Create and manage Load Balancer

Available in Classic

We offer Load Balancer on Proxy basis for the Classic environment.

Create Load Balancer

To create the Load Balancer:

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Networking > Load Balancer.
Click the Load Balancer menu.
Click the [Create Load Balancer] menu.
When the Create load balancer page appears, proceed with the following steps in order:

Note

2. Configure Certificate, and 3. Configure Cipher step appears only when you add the HTTPS or SSL protocol during the 1. Create Load Balancer step.
If you add only the HTTP or TCP protocol, skip steps 2. Configure Certificate, and 3. Configure Cipher, and proceed in order.

1. Create Load Balancer

Enter the information for the Load Balancer you wish to create and click [Next].

loadbalancer-classiclb-classic_create_ko

Network: Select the network type for the Load Balancer.
- If you wish to use it for an internet service, select Public IP.
- If you need an internal load distribution without exposing it to outside, select Private IP.
  - How to use a Private IP Load Balancer is same as how to use a Public IP-based Load Balancer. You can access it via the provided Private IP address without a domain.
  - If you wish to use a Private IP Load Balancer in Global Region, you can process a steady, fast load distribution via using an exclusive network.
Select the zone to create a Load Balancer in.
- If you chose Public IP as the network type in Korean Region, you can increase the service capability by selecting both zones available.
- You can connect all servers the account own regardless of the zone the Load Balancer is placed.
  
  Caution
  
  For the users of NAVER Cloud Platform's Security Monitoring, additional fee may occur. Please check.
Enter the correct amount to Load Balancer Settings and click [Add].
- You can add up to 20 and the changed setting values are reflected in all applied servers.
- Select a protocol.
- Enter the Load Balancer Port number and server port number.
  - The Load Balancer port number cannot be used more than once but server port number can be used more than once.
  - The 22, 3389, 18080-18095, 64000, 65130, and 65131 ports are used for maintenance. You cannot use it as a Load Balancer port.
- If you selected HTTP or HTTPS protocols, enter L7 Health Check.
  - It must start with a slash(/). Enter the content location to run the health check.
    Example: /somedir/index.html
    Example: /index.html, /dir/index.html
  - Proxy Protocol is only activated upon selecting TCP and SSL protocols. For details about Proxy Protocol settings, see Proxy Protocol.
- HTTP/2’s check box is only activated upon selecting HTTPS protocols.
- If you chose HTTPS protocols, select Server Protocol.
- In order to delete an added setting, click [Delete].
Note

For SSL settings, since the authentication is process in the SSL Offloading method, you do not need to set SSL again at the server linked with a Load Balancer. We recommend you to set port 80 for the server port instead of setting both Load Balancer and server ports to 443. If you need to operate a service via HTTPS in the server as well, you can select HTTPS for the Server Protocol to configure it.
Select Load Balancing Algorithm.
- For more information about Load Balancing algorithm, see Services > Networking > Load Balancer on the NAVER Cloud Platform portal or check the FAQs of this guide.

2. Configure Certificate

Note

Certificate configuration appears only in step 1. Create Load Balancer, when you add the HTTPS or SSL protocol.

Among the certificates registered in Certificate Manager, Select a suitable certificate for the service and click [Next].

If you have no registered certificate, see Certificate Manager user guide to register a certificate.

3. Configure cipher

Check the supported SSL protocols, Ciphers applied templates and applied SSL Ciphers and click [Next].

Check the versions that supports SSL and TLS.
- TLSv1, TLSv1.1, and TLSv1.2 are available.
Check the applied SSL Ciphers.
- If SSL communication was checked among all Ciphers, it becomes the Cipher that allows connection from Load Balancer.

4. Add servers

loadbalancer-classiclb-classic_addserver_ko

If you need to, search and select a server to apply to Load Balancer in the All Servers component.
Click [>] to move to the Applied Server component.
- To remove a server included in the Applied Server component, select the server to eliminate and click [<].
Click [Next].

5. View configuration information

View the setting information for the load balancer and click [Create Load Balancer].

A Load Balancer is created set to Stop.

Proxy Protocol

Proxy Protocol is a protocol to check the Original Client IP address that requests connections from a Proxy environment given you use TCP and SSL protocols for Load Balancer.

To check the client's IPs for each protocol you set for Load Balancer:

Protocol	Method
HTTP, HTTPS	X-Forwarded-For
TCP, SSL	Proxy Protocol

If you chose to use Proxy Protocol upon setting the Load Balancer rules, the Load Balancer calls the request as the following:

PROXY_STRING + single space + INET_PROTOCOL + single space + CLIENT_IP + single space + PROXY_IP + single space + CLIENT_PORT + single space + PROXY_PORT + "\r\n“

Example:

PROXY TCP4 125.209.237.10 125.209.192.12 43321 80\r\n

The Apache and NginX versions that support Proxy Protocol are the following:

Apache 2.2
Apache 2.4
NginX 1.11.12

Set Proxy Protocol

To set up Proxy Protocol:

When creating a Load Balancer, in step 1, Create Load Balancer, select the TCP or SSL protocol, then click the Proxy Protocol check box to enable it.
Check the following steps to set according to the version:

Apache 2.2

To set up Proxy Protocol in the Apache 2.2 version:

$ wget --no-check-certificate https://raw.githubusercontent.com/ggrandes/apache22-modules/master/mod_myfixip.c
$ /{Apachelocation}/bin/apxs -c -i mod_myfixip.c

Add the following settings to the /{Apachelocation}/conf/httpd.conf file:

LoadModule myfixip_module modules/mod_myfixip.so

<IfModule mod_myfixip.c>
RewriteIPResetHeader off
Set to RewriteIPAllow 10.31.0.0/16  #LB IP range (for instance, 125.209.0.0/16 if LB IP is 125.209.197.92)
</IfModule mod_myfixip.c>

Apache 2.4

To set up Proxy Protocol in the Apache 2.4 version:

$ wget --no-check-certificate https://raw.githubusercontent.com/ggrandes/apache24-modules/master/mod_myfixip.c
$ /{Apachelocation}/bin/apxs -c -i mod_myfixip.c

If you cannot find the apxs location, install the http-devel package and check again.

Add the following settings to the /{Apachelocation}/conf/httpd.conf file:

LoadModule myfixip_module modules/mod_myfixip.so

<IfModule mod_myfixip.c>
RewriteIPResetHeader off
Set to RewriteIPAllow 10.31.0.0/16  #LB IP range (for instance, 125.209.0.0/16 if LB IP is 125.209.197.92)
</IfModule mod_myfixip.c>

Nginx 1.11.12

To set up Proxy Protocol in the Nginx 1.11.12 version:

Check if the HTTP module is included on Nginx.

$ nginx -V 2>&1 | grep – 'http_realip_module'

Add the following settings to the Nginx conf file.

http {
proxy_set_header X-Real-IP         $proxy_protocol_addr;
proxy_set_header X-Forwarded-For   $proxy_protocol_addr;
log_format main ' $proxy_protocol_addr - $remote_user [$time_local]'
#Add to the existing log format
                 '"$request" $status $body_bytes_sent'
                 '"$http_referer" "$http_user_agent"';
server
{ listen 80  proxy_protocol;
  set_real_ip_from LB IP range 1 (192.168.0.0/16);
  set_real_ip_from LB IP range 2 (192.168.0.0/16);
  real_ip_header proxy_protocol     }
}

Manage Load Balancer

You can change and view the created Load Balancer status and you can change the Load Balancer settings.

Change Load Balancer status

The Load Balancer must be set as Operating to work normally. To change the status to Operating, ACG and server settings are required.

Configure the ACG

The NAVER Cloud Platform’s Load Balancer offers the Private IP Load Balancer feature. Upon setting up a Load Balancer, the designated Load Balancer port opens for Any bandwidth(0.0.0.0/0).

The ACG of the servers applied to Load Balancer must have permission rules applied regarding Load Balancer.

To apply the permission rules regarding Load Balancer you created in ACG:

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Compute > Server.
Click ACG.
Select the ACG of the server you applied to Load Balancer and click [Set ACG].
Enter the protocol, access source, and allowed ports for the created Load Balancer and click [Add].
- Enter ncloud-load-balancer as the source. (You can find this value in the Access Control Group source field of the Load Balancer details.)
- Enter the server port number you entered upon creating the Load Balancer for Balancer Allowed ports.
- To delete an added rule, click [X].
Click [Apply].

Server Settings

To change the state of Load Balancer to Operating, the server port you set for the Load Balancer must match with the Listening port of the bound server.

To change the server's server port to Listening port:

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Networking > Load Balancer.
Select the Load Balancer to change the listener setting and click [Change Load Balancer Settings].
Edit the server port to match the server’s Listening port identically and click [Add].
Click [OK].
- Once the setting is done, the status changes to Operating.
- Click the [View Load Balancer Status] to check the health check's result values run from the server’s port by the Load Balancer.
  
  Caution
  
  In some cases, the ncloud-load-balancer groups can communicate with VM upon constant health check request from Load Balancer, even if you deleted the rules after adding the ACG permission rule. To disconnect the communication for sure, restart the connected Load Balancer.

Set Load Balancer

To view the setting information and change the setting for the load balancer:

Note

You can change the server applied to Load Balancer by clicking [Applied Servers]. For further information, see Change applied servers.

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Networking > Load Balancer.
Click the Load Balancer menu.
Select the load balancer to view or change the setting information and click [Change load balancer settings].
- The Change load balancer settings popup appears and you can view the setting information of the load balancer.
After applying changes, click [OK].
- You can change Load Balancer settings.
  - To change Load Balancer settings, see step 1. Create Load Balancer.
- You can change the load balancing algorithm.

Change Applied Servers

To view, add or delete the servers applied to Load Balancers:

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Networking > Load Balancer.
Click the Load Balancer menu.
Select the Load Balancer to change the listener setting and click Change applied servers.
- The Change applied servers popup appears and you can view the setting information of the Load Balancer’s applied servers.
To add a server, select a server to add from the All Server component and click [>].
To delete a server, select a server to delete from the All Server component and click [<].
Click [OK].

Manage SSL Certificates

You can manage your SSL certificates at the Certificate List menu.

To go to the Certificate List menu, click [Manage SSL certificates], then click [Go to Certificate Manager], or navigate to i_menu > Services > Security > Certificate Manager > Certificate List.

For the detailed information about SSL certificate management, see Certificate Manager user guide.

View Load Balancer Status

To check the connection status between the Load Balancer and server:

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Networking > Load Balancer.
Click the Load Balancer to check and click [View Load Balancer Status].
- The Change Load Balancer Settings popup appears and you can view the connection status between the Load Balancer and server.

Monitoring Load Balancer

You can check the regularly collected information for Concurrent connection, Connection per Second, Traffic In and Traffic Out for the selected period each as a graph.

Note

The collection cycle varies depending on the selected period. Monitoring information collected by processing load balancing can be set up and viewed for durations ranging from at least 1 minute to 1 year.

Aggregation Interval	View period
1-minute cycle	Up to 6 hours
5-minute cycle	Up to 1 day
30-minute cycle	Up to 1 week
2-hour cycle	Up to 1 month
1-day cycle	1 month exceeded

To check the monitoring information of the Load Balancer:

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Networking > Load Balancer.
Click the Load Balancer menu.
Select a load balancer to monitor and click [Monitor].
- The Basic monitoring popup for the load balancer pops up and shows the monitoring information as graphs.
- Select the period to view the monitoring information collected for the selected period.
- Click [Refresh] to refresh the viewed graphs.

Edit the HTTP Keep-alive Setting

HTTP Keep-alive is an option to reuse the existing connection when you wish to maintain the alive connection for a period of time and request connection again.

To edit the HTTP Keep-alive setting:

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Networking > Load Balancer.
Click the Load Balancer to edit the setting.
- It shows the detailed information of the Load Balancer.
Click at Apply HTTP Keep-alive.
Edit the setting to whether apply it and click [Edit].

Set Connection Idle Timeout

Connection Idle Timeout is the duration to maintain the connection with Load Balancers. After the duration, the connection closes forcedly and disconnect. If you need an application that supports long transactions, you can control the option and set up the connection duration. The default is 60 seconds, and it can be set between 60 to 3,600 seconds.

To set up Connection Idle Timeout:

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Networking > Load Balancer.
Click the Load Balance to set up.
- It shows the detailed information of the Load Balancer.
Click of Connection Idle Timeout Setting (default : 60 sec).
Edit the set value and click [Edit].

Delete Load Balancer

To delete a Load Balancer.

In the Classic environment of the NAVER Cloud Platform console, navigate to > Services > Networking > Load Balancer.
Select a load balancer to delete and click [Delete load balancer].
Check the content in the Delete load balancer popup and click [Delete].
- The selected load balancer is deleted.