Creating an Internal Load Balancer
You can create an internal load balancer to distribute incoming network traffic between several virtual machines (VMs) of a Net.
Creating an Internal Load Balancer Using Cockpit v2
Before you begin:
For more information, see Security Groups. |
Open the Create Load Balancer Window
In the Load Balancers dashboard, click Create Load Balancer.
The CREATE LOAD BALANCER dialog box appears.
Configure Your Load Balancer
Choose a Name
-
In the Name field, type a name for the load balancer.
-
This name must be unique for the whole Region.
-
It must follow domain name rules. That is, it can contain up to 32 alphanumeric characters or hyphens, but cannot start or end with a hyphen.
-
-
Click Next.
The Load Balancer Type screen appears.
Select the Privacy, the Load Balancer Type, the Subnet and the Security Group
-
From the Privacy list, select Private Cloud.
-
From the Load Balancer Type list, select internal.
-
From the Subnet list, select the Subnet in which you want to create the load balancer.
-
From the Security Group list, select:
-
Create a new security group to assign a new security group to the load balancer.
-
In the Name field, type a name for the security group.
-
In the Description field, type its description.
-
The name must be unique in your account for the public Cloud or for each Net.
-
The name of the security group must not start with
sg-
. -
Each name and description can contain between 1 and 255 characters. Allowed characters are a-z, A-Z, 0-9, spaces, and _.-:/()#,@[]+=&;\{}!$*.
-
-
-
Select one or more existing security groups to select a security group for the load balancer.
-
Proceed with a default security group to select the default security group of the Net.
-
-
Click Next.
The Listeners screen appears.
Configure the Listeners
-
From the Protocol list, select the routing protocol of the load balancer (
HTTP
,HTTPS
,TCP
,SSL
). -
In the Load balancer port field, type the listening port of the load balancer or select it using the arrows (between
1
and65535
, both included). -
In the Backend VM port field, type the listening port of the backend VM or select it using the arrows (between
1
and65535
, both included). -
Click Next.
The Listeners window appears.
Configure a Health Check
-
From the Protocol list, select the protocol for the URL of the VM (
HTTP
,HTTPS
,TCP
,SSL
). -
In the Port field, type the port number or select it using the arrows (between
1
and65535
, both included). -
In the Interval field, type the number of seconds between two requests or select it using the arrows (between
5
and600
,both included). -
In the Timeout field, type the maximum waiting time for a response before considering the VM as unhealthy, in seconds, or select it using the arrows (between
2
and60
, both included). -
In the Healthy threshold field, type the number of consecutive successful requests before considering the VM as healthy or select it using the arrows (between
2
and10
, both included). -
In the Unhealthy threshold field, type the number of consecutive failed requests before considering the VM as unhealthy or select it using the arrows (between
2
and10
, both included). -
Click Next.
The Access Logs screen appears.
Configure Access Logs
The amount of data (in GiB) stored in your OOS bucket will be added to your resource consumption. |
-
(optional) Leave the Customize access logs switch on, then specify the following elements:
-
From the OOS bucket name field, type the name of the OOS bucket for the access logs.
-
(optional) From the OOS bucket prefix field, type the path to the folder of the access logs in your OOS bucket (by default, the
root
level of your bucket). -
From the Publication interval list, select the time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either
5
or60
(by default,60
).
-
-
Click Next.
The Backend VMs screen appears.
Creating an Internal Load Balancer Using OSC CLI
Before you begin:
For more information, see Security Groups. |
The CreateLoadBalancer command creates a load balancer.
The load balancer is created with a unique Domain Name Service (DNS) name. It receives the incoming traffic and routes it to its registered virtual machines (VMs).
By default, this action creates an Internet-facing load balancer, resolving to public IPs. To create an internal load balancer in a Net, resolving to private IPs, use the LoadBalancerType
parameter.
You must specify either the Subnets
or the SubregionNames
parameters.
For more information, see About Load Balancers.
$ osc-cli api CreateLoadBalancer --profile "default" \
--LoadBalancerName "private-lb-example" \
--Listeners '[
{
"BackendPort": 80,
"BackendProtocol": "TCP",
"LoadBalancerPort": 80,
"LoadBalancerProtocol": "TCP"
}
]' \
--Subnets '["subnet-12345678"]' \
--SecurityGroups '["sg-12345678"]' \
--LoadBalancerType "internal"
This command contains the following attributes that you need to specify:
-
DryRun
: (optional) If true, checks whether you have the required permissions to perform the action. -
Listeners
: One or more listeners to create.-
BackendPort
: (optional) The port on which the backend VM is listening (between1
and65535
, both included). -
BackendProtocol
: (optional) The protocol for routing traffic to backend VMs (HTTP
|HTTPS
|TCP
|SSL
). -
LoadBalancerPort
: (optional) The port on which the load balancer is listening (between1
and65535
, both included). -
LoadBalancerProtocol
: (optional) The routing protocol (HTTP
|HTTPS
|TCP
|SSL
). -
ServerCertificateId
: (optional) The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs).
-
-
LoadBalancerName
: The unique name of the load balancer, with a maximum length of 32 alphanumeric characters and dashes (-
). This name must not start or end with a dash. -
LoadBalancerType
: (optional) The type of load balancer:internet-facing
orinternal
. Use this parameter only for load balancers in a Net. -
SecurityGroups
: (optional) (Net only) One or more IDs of security groups you want to assign to the load balancer. If not specified, the default security group of the Net is assigned to the load balancer. -
Subnets
: (optional) (Net only) The ID of the Subnet in which you want to create the load balancer. Regardless of this Subnet, the load balancer can distribute traffic to all Subnets. This parameter is required in a Net. -
Tags
: (optional) One or more tags assigned to the load balancer.-
Key
: (optional) The key of the tag, with a minimum of 1 character. -
Value
: (optional) The value of the tag, between 0 and 255 characters.
-
The CreateLoadBalancer command returns the following elements:
-
LoadBalancer
: Information about the load balancer.-
AccessLog
: Information about access logs.-
IsEnabled
: If true, access logs are enabled for your load balancer. If false, they are not. If you set this to true in your request, theOsuBucketName
parameter is required. -
OsuBucketName
: The name of the OOS bucket for the access logs. -
OsuBucketPrefix
: The path to the folder of the access logs in your OOS bucket (by default, theroot
level of your bucket). -
PublicationInterval
: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either5
or60
(by default,60
).
-
-
ApplicationStickyCookiePolicies
: The stickiness policies defined for the load balancer.-
CookieName
: The name of the application cookie used for stickiness. -
PolicyName
: The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.
-
-
BackendIps
: One or more public IPs of backend VMs. -
BackendVmIds
: One or more IDs of backend VMs for the load balancer. -
DnsName
: The DNS name of the load balancer. -
HealthCheck
: Information about the health check configuration.-
CheckInterval
: The number of seconds between two requests (between5
and600
both included). -
HealthyThreshold
: The number of consecutive successful requests before considering the VM as healthy (between2
and10
both included). -
Path
: If you use the HTTP or HTTPS protocols, the request URL path. -
Port
: The port number (between1
and65535
, both included). -
Protocol
: The protocol for the URL of the VM (HTTP
|HTTPS
|TCP
|SSL
). -
Timeout
: The maximum waiting time for a response before considering the VM as unhealthy, in seconds (between2
and60
both included). -
UnhealthyThreshold
: The number of consecutive failed requests before considering the VM as unhealthy (between2
and10
both included).
-
-
Listeners
: The listeners for the load balancer.-
BackendPort
: The port on which the backend VM is listening (between1
and65535
, both included). -
BackendProtocol
: The protocol for routing traffic to backend VMs (HTTP
|HTTPS
|TCP
|SSL
). -
LoadBalancerPort
: The port on which the load balancer is listening (between1
and65535
, both included). -
LoadBalancerProtocol
: The routing protocol (HTTP
|HTTPS
|TCP
|SSL
). -
PolicyNames
: The names of the policies. If there are no policies enabled, the list is empty. -
ServerCertificateId
: The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs).
-
-
LoadBalancerName
: The name of the load balancer. -
LoadBalancerStickyCookiePolicies
: The policies defined for the load balancer.-
CookieExpirationPeriod
: The time period, in seconds, after which the cookie should be considered stale.
If1
, the stickiness session lasts for the duration of the browser session. -
PolicyName
: The name of the stickiness policy.
-
-
LoadBalancerType
: The type of load balancer. Valid only for load balancers in a Net.
IfLoadBalancerType
isinternet-facing
, the load balancer has a public DNS name that resolves to a public IP.
IfLoadBalancerType
isinternal
, the load balancer has a public DNS name that resolves to a private IP. -
NetId
: The ID of the Net for the load balancer. -
PublicIp
: (internet-facing only) The public IP associated with the load balancer. -
SecuredCookies
: Whether secure cookies are enabled for the load balancer. -
SecurityGroups
: One or more IDs of security groups for the load balancers. Valid only for load balancers in a Net. -
SourceSecurityGroup
: Information about the source security group of the load balancer, which you can use as part of your inbound rules for your registered VMs.
To only allow traffic from load balancers, add a security group rule that specifies this source security group as the inbound source.-
SecurityGroupAccountId
: The account ID of the owner of the security group. -
SecurityGroupName
: The name of the security group.
-
-
Subnets
: The ID of the Subnet in which the load balancer was created. -
SubregionNames
: The ID of the Subregion in which the load balancer was created. -
Tags
: One or more tags associated with the load balancer.-
Key
: The key of the tag, with a minimum of 1 character. -
Value
: The value of the tag, between 0 and 255 characters.
-
-
-
ResponseContext
: Information about the context of the response.-
RequestId
: The ID of the request.
-
{
"ResponseContext": {
"RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
},
"LoadBalancer": {
"Tags": [],
"SourceSecurityGroup": {
"SecurityGroupName": "security-group-example",
"SecurityGroupAccountId": "123456789012"
},
"SecuredCookies": false,
"Subnets": [
"subnet-12345678"
],
"NetId": "vpc-12345678",
"BackendVmIds": [],
"ApplicationStickyCookiePolicies": [],
"SecurityGroups": [
"sg-12345678"
],
"LoadBalancerType": "internal",
"AccessLog": {
"PublicationInterval": 60,
"IsEnabled": false
},
"DnsName": "internal-private-lb-example.123456789.eu-west-2.lbu.outscale.com",
"HealthCheck": {
"UnhealthyThreshold": 2,
"Timeout": 5,
"CheckInterval": 30,
"Protocol": "TCP",
"HealthyThreshold": 10,
"Port": 80
},
"LoadBalancerStickyCookiePolicies": [],
"SubregionNames": [
"eu-west-2a"
],
"Listeners": [
{
"BackendPort": 80,
"BackendProtocol": "TCP",
"LoadBalancerPort": 80,
"LoadBalancerProtocol": "TCP"
}
],
"LoadBalancerName": "private-lb-example"
}
}
Creating an Internal Load Balancer Using oapi-cli
Before you begin:
For more information, see Security Groups. |
The CreateLoadBalancer command creates a load balancer.
The load balancer is created with a unique Domain Name Service (DNS) name. It receives the incoming traffic and routes it to its registered virtual machines (VMs).
By default, this action creates an Internet-facing load balancer, resolving to public IPs. To create an internal load balancer in a Net, resolving to private IPs, use the LoadBalancerType
parameter.
You must specify either the Subnets
or the SubregionNames
parameters.
For more information, see About Load Balancers.
$ oapi-cli --profile "default" CreateLoadBalancer \
--LoadBalancerName "private-lb-example" \
--Listeners '[
{
"BackendPort": 80,
"BackendProtocol": "TCP",
"LoadBalancerPort": 80,
"LoadBalancerProtocol": "TCP"
}
]' \
--Subnets '["subnet-12345678"]' \
--SecurityGroups '["sg-12345678"]' \
--LoadBalancerType "internal"
This command contains the following attributes that you need to specify:
-
DryRun
: (optional) If true, checks whether you have the required permissions to perform the action. -
Listeners
: One or more listeners to create.-
BackendPort
: (optional) The port on which the backend VM is listening (between1
and65535
, both included). -
BackendProtocol
: (optional) The protocol for routing traffic to backend VMs (HTTP
|HTTPS
|TCP
|SSL
). -
LoadBalancerPort
: (optional) The port on which the load balancer is listening (between1
and65535
, both included). -
LoadBalancerProtocol
: (optional) The routing protocol (HTTP
|HTTPS
|TCP
|SSL
). -
ServerCertificateId
: (optional) The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs).
-
-
LoadBalancerName
: The unique name of the load balancer, with a maximum length of 32 alphanumeric characters and dashes (-
). This name must not start or end with a dash. -
LoadBalancerType
: (optional) The type of load balancer:internet-facing
orinternal
. Use this parameter only for load balancers in a Net. -
SecurityGroups
: (optional) (Net only) One or more IDs of security groups you want to assign to the load balancer. If not specified, the default security group of the Net is assigned to the load balancer. -
Subnets
: (optional) (Net only) The ID of the Subnet in which you want to create the load balancer. Regardless of this Subnet, the load balancer can distribute traffic to all Subnets. This parameter is required in a Net. -
Tags
: (optional) One or more tags assigned to the load balancer.-
Key
: (optional) The key of the tag, with a minimum of 1 character. -
Value
: (optional) The value of the tag, between 0 and 255 characters.
-
The CreateLoadBalancer command returns the following elements:
-
LoadBalancer
: Information about the load balancer.-
AccessLog
: Information about access logs.-
IsEnabled
: If true, access logs are enabled for your load balancer. If false, they are not. If you set this to true in your request, theOsuBucketName
parameter is required. -
OsuBucketName
: The name of the OOS bucket for the access logs. -
OsuBucketPrefix
: The path to the folder of the access logs in your OOS bucket (by default, theroot
level of your bucket). -
PublicationInterval
: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either5
or60
(by default,60
).
-
-
ApplicationStickyCookiePolicies
: The stickiness policies defined for the load balancer.-
CookieName
: The name of the application cookie used for stickiness. -
PolicyName
: The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.
-
-
BackendIps
: One or more public IPs of backend VMs. -
BackendVmIds
: One or more IDs of backend VMs for the load balancer. -
DnsName
: The DNS name of the load balancer. -
HealthCheck
: Information about the health check configuration.-
CheckInterval
: The number of seconds between two requests (between5
and600
both included). -
HealthyThreshold
: The number of consecutive successful requests before considering the VM as healthy (between2
and10
both included). -
Path
: If you use the HTTP or HTTPS protocols, the request URL path. -
Port
: The port number (between1
and65535
, both included). -
Protocol
: The protocol for the URL of the VM (HTTP
|HTTPS
|TCP
|SSL
). -
Timeout
: The maximum waiting time for a response before considering the VM as unhealthy, in seconds (between2
and60
both included). -
UnhealthyThreshold
: The number of consecutive failed requests before considering the VM as unhealthy (between2
and10
both included).
-
-
Listeners
: The listeners for the load balancer.-
BackendPort
: The port on which the backend VM is listening (between1
and65535
, both included). -
BackendProtocol
: The protocol for routing traffic to backend VMs (HTTP
|HTTPS
|TCP
|SSL
). -
LoadBalancerPort
: The port on which the load balancer is listening (between1
and65535
, both included). -
LoadBalancerProtocol
: The routing protocol (HTTP
|HTTPS
|TCP
|SSL
). -
PolicyNames
: The names of the policies. If there are no policies enabled, the list is empty. -
ServerCertificateId
: The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs).
-
-
LoadBalancerName
: The name of the load balancer. -
LoadBalancerStickyCookiePolicies
: The policies defined for the load balancer.-
CookieExpirationPeriod
: The time period, in seconds, after which the cookie should be considered stale.
If1
, the stickiness session lasts for the duration of the browser session. -
PolicyName
: The name of the stickiness policy.
-
-
LoadBalancerType
: The type of load balancer. Valid only for load balancers in a Net.
IfLoadBalancerType
isinternet-facing
, the load balancer has a public DNS name that resolves to a public IP.
IfLoadBalancerType
isinternal
, the load balancer has a public DNS name that resolves to a private IP. -
NetId
: The ID of the Net for the load balancer. -
PublicIp
: (internet-facing only) The public IP associated with the load balancer. -
SecuredCookies
: Whether secure cookies are enabled for the load balancer. -
SecurityGroups
: One or more IDs of security groups for the load balancers. Valid only for load balancers in a Net. -
SourceSecurityGroup
: Information about the source security group of the load balancer, which you can use as part of your inbound rules for your registered VMs.
To only allow traffic from load balancers, add a security group rule that specifies this source security group as the inbound source.-
SecurityGroupAccountId
: The account ID of the owner of the security group. -
SecurityGroupName
: The name of the security group.
-
-
Subnets
: The ID of the Subnet in which the load balancer was created. -
SubregionNames
: The ID of the Subregion in which the load balancer was created. -
Tags
: One or more tags associated with the load balancer.-
Key
: The key of the tag, with a minimum of 1 character. -
Value
: The value of the tag, between 0 and 255 characters.
-
-
-
ResponseContext
: Information about the context of the response.-
RequestId
: The ID of the request.
-
{
"ResponseContext": {
"RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
},
"LoadBalancer": {
"Tags": [],
"SourceSecurityGroup": {
"SecurityGroupName": "security-group-example",
"SecurityGroupAccountId": "123456789012"
},
"SecuredCookies": false,
"Subnets": [
"subnet-12345678"
],
"NetId": "vpc-12345678",
"BackendVmIds": [],
"ApplicationStickyCookiePolicies": [],
"SecurityGroups": [
"sg-12345678"
],
"LoadBalancerType": "internal",
"AccessLog": {
"PublicationInterval": 60,
"IsEnabled": false
},
"DnsName": "internal-private-lb-example.123456789.eu-west-2.lbu.outscale.com",
"HealthCheck": {
"UnhealthyThreshold": 2,
"Timeout": 5,
"CheckInterval": 30,
"Protocol": "TCP",
"HealthyThreshold": 10,
"Port": 80
},
"LoadBalancerStickyCookiePolicies": [],
"SubregionNames": [
"eu-west-2a"
],
"Listeners": [
{
"BackendPort": 80,
"BackendProtocol": "TCP",
"LoadBalancerPort": 80,
"LoadBalancerProtocol": "TCP"
}
],
"LoadBalancerName": "private-lb-example"
}
}
Creating an Internal Load Balancer Using AWS CLI
Before you begin:
For more information, see Security Groups. |
To create an internal load balancer, use the create-load-balancer command following this syntax:
$ aws elb create-load-balancer \
--profile YOUR_PROFILE \
--load-balancer-name my-load-balancer \
--listeners Protocol=TCP,LoadBalancerPort=80,InstanceProtocol=TCP,InstancePort=58 \
--subnets subnet-12345678 \
--security-groups sg-12345678 sg-87654321 \
--scheme internal \
--endpoint https://lbu.eu-west-2.outscale.com
This command contains the following attributes that you need to specify:
-
load-balancer-name
: The name of the load balancer.-
This name must be unique for the whole Region.
-
It must follow domain name rules. That is, it can contain up to 32 alphanumeric characters or hyphens, but cannot start or end with a hyphen.
-
-
listeners
: One or more listeners for the load balancer. This attribute requires the following elements for each listener:To add several listeners, separate each of them with a space.
-
Protocol
: The routing protocol of the load balancer (HTTP
,HTTPS
,TCP
orSSL
). -
LoadBalancerPort
: The port on which the load balancer is listening (between 1 and 65535, both included). -
InstancePort
: The port on which the backend instances are listening (between 1 and 65535, both included). -
(optional)
InstanceProtocol
: The protocol for routing traffic to backend instances (HTTP
,HTTPS
,TCP
orSSL
). -
(optional)
SSLCertificateId
: The OUTSCALE Resource Name (ORN) of an SSL certificate. For more information, see Getting Information About Your Server Certificates.An SSL certificate is required only if the load balancer protocol is HTTPS or SSL.
For more information about how to configure your listener when using SSL certificates, see Configuring a Load Balancer for SSL Termination or SSL Passthrough.
-
-
subnets
: The ID of the subnet in which you want to create the load balancer. Regardless of this subnet, the load balancer can distribute traffic to all subnets. -
(optional)
security-groups
: One or more IDs of security groups you want to assign to the load balancer. If not specified, the default security group of the VPC is assigned to the load balancer. -
scheme
: The type of load balancer you want to create (here,internal
). -
endpoint
: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.
The create-load-balancer command returns the following element:
-
DNSName
: The DNS name assigned to the load balancer.
{
"DNSName": "my_load_balancer_1234567890.lbu.eu-west-2.outscale.com"
}
Related Pages
Corresponding API Methods
AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.