Create a load balancer

Last update: February 22 2024

Create a load balancer

Control panel

1. In Control Panel, go to Cloud Platform → Balancers.

2. Click Create Balancer.

3. Enter the name of the balancer.

4. Select region and pool.

5. Select balancer type based on the project load.

6. Select a subnet:

   • private — traffic balancing will be performed only within the subnet. You can connect a public IP address to a private address — the balancer will be accessible from the Internet via NAT;
   • or public — the balancer will be accessible from the Internet and will be able to proxy requests from the public subnet to cloud servers on the private subnet. If you will be hosting cloud servers on the same subnet, choose a network of /28 or larger, or make sure it has a free port allocated — more on how many ports the balancer uses.

7. Specify the IP address of the balancer — one of the free addresses in the subnet.

8. Optional: connect a public IP address. If there is no free public IP address, create a new IP address. The private subnet on which you create the balancer must be connected to cloud router-to-external-network.

9. Configure load balancer rule. Specify the protocol for the balancer and cloud server:

   • TCP-TCP is classic L4 balancing;
   • TCP-PROXY — client information is not lost and is transmitted in a separate connection header;
   • UDP-UDP — The UDP protocol is faster than TCP, but less reliable;
   • HTTP-HTTP — L7-balancing;
   • HTTPS-HTTP — L7 balancing with encryption and SSL certificate termination on the balancer.

10. The default port will be automatically set for the selected protocol — change it if necessary. The port value will be common to all servers in the rule.

11. If you choose the HTTPS protocol, add an SSL certificate to the rule so that the balancer can read the HTTPS request and use the HTTP protocol information for proper balancing. SSL certificate termination takes place on the balancer, the balancer transmits the data to the servers via HTTP.

    Select a certificate from the secrets manager or upload a new one.

    Certificates with an empty CN (Common Name) field are not supported in load balancers.

12. Open the Servers tab and check the servers that will be added to the rule.

    For each server, select the IP address and enter the port.

    Specify server weight — this is a proportional measure, denotes the fraction of requests that the server handles. If the weights are the same, the servers serve the same number of requests. If, for example, a rule has one server with a weight of "2" and two servers with a weight of "1", the first server will receive 50% of all requests and the other two will each receive 25%. The maximum weight value is 256.

13. Open the Algorithm tab and select request distribution algorithm — Round Robin or Least connections. Optional: to enable the Sticky Sessions method, check the Sticky sessions checkbox.

14. Open the Checks tab and configure availability-checks.

15. Open the Connections tab and specify connection-settings between:

    • incoming requests and balancer — specify the connection timeout and whether or not the number of connections is limited. When the number of connections is limited, specify the maximum number of requests;
    • balancer and servers — specify the connection timeout, inactivity timeout, and TCP packet waiting timeout.

16. Optional: open the Headers tab and check HTTP request headers to be passed to servers.

17. Optional: to add an additional rule, click Add Rule. There is no limit to the number of rules.

18. Click Create Load Balancer.

OpenStack CLI

1. Open OpenStack CLI.

2. Install the Octavia client:

   pip install python-octaviaclient

3. Create a balancer:

   openstack loadbalancer create \
     --vip-subnet-id <subnet_ID> \
     --vip-address <IP_address> \
     --flavor <flavor_ID> \
     --name <loadbalancer_name>

   Specify:

   • <subnet_ID> — ID of private or public subnet, can be viewed with openstack subnet list
   • <IP_address> — The IP address that will be allocated to the load balancer is one of the free ones on the subnet;
   • <flavor_ID> — ID load balancer type (flavor). The ID depends on the pool in which the balancer is created. The list of flavorors can be viewed with openstack loadbalancer flavor list -c id -c name. For more information about matching balancer names and types, see View Type List;
   • <loadbalancer_name> is the name of the balancer.

4. Verify that the balancer is in ONLINE (operating_status parameter in the command output) and ACTIVE (provisioning_status) statuses:

   openstack loadbalancer show <loadbalancer>

   Specify <loadbalancer> — balancer ID or name, can be viewed with openstack loadbalancer list

5. Create a rule and specify the protocol and port for the balancer:

   openstack loadbalancer listener create \
     --name <listener_name> \
     --protocol <protocol> \
     --protocol-port <protocol_port> \
     <loadbalancer>

   Specify:

   • <listener_name> — listener name — will appear in the control panel as the rule name;
   • <protocol> is the name of the protocol;
   • <protocol_port> — port number.

6. Create a protocol for the server in the rule and specify the algorithm:

   openstack loadbalancer pool create \
     --name <pool_name> \
     --lb-algorithm <algorithm> \
     --listener <listener_name> \
     --protocol <protocol_name>

   Specify:

   • <pool_name> — pool name, will not be displayed in the control panel;
   • <algorithm> is the name of the algorithm: ROUND_ROBIN or LEAST_CONNECTIONS.
   • <listener_name> is the listener's name;
   • <protocol_name> is the name of the protocol.

7. Add the server to the rule and specify its IP address:

   openstack loadbalancer member create \
     --subnet-id <subnet_ID> \
     --address <server_IP> \
     --protocol-port <protocol_port> \
     <pool_name>

   Specify <server_IP> — the IP address of the server.

8. Optional: specify availability-checks parameters — they will be reflected on the balancer page → Checks tab:

   openstack loadbalancer healthmonitor create \
     --delay <delay> \
     --max-retries <max_retries> \
     --timeout <timeout> \
     --type <protocol_name> \
     <pool_name>

   Specify:

   • <delay> — interval in seconds;
   • <max_retries> is the threshold of success;
   • <timeout> — connection timeout;
   • <protocol_name> — validation type — protocol name;
   • <pool_name> is the pool name.

9. Optional: connect a public IP address to the balancer:

   openstack floating ip set --port <loadbalancer_port_ID> <floating_IP>

   Specify:

   • <loadbalancer_port_ID> — balancer port ID — the value of vip_port_id from the output of the openstack loadbalancer show <loadbalancer> command.
   • <floating_IP> is the public IP address.