Server Load Balancer:Use NLB to balance loads for IPv4 services

Procedure

1. Preparations

   Before you use NLB, you must select a region in which you want to deploy an NLB instance, create a virtual private cloud (VPC), and create Elastic Compute Service (ECS) instances.

2. Step 1: Create an NLB instance

   To use NLB, you must first create an NLB instance. An NLB instance is an entity that provides load balancing services by distributing client requests to backend servers.

3. Step 2: Create a server group

   You must create a server group and add backend servers to the server group to receive client requests that are forwarded by NLB.

4. Step 3: Configure a listener

   You must add a listener to the NLB instance. A listener checks for connection requests and forwards requests to backend servers based on a scheduling algorithm.

5. (Optional) Step 4: Create a CNAME record

   NLB allows you to map common domain names to the public domain name of the NLB instance by using CNAME records. This facilitates access to network resources.

6. Step 5: Test the connectivity

   After a listener is configured, you must check whether backend servers can receive and process the requests that are forwarded by the NLB listener.

Preparations

You must select a region to deploy the NLB instance, and create a VPC and one or more ECS instances.

• A region is selected for the NLB instance. Make sure that the NLB instance and the ECS instances that you want to add to the NLB instance belong to the same region. The NLB instance and the ECS instances must be deployed in the same VPC. We recommend that you deploy ECS instances across zones to improve service availability.

• A VPC is created. For more information, see Create a VPC.

  Before you create an NLB instance, make sure that the vSwitches in the zones where you want to create the NLB instance provide sufficient IP addresses. To create an NLB instance, make sure that at least five IP addresses are available in each vSwitch, including four IP addresses for health checks and one virtual IP address. If the number of IP addresses is insufficient, an error occurs and you cannot purchase an NLB instance.

  Note

  To ensure the scalability of the NLB instance, we recommend that you reserve at least eight IP addresses in each vSwitch of the NLB instance.

• Three ECS instances are deployed in the VPC. ECS01 is used to access the NLB instance. ECS02 and ECS03 are used as the backend servers of the NLB instance. Services are deployed on ECS02 and ECS03.

  • For more information about how to create an ECS instance, see Create an instance by using the wizard.

  • For more information about how to deploy an application, see Deploy an LNMP stack on a CentOS 7 instance.

Step 1: Create an NLB instance

1. Log on to the NLB console.

2. In the top navigation bar, select the region in which the NLB instance is deployed.

3. On the Instances page, click Create NLB.

4. On the NLB (Pay-As-You-Go) page, configure the following parameters.

   Parameter	Description
   Region	Select the region where you want to create the NLB instance.
   Network Type	Select a network type for the NLB instance. The system assigns public or private IP addresses to the NLB instance based on the selected network type. Intranet: If you create an internal-facing NLB instance, a private IP address is assigned to each zone. In this case, the NLB instance is accessible only over the internal network. Internet: If you create an Internet-facing NLB instance, a public IP address and a private IP address are assigned to each zone. Internet-facing NLB instances use EIPs to provide services over the Internet. If you create an Internet-facing NLB instance, you are charged instance fees and bandwidth or data transfer fees for the EIPs. EIPs are used to provide services over the Internet and expose NLB instances to the Internet. Private IP addresses can be used by NLB instances to communicate with Elastic Compute Service (ECS) instances in VPCs. Internet is selected in this example.
   VPC	Select the VPC where you want to deploy the NLB instance.
   Zone	NLB supports multi-zone deployment. If the selected region supports two or more zones, you must select at least two zones to ensure high availability. No additional fee is charged by NLB. You must select a vSwitch for each zone of the NLB instance. If no vSwitch is available, create one as prompted. Optional: If you set Network Type to Internet, you must select an EIP for each zone of the NLB instance. If no EIP is available, use the default setting Automatically assign EIP to allow the system to automatically create a pay-as-you-go (pay-by-data-transfer) EIP and associate the EIP with the NLB instance. The EIP uses BGP (Multi-ISP) lines and is protected by Anti-DDoS Origin Basic. Alternatively, you can associate an existing EIP with the NLB instance. Important You can associate only pay-as-you-go (pay-by-data-transfer) EIPs that are not associated with Internet Shared Bandwidth instances with an NLB instance. The EIPs allocated to different zones of the same NLB instance must be of the same type.
   IP Version	Select an IP version. Valid values: IPv4: If you select this option, the NLB instance can be accessed only by IPv4 clients. Dual-stack Networking: If you select this option, the NLB instance can be accessed by IPv4 and IPv6 clients. In this example, IPv4 is selected.
   Associate with EIP Bandwidth Plan	Specify whether to associate the NLB instance with an EIP bandwidth plan. If you select Associate with EIP Bandwidth Plan, you must select an Internet Shared Bandwidth instance. If no Internet Shared Bandwidth instance is available, click Purchase EIP Bandwidth Plan to purchase one. Then, return to the NLB buy page and click to select the purchased Internet Shared Bandwidth instance. We recommend that you purchase a pay-as-you-go Internet Shared Bandwidth instance. For more information, see Create an Internet Shared Bandwidth instance. Note This parameter is available only if Network Type is set to Internet.
   Internet Billing Method	Pay-by-Data-Transfer (default): The maximum bandwidth is provided for reference only. It indicates the upper limit of the bandwidth. In case of resource contention, the bandwidth allocated to the NLB instance may be lower than its maximum bandwidth. Note This parameter is available only if Network Type is set to Internet and Associate with EIP Bandwidth Plan is not selected.
   Instance Name	Enter a name for the NLB instance.
   Resource Group	Select the resource group to which the NLB instance belongs.
   Service-linked Role	The first time you create an NLB instance, click Create Service-linked Role.

5. Click Buy Now and complete the payment as prompted.

6. Return to the Instances page and select the region where the NLB instance is deployed to view the NLB instance.

Step 2: Create a server group

1. In the left-side navigation pane, choose NLB > Server Group.

2. On the Server Group page, click Create Server Group.

3. In the Create Server Group dialog box, configure the parameters and click Create.

   Parameter	Description
   Server Group Type	Select a server group type. Valid values: Server Type: Backend servers are added by specifying ECS instances, elastic network interfaces (ENIs), and elastic container instances. IP: Backend servers are added by specifying IP addresses. In this example, Server Type is selected.
   Server Group Name	Enter a name for the server group.
   VPC	Select a VPC from the VPC drop-down list. Only servers in the specified VPC can be added to the server group.
   Backend Server Protocol	Select a backend protocol. In this example, TCP is selected.
   Scheduling Algorithm	Select a scheduling algorithm. In this example, Weighted Round-Robin is selected.
   Resource Group	Select the resource group to which the server group belongs.
   Tag	Configure the Tag Key and Tag Value parameters.
   IPv6 Support	Specify whether to enable IPv6. If you enable IPv6, you can add IPv4 and IPv6 backend servers to the server group. If you do not enable IPv6, you can add only IPv4 backend servers to the server group. Note If IPv6 is disabled for the VPC that you select for the server group, IPv6 is disabled for the server group by default. In this example, IPv6 is disabled, which is the default setting.
   Enable Connection Draining	Specify whether to enable connection draining. If connection draining is enabled, connections to backend servers remain open during the specified timeout period even if the backend servers are removed or the backend servers fail health checks. In this example, connection draining is disabled, which is the default setting.
   Client IP Preservation	Specify whether to preserve client IP addresses. If client IP preservation is enabled, backend servers can retrieve client IP addresses. In this example, the default setting is used. Note You cannot enable client IP preservation for a server group of the IP type. If you want the server group to retrieve client IP addresses, enable Proxy Protocol for the associated listener.
   Enable All-port Forwarding	Specify whether to enable all-port forwarding. After you enable all-port forwarding, you do not need to specify a port when you add a backend server. The NLB instance forwards requests to a backend server based on the frontend port. In this example, all-port forwarding is disabled, which is the default setting. Note If you enable Listen by Port Range for your listener, you must enable this feature for the backend server group.
   Configure Health Check	Specify whether to enable health checks. In this example, health checks are enabled, which is the default setting.
   Health Check Settings	In this example, the default setting is used.

4. In the Server group created dialog box, click Add Backend Server.

5. On the Backend Servers tab, click Add Backend Server.

6. In the Add Backend Server panel, select ECS02 and ECS03 and click Next.

7. Specify the ports and weights of the backend servers and click OK.

8. Return to the Server Groups page to view the server group that you configured.

Step 3: Configure a listener

1. In the left-side navigation pane, choose NLB > Instances.

2. On the Instances page, click the ID of the NLB instance that you created in Step 1.

3. Click the Listener tab. On the Listener tab, click Quick Create Listener.

4. In the Quick Create Listener dialog box, configure the following parameters and click OK.

   Parameter	Description
   Listener Protocol	Select a protocol for the listener. In this example, TCP is selected.
   Listener Port	Specify the frontend port that is used to receive and forward requests to the backend servers. You can select a common port or enter a port number. Valid values: 1 to 65535. In this example, 80 is used.
   Server Group	Select Server Type and select a server group from the drop-down list next to Server Type. In this example, the server group created in Step 2 is selected.

(Optional) Step 4: Create a CNAME record

1. In the left-side navigation pane, choose NLB > Instances.

2. On the Instances page, copy the domain name of the NLB instance that you want to manage.

3. Perform the following steps to create a CNAME record:

   1. Log on to the Alibaba Cloud DNS console.

   2. On the Domain Name Resolution page, click Add Domain Name.

   3. In the Add Domain Name dialog box, enter the domain name of your host and click OK.

      Important

      Before you create the CNAME record, you must use a TXT record to verify the ownership of the domain name.

   4. Find the domain name that you want to manage and click DNS Settings in the Actions column.

   5. On the DNS Settings page, click Add DNS Record.

   6. In the Add DNS Record panel, configure the following parameters and click OK.

      Parameter	Description
      Record Type	Select CNAME from the drop-down list.
      Hostname	The prefix of the domain name. In this example, @ is entered.
      DNS Request Source	Select Default.
      Record Value	Enter a CNAME. The CNAME is the copied domain name of the NLB instance.
      TTL	Select the time-to-live (TTL) value of the CNAME record cached on the DNS server. The default value is used in this example.

      Note

      • New CNAME records immediately take effect. The time that is required for a modified CNAME record to take effect is determined by the TTL value. The default TTL value is 10 minutes.

      • If the CNAME record that you want to create conflicts with an existing record, specify another domain name.

Step 5: Test the connectivity

You can use one of the following methods to check whether NLB can forward requests to backend servers.

Method 1

After you configure the CNAME record for NLB, enter the domain name specified in Step 4 in a browser to check whether NLB can forward requests to backend servers. For more information about how to verify a CNAME record, see Verify a DNS record.

Method 2

1. Log on to ECS01, which is deployed in the VPC to which the NLB instance belongs. For more information, see Connection method overview.

2. Run the telnet domain name listener port command to check whether ECS01 can access ECS02 by using NLB.

   telnet nlb-4vg3hnps6q********.cn-hangzhou.nlb.aliyuncs.com 80

   If the following packet is returned, NLB can forward requests to backend servers.

References

• For more information about the use scenarios and components of NLB, see What is NLB?

• For more information about the features of NLB, see Features.

• For more information about NLB quotas and how to increase quotas, see Limits.

• For more information about the regions supported by NLB, see Regions supported by NLB.

• For more information about NLB billing, see NLB billing.