- Print
- PDF
Create and manage Network Proxy Load Balancer
- Print
- PDF
Available in VPC
Network Proxy Load Balancer is a Load Balancer using a similar method to the Load Balancer provided in the Classic environment. With the Proxy method of communication, it offers the same load balancing algorithm as Application Load Balancers.
Create Network Proxy Load Balancer
To create a Network Proxy Load Balancer, follow these steps:
- Access NAVER Cloud Platform console.
- Click Services > Networking > Load Balancer, in order.
- Click the Load Balancer menu.
- Click [Create Load Balancer] > [Create Network Proxy Load Balancer] in order.
- When the Load Balancer creation screen appears, proceed with the following steps in order:
The 3. Set Certificate step appears only when a listener is added with the TLS protocol in the 2. Create Load Balancer (set listener) step.
If you added listeners only with TCP protocol, the 3. Set Certificate stage does not appear. Skip the stage and proceed in order.
1. Create Load Balancer
Enter the information for the Network Proxy Load Balancer you wish to create and click the [Next] button.
Network: select the network type for Load Balancer.
- Private IP: it processes the load division from the internal server using a Private IP within VPC. It cannot be accessed from outside.
- Public IP: the Public IP is set to allow calling from outside VPC or Internet. It processes the load division. You can utilize it by connecting with domains or CDN services of the customers using the random domain provided with the Public IP.
Load control capacity: select the size of the Load Balancer depending on the load control capacity.
- You can select Small/Medium/Large considering the load control capacity.
- Each size can handle at least 30,000/60,000/90,000 loads, respectively, based on connections per minute (CPS).
- TLS is an SSL Offloading. 1/10 of TCP’s capacity is expected, however, it may vary by the authentication key method or size.
Target VPC: select the VPC to create a Load Balancer in.
Select subnet: select the Zone and Subnet to use to create the Load Balancer.
Caution- The selected Zone and Subnet cannot be changed after creating the Load Balancer.
- Create and select a dedicated Subnet. If the Load Balancer is located in the same Subnet with the server, it does not process the load to the server.
- You can only select the Subnet included in the selected VPC you chose as Target VPC.
- If you chose Private IP, you can only select the Subnet created with a Private IP Load Balancer Subnet.
- If you chose Public IP, you can only select the Subnet created with Public IP Load Balancer Subnet.
- For more information about creating Subnets, see create Subnet.
- You do not need to create separate Subnets for each Load Balancer, however, we recommend a Subnet in the C Class (255.255.255.0) scale.
Official IP: select a Public IP that you possess or subscribe a new Public IP.
2. Create Load Balancer (set listener)
- Select the protocol (TCP/TLS) that the basic listener of Load Balancer will operate with.
- Set up the port that the basic listener of Load Balancer will bind to.
- Click the [Add] button.
- A listener is added.
- Repeat steps 1 to 3 to add multiple listeners.
- In order to delete an added listener, click the [Delete] button.
- Click the [Next] button.
3. Set Certificate
Set Certificate appears only when a listener is added with the TLS protocol in 2. Create Load Balancer (set listener).
- Select the suitable certificate for the service among the certificates registered in Certificate Manager.
- If you have no registered certificate, see Certificate Manager user guide to register a certificate.
Only RSA-2048 or higher or ECDSA P256 public key algorithm certificates are supported.
- Select the TLS protocol version at TLS minimum support version.
- You can select from TLSv1.0, TLSv1.1, and TLSv1.2.
- Select the Cipher Suite that the TLS listeners will support in Set Cipher Suite.
- You can select the encryption feature for the Load Balancer to provide at the encryption negotiation with the client.
- You can select Select All to select all Cipher Suites available.
4. Select Target Group
Select the Target Group to apply load division and click the [Next] button.
- To do this, the Target Group need to be created in advance. If there is no created Target Group, click the [Create Target Group] button to create a Target Group. (See create Target Group)
- Among Target Groups created, only Target Groups that can be connected are displayed.
- You can only select a Target Group created with PROXY_TCP protocols for Network Proxy Load Balancers.
The bandwidth of Load Balancer Subnet must be added to ACG of the bound server and NACL as an access source and allowed port.
5. View setting information
Check the setting information for Load Balancer and click the [Create Load Balancer] button.
Manage Network Proxy Load Balancer
You can change the Load Balancer, Subnet and listener setting for the created Network Proxy Load Balancer and check the monitoring information as a graph.
You can change the server applied to Load Balancer in the Target Group menu. For more information, see Target setting.
Load Balancer Settings
To check the setting information and change the setting for Load Balancer, follow these steps:
Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
Click the Load Balancer menu.
Select the Load Balancer to check or change the setting information and click the [Change Load Balancer settings] button.
- The change Load Balancer settings popup window appears and you can view the setting information of the Load Balancer.
After applying changes, click the [OK] button.
- Load balancing performance can be changed.
- You can select Small/Medium/Large considering the load control capacity.
- Each size can handle at least 30,000/60,000/90,000 loads, respectively, based on connections per minute (CPS).
- TLS is an SSL Offloading. 1/10 of TCP’s capacity is expected, however, it may vary by the authentication key method or size.
- You can change the Idle Time out.
- Load balancing performance can be changed.
Change Subnet
- You can only add it if you select one Zone and Subnet when you created the Load Balancer.
- Once a Subnet is added, it can't be changed.
To add Zones and Subnets where Network Proxy Load Balancer will be placed, follow these steps:
- Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
- Click the Load Balancer menu.
- Select the Load Balancer you wish to add a subnet to and click the [Change subnet] button.
- Change subnet popup window appears and you can view the setting information of the Load Balancer Subnet.
- After adding Zones and Subnets, click the [OK] button.
Set listener
You can check the registered listeners on the change listener settings screen and add/change/delete them. You can view and change the rules.
You cannot add or delete a rule in Network Proxy Load Balancer.
To move listeners to the change settings page, follow these steps:
- Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
- Click the Load Balancer menu.
- Select the Load Balancer to change the listener setting and click the [Change listener settings] button.
- When you move to the change listener settings screen, the listeners you set upon creating the Load Balancer show up as a Default.
Add listener
To add listeners, follow these steps:
- Click the [Add listener] button on the change listener settings screen.
- Select a protocol (TCP/TLS) for the listener you wish to add.
- Enter the port number that the listener will bind to.
- If you selected TLS, select the following items.
- Select the suitable certificate for the service among the certificates registered in Certificate Manager.
- Select the TLS protocol version.
- You can select from TLSv1.0, TLSv1.1, and TLSv1.2.
- Select the Cipher Suite that the TLS listener will support.
- You can select the encryption feature for the Load Balancer to provide at the encryption negotiation with the client.
- Select the Target Group the listener's traffic will be forwarded to.
- Click the [OK] button.
Change listener
To change listeners, follow these steps:
- Click the [Change listener] button on the change listener settings screen.
- See add listener to apply the changes.
- Click the [OK] button.
Delete listener
- At least 1 listener must remain, so if 1 listener is added the listener can't be deleted. If you wish to delete the 1 remaining listener, add listeners before deleting it.
- You can only delete a listener if the Load Balancer is in the Operating status.
To delete a listener, follow these steps:
- Select the listener you wish to delete on the Set listener screen.
- Click the [Delete listener] button.
- Check the content on the delete listener popup window and click the [Delete] button.
- The selected listener is deleted.
View rules
You can view the registered rules on the view/change rules screen.
Rules have the following characteristics:
- Each rule consists of actions (Network Proxy Load Balancers do not take conditions.)
- You cannot delete the Default rules
- The rules are applied in the priority order and the unapplied traffic operates following the Default rules
To view registered rules, follow these steps:
- Select the listener you wish to view on the set listener screen.
- Click the [View/Change rules] button.
- Move to the view/change rules screen.
Change rules
To change rules, follow these steps:
- Select the listener to make a rule change to on the set listener screen and click the [View/Change rules] button.
- Select the rule to change on the view/change rules screen and click the [Change rules] button.
- Apply the changes.
- Change the Target Group at Action and click the [Add] button.
- Weightings can't be changed.
- Click the [X] button to delete the added target group.
- Change the Target Group at Action and click the [Add] button.
- Click the [OK] button.
Monitoring Network Proxy Load Balancer
You can check the regularly collected information for Concurrent connection, Connection per Second, Traffic In and Traffic Out for the selected period each as a graph.
The collection cycle varies, depending on the selected period. Monitoring information collected by handling load balancing can be set up and checked from at least 1 minute to last year.
Aggregation cycle (Interval) | Search Period |
---|---|
1-minute cycle | Up to 6 hours |
5-minute cycle | Up to 1 day |
30-minute cycle | Up to 1 week |
2-hour cycle | Up to 1 month |
1-day cycle | 1 month exceeded |
To check the monitoring information of the Network Proxy Load Balancer, follow these steps:
- Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
- Click the Load Balancer menu.
- Select a Load Balancer to monitor and click the [Monitoring] button.
- The basic monitoring popup window for the Load Balancer pops up and shows the monitoring information as graphs.
- Select the period to check the monitoring information collected for the selected period.
- Click the [Refresh] button to refresh the graphs.
- Click to view an extended graph and click the [x] button to download the collected monitoring information as an Excel file.
Delete Network Proxy Load Balancer
If you delete a Load Balancer, rules set to the Route Table are deleted together. If you are using the Route Table rules in another service, it may not function normally upon deleting a Load Balancer.
To delete a Network Proxy Load Balancer, follow these steps:
- Click Services > Networking > Load Balancer in order on the NAVER Cloud Platform console.
- Click the Load Balancer menu.
- Select a Load Balancer to delete and click the [Delete Load Balancer] button.
- Check the content in the delete Load Balancer popup window and click the [Delete] button.
- The selected Load Balancer is deleted.
- The public IP in use can be returned together. The unreturned IPs can be re-assigned.