Creating an Internet-facing Load Balancer in a VPC

You can create an Internet-facing load balancer to distribute incoming network traffic from the Internet between several instances of a Virtual Private Cloud (VPC).

You can associate an External IP (EIP) with an internet-facing load balancer through the OUTSCALE API only. For more information see the OSC CLI section below.

Creating an Internet-facing Load Balancer in a VPC Using Cockpit

Before you begin:

  1. Create a VPC with a subnet. For more information, see Virtual Private Clouds (VPCs).

  2. Create a security group for the load balancer with the following rules:

    • Allow inbound flows in the protocol on the port you want.

    • Allow the inbound flow coming from the Internet.

    • Allow the outbound flow going to all the security groups of back-end instances.

  3. Configure the security group of the back-end instances with the following rules:

    • Allow inbound flows in the protocol on the port you want.

    • Allow inbound flows coming from the security group of the load balancer.

For more information, see Security Groups.

  1. Click Services > Load Balancers.

  2. Click Create .
    The CREATE LOAD BALANCER dialog box appears.

  3. In the Load Balancer Name field, type a name for the load balancer.

    • This name must be unique for the whole Region and follow the domain names rules.

    • It must follow domain name rules. That is, it can contain up to 32 alphanumeric characters or hyphens, but cannot start or end with a hyphen.

  4. From the VPC list, select the VPC in which you want to create the load balancer.
    The Availability Zone list is deactivated.

  5. From the Scheme list, select internet-facing.

  6. From the Subnet list, select the subnet for your back-end instances.

  7. From the Security Group(s) list, select one or more security groups to associate with the load balancer.

  8. Click Create to validate.
    The load balancer is created and appears on the Load Balancers page.
    You can modify the attributes of a load balancer after its creation. For more information see Modifying an Instance Attribute.

Creating an Internet-facing Load Balancer in a VPC Using AWS CLI

Before you begin:

  1. Create a VPC with a subnet. For more information, see Virtual Private Clouds (VPCs).

  2. Create a security group for the load balancer with the following rules:

    • Allow inbound flows in the protocol on the port you want.

    • Allow the inbound flow coming from the Internet.

    • Allow the outbound flow going to all the security groups of back-end instances.

  3. Configure the security group of the back-end instances with the following rules:

    • Allow inbound flows in the protocol on the port you want.

    • Allow inbound flows coming from the security group of the load balancer.

For more information, see Security Groups.

To create an Internet-facing load balancer in a VPC, use the create-load-balancer command following this syntax:

Request sample
$ aws elb create-load-balancer \
    --profile YOUR_PROFILE \
    --load-balancer-name my-load-balancer \
    --listeners Protocol=TCP,LoadBalancerPort=80,InstanceProtocol=TCP,InstancePort=58 \
    --subnets subnet-12345678 \
    --security-groups sg-12345678 sg-87654321 \
    --endpoint https://lbu.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • load-balancer-name: The name of the load balancer.

    • This name must be unique for the whole Region and follow the domain names rules.

    • It must follow domain name rules. That is, it can contain up to 32 alphanumeric characters or hyphens, but cannot start or end with a hyphen.

  • listeners: One or more listeners for the load balancer. This attribute requires the following elements for each listener:

    To add several listeners, separate each of them with a space.

    • Protocol: The routing protocol of the load balancer (HTTP, HTTPS, TCP ou SSL).

    • LoadBalancerPort: The port on which the load balancer is listening (between 1 and 65535, both included).

    • InstancePort: The port on which the back-end instances are listening (between 1 and 65535, both included).

    • (optional) SSLCertificateId: The OUTSCALE Resource Name (ORN) of an SSL certificate. For more information, see Getting Information About a Server Certificate.

      An SSL certificate is required only if the load balancer protocol is HTTPS or SSL.

      For more information about how to configure your listener when using SSL certificates, see Configuring a Load Balancer for SSL Termination or SSL Passthrough.

  • subnets: The ID of the subnet in which you want to create the load balancer. Regardless of this subnet, the load balancer can distribute traffic to all subnets.

  • (optional) security-groups: One or more IDs of security groups you want to assign to the load balancer. If not specified, the default security group of the VPC is assigned to the load balancer.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The create-load-balancer command returns the following element:

  • DNSName: The DNS name assigned to the load balancer.

Result sample
{
    "DNSName": "my_load_balancer_1234567890.lbu.eu-west-2.outscale.com"
}

Creating an Internet-facing Load Balancer in a VPC Using OSC CLI

Before you begin:

  1. Create a VPC with a subnet. For more information, see Virtual Private Clouds (VPCs).

  2. Create a security group for the load balancer with the following rules:

    • Allow inbound flows in the protocol on the port you want.

    • Allow the inbound flow coming from the Internet.

    • Allow the outbound flow going to all the security groups of back-end instances.

  3. Configure the security group of the back-end instances with the following rules:

    • Allow inbound flows in the protocol on the port you want.

    • Allow inbound flows coming from the security group of the load balancer.

For more information, see Security Groups.

See the CreateLoadBalancer command sample in the documentation of the OUTSCALE API.

Related Pages

Corresponding API Method

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.