Skip to main content

Connect the balancer

Last update:

  1. Create a global router.

  2. Connect networks and subnets to the global router to each VLAN and cloud platform project where the servers for balancing reside.

    For VMware-based cloud you can add networks and subnets only through technical support.

  3. Assign IP addresses from the subnets to the servers.

  4. Configure routing to the balancer subnet.

  5. Order a balancer.

  6. Check the operation of the balancer.

1. Create a global router

  1. In the Control Panel, on the top menu, click Products and select Global Router.
  2. Click Create router. Each account has a limit of five global routers.
  3. Enter the name of the router.
  4. Click Create.
  5. If the router is created with the status ERROR or hangs in one of the statuses, create a ticket.

2. Connect networks and subnets to the global router

carefully

When creating a network, do not use addresses from the 10.128.0.0/16 subnet on servers. This subnet hosts load balancers, and its use can cause load balancers to malfunction.

Use for a dedicated or hosted server.

You can connect a new network to the router or an existing network if it is not already connected to any of the account's global routers.

  1. In the Control Panel, on the top menu, click Products and select Global Router.

  2. Open the router page → Networks tab.

  3. Click Create Network.

  4. Enter the network name. This will only be used in the control panel.

  5. Select a Servers and Hardware service.

  6. Select a pool.

  7. Select VLAN. If you want to create a network up to the internal segment (Q-in-Q), specify its tag, a number from 2 to 4094. If there is already a network up to the VLAN, be sure to specify the Q-in-Q segment of this VLAN.

  8. Enter the subnet name. This will only be used in the control panel.

  9. Enter the CIDR — IP address and private subnet mask. You can enter a new subnet or an existing private subnet of the server if it is not already added to any of the global routers in the account. The subnet must meet the conditions:

    • belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16;;
    • have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
    • Do not overlap with other subnets added to this router: The IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router;
    • If the global router network will include a Managed Kubernetes cluster on cloud servers, the subnet must not overlap with the ranges 10.10.0.0/16, 10.96.0.0/12, 10.250.0.0/16 and 10.251.0.0/24. If the network will include a cluster on dedicated servers — with the ranges 10.10.0.0/16, 10.222.0.0/16, 10.250.0.0/16, 10.251.0.0/24 and 172.250.0.0/14. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.

  10. If you specified the Q-in-Q tag, make sure to configure Q-in-Q. When configuring, use the subnet you specified in step 9.

  11. Enter the gateway IP or leave the first address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network.

  12. Enter service IPs or leave the last addresses from the subnet assigned by default. Do not assign these addresses to your devices to avoid disrupting the network.

  13. Click Create Network.

  14. Optional: Check the network topology on the global router. In the control panel, from the top menu, click ProductsGlobal Router → Router Page → Network Map.

3. Assign IP addresses to the servers

  1. Connect to the server via SSH or via KVM console.

  2. Open the netplan utility configuration file with the vi text editor:

    vi /etc/netplan/01-netcfg.yaml

  3. Add or change values for the network interface settings of the private network:

        <eth_name>:
                addresses: [<ip_address>]

    Specify:

    • <eth_name> — the name of the network interface of the private network;
    • <ip_address> — private IP address of the server with subnet mask, e.g. 192.168.0.2/24.

  4. Press ESC.

  5. Exit the vi text editor with your changes saved:

    :wq

  6. Apply the configuration:

    netplan apply

  7. Optional: reboot the server.

  8. Optional: assign a private IP address to the server in the control panel.

4. Configure routing to the balancer subnet

On each of the servers, we need to pre-configure routing to the subnet where we will place the balancer when the service is connected. By default we place the balancers in the subnet 10.128.0.0/16, but you can choose any suitable subnet of dimension /16.

  1. Connect to the server.

  2. Open the network configuration file:

    vi /etc/netplan/01-netcfg.yaml

  3. At the end of the data block of the desired network interface, add a route:

    routes:
      - to: <ip_address>/<mask>
        via: <gateway>

    Specify:

    • <ip_address>/<mask> — balancer subnet. You can specify the subnet 10.128.0.0/16 where we place the balancers by default, or any suitable subnet of dimensionality /16;
    • <gateway> — The IP address from the server subnet that you assign as the gateway to the global router when you connect networks and subnets. connecting networks and subnets.

  4. Save the file.

  5. Check the settings:

    sudo netplan try

  6. Apply the changes:

    netplan apply

5. Order a balancer

  1. If your servers use HTTPS, add your TLS(SSL)-certificate to the Secret Manager. You can also issue a Let's Encrypt® certificate.

  2. In the Control Panel, in the top menu, click Products and select Load Balancer.

  3. Click Connect Balancer.

  4. Select the tariff according to the desired channel width — 20, 50, 100 or 1,000 Mbps. If you need a different channel width, select Other and specify the required value in Mbps.

  5. Specify the global router to which you have connected networks and subnets — its name, ID or a list of subnets added to the router. You can view the router data in the control panel: from the top menu, click ProductsGlobal Router → Router page.

  6. Specify the balancer subnet that you specified when configuring routing on the servers.

  7. Select a balancing algorithm:

    • Round Robin is a round robin algorithm in which requests are passed to each server in turn;
    • Weighted Round Robin is a weighted round robin algorithm in which each server is assigned a weighting factor corresponding to its performance and capacity. Servers with a higher weighting factor receive more requests;
    • Source IP hash is an algorithm that, depending on the HTTP header or IP address, selects a preferred server to receive the request;
    • Least Connections — an algorithm that sends the request to the least loaded server.

  8. If you want to use Sticky Sessions, check the Sticky Sessions checkbox.

  9. Select the protocol of the target servers: TCP, HTTP, HTTPS.

  10. If you selected the TCP protocol, specify the parameters for using the protocol — all private IP addresses assigned within the global router's networks, with the ports specified.

  11. If you selected the HTTP protocol, specify all combinations of URLs received from the Internet and the IP addresses to which they should be redirected, including the port. For example, http://domain.com/page to http://X.X.X.X:X.

  12. If you selected the HTTPS protocol, specify:

    • all combinations of URLs received from the Internet and the IP addresses to which they should be redirected, with the port. For example, https://domain.com/page to http://X.X.X.X:X;
    • ID of the certificate you added in step 1. The ID can be viewed in the control panel: in the top menu, click ProductsSecrets ManagerCertificates tab → in the menu of the certificate, select Copy UUID;
    • The ID of the project where the certificate resides.

  13. Optional: if you need to specify any additional data, enter it in the Additional comment field. For example, describe the usage scenario in more detail, specify in which pools the infrastructure is hosted, leave the administrator's contact for communication and clarification of details.

  14. Click Connect Balancer.

  15. We will create and send a ticket to activate the service. Connection takes up to seven working days. When the balancer is ready, we will send you a secure public IP address in the ticket to which you should direct incoming traffic for balancing.

6. Check the operation of the balancer

To test the balancer, send test requests to the IP address you received when you ordered the balancer.