to delete the 1 remaining listener, add listeners before deleting it.
    • You can only delete a listener if the Load Balancer is in the Operating status.

    To delete a listener, follow these steps:

    1. Select the listener you wish to delete on the set listener screen.
    2. Click the [Delete listener] button.
    3. Check the content on the delete listener popup window and click the [Delete] button.
      • The selected listener is deleted.

    View rules

    You can view the registered rules on the view/change rules screen.

    Rules have the following characteristics:

    • Each rule consists of a conditional clause and action
    • You cannot delete the Default rules
    • The rules are applied in the priority order and the unapplied traffic operates following the Default rules

    To view registered rules, follow these steps:

    1. Select the listener you wish to view on the set listener screen.
    2. Click the [View/Change rules] button.
      • Move to the view/change rules screen.

    Add rules

    To add rules, follow these steps:

    1. Select the listener to add rules to on the set listener screen and click the [View/Change rules] button.
    2. Click the [Add rules] button on the view/change rules screen.
    3. Enter the priority of the rule.
      • A number between 1 and 9999 can be entered as the priority.
    4. Select the condition and click the [Add] button.
      • For condition types, you can select from Host Header, HTTP Header, and Path Pattern.
      • The sum of Host Header, HTTP Header, and Path Pattern values cannot exceed 50.
        • Host Header
          • You can enter up to 68 characters.
        • HTTP Header
          • The Header name and value are not case sensitive.
          • The Header name can be entered up to 40 characters and the Header value can be entered up to 128 characters.
          • You can enter English letters, numbers, and some special characters (hyphens and underscores) for the Header name.
          • You are restricted in entering a reserved word ("host") for the Header name.
          • All characters except for ASCII control characters (0x00 to 0x1f, and 0x7f) are allowed for the Header value. (Note that ? and * are applied as wild cards.)
          • You can enter up to 5 values for each Header name.
        • Path Pattern
          • You can enter up to 128 characters for Path Pattern.
    5. Enter the condition and click the [Add] button.
      • Each condition clause is operated by And.
      • Multiple conditions of Host Header and Path Pattern conditional clauses are each operated by Or.
      • <example> If you added aaa.com and bbb.com to Host Header’s conditional clause and added /ccc and /ddd to the action, the final condition for the rule becomes (aaa.com or bbb.com) and (/ccc or /ddd).
    6. Set the action.
      • You can select from Target Group and Redirection for the action type. You can only select one.
      • If the action is a Target Group type, you can designate multiple Target Groups to give weightings.
        • <example> If you assigned 10 weightings to TestTG01 and 90 to TestTG02, the traffic will be distributed in 1:9 ratio.
      • If the action is a Redirection type, all Requests that match the conditions gets forwarded to another URL.
        • For Status Code (ResponseCode), both 301 and 302 are available.
        • You can Redirection to the request protocol without modification using #{protocol} of the Protocol dropbox.

    Change rules

    To change rules, follow these steps:

    1. Select the listener to make a rule change to on the Set listener screen and click the [View/Change rules] button.
    2. Select the rule to change on the view/change rules screen and click the [Change rules] button.
    3. See add rules to apply the changes.
    4. Click the [OK] button.

    Delete rules

    Note
    • Default rules can't be deleted. If a default rule is included in the selected rule, the [Delete rules] button gets deactivated.
    • Even if you delete the rules, the Target Groups selected as action do not get deleted.

    To delete a rule, follow these steps:

    1. Select the listener to delete a rule from on the set listener screen and click the [View/Change rules] button.
    2. Select the rule to change on the view/change rules screen and click the [Delete rules] button.
    3. Check the content on the delete rules popup window and click the [Delete] button.
      • The selected rule is deleted.

    Monitoring Application Load Balancer

    You can check the regularly collected information for Concurrent connection, Connection per Second, Traffic In, Traffic Out, Available Host Count, and Unavailable Host Count for the selected period each as a graph.

    Note

    The collection cycle varies, depending on the selected period. Monitoring information collected by handling load balancing can be set up and checked from at least 1 minute to last year.

    Aggregation cycle (Interval)Search Period
    1-minute cycleUp to 6 hours
    5-minute cycleUp to 1 day
    30-minute cycleUp to 1 week
    2-hour cycleUp to 1 month
    1-day cycle1 month exceeded

    To check the monitoring information of the Application Load Balancer, follow these steps:

    1. Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
    2. Click the Load Balancer menu.
    3. Select a Load Balancer to monitor and click the [Monitoring] button.
      • The basic monitoring popup window for the Load Balancer pops up and shows the monitoring information as graphs.
      • Select the period to check the monitoring information collected for the selected period.
      • Click the [Refresh] button to refresh the graphs.
      • Click i_loadbalancer_enlargement to view an extended graph and click the [x] button to download the collected monitoring information as an Excel file.

    Delete Application Load Balancer

    Caution

    If you delete a Load Balancer, rules set to the Route Table are deleted together. If you are using the Route Table rules in another service, it may not function normally upon deleting a Load Balancer.

    To delete an Application Load Balancer, follow these steps:

    1. Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
    2. Click the Load Balancer menu.
    3. Select a Load Balancer to delete and click the [Delete Load Balancer] button.
    4. Check the content in the delete Load Balancer popup window and click the [Delete] button.
      • The selected Load Balancer is deleted.
      • The Public IP in use can be returned together. The unreturned IPs can be re-assigned.

    Was this article helpful?

    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.