Application Load Balancer (ALB) is a service provided by Alibaba Cloud. ALB runs at the application layer and supports protocols such as HTTP, HTTPS, and Quick UDP Internet Connections (QUIC). The ALB service offers high elasticity and can process a large amount of network traffic at Layer 7. ALB supports complex routing. ALB is integrated with other cloud-native services and serves as a gateway to manage inbound traffic on Alibaba Cloud.

ALB architecture

Why ALB?

As a cloud-native ingress gateway for Alibaba Cloud, Application Load Balancer (ALB) is intended for Layer 7 load balancing over HTTP, HTTPS, and QUIC and provides advanced routing features. For more information about ALB Ingresses, see ALB Ingress overview and Functions and features of ALB Ingresses.

High Elasticity at Layer 7

ALB is intended for Layer 7 load balancing and provides domain names and virtual IP addresses to handle large amounts of network traffic at multiple levels. ALB distributes network traffic across groups of backend servers and can automatically scale on demand to improve the service availability of your applications. You can use ALB to prevent service interruptions caused by single points of failure (SPOFs). ALB supports customized cross-zone deployment and elastic scaling across zones to remove resource bottlenecks in individual zones.

Advanced Protocols

ALB supports HTTP, HTTPS, and QUIC and can process a heavy load of network traffic. You can use ALB to accelerate and secure access to mobile Internet applications such as real-time audio and video applications, interactive streaming applications, and online game applications. ALB supports Google Remote Procedure Call (gRPC) which facilitates efficient communication among microservices through APIs.

Content-based Routing

ALB can route network traffic to different backend servers based on the request content such as the path, HTTP header, query string, HTTP request method, cookie, and source IP address. ALB also supports advanced configurations such as redirects, rewrites, and custom HTTPS headers.

Security and Reliability

ALB supports DDoS mitigation and can be integrated with Web Application Firewall (WAF) to provide more security features. In addition, ALB supports end-to-end data transfer over HTTPS and cryptographic protocols such as TLS 1.3 to accelerate content delivery, protect your business-critical services, and comply with the Zero Trust security framework. You can also customize security policies as needed.


As cloud-native services develop, a growing number of customers in the Internet, finance, and enterprise sectors choose to deploy their applications in the cloud or migrate their existing business systems to the cloud. As a cloud-native gateway for Alibaba Cloud, ALB is deeply integrated with Container Service for Kubernetes (ACK), Serverless App Engine (SAE), Function Compute, and Kubernetes.

Flexible Billing

ALB uses elastic IP addresses (EIPs) and EIP bandwidth plans to provide Internet-facing services and supports flexible billing for Internet data transfer. ALB also supports the pay-by-LCU metering method, which allows you to pay on demand and reduces spending on resources.

ALB components

Term Description
Instance ALB provides ultra-high Layer 7 processing capabilities and can increase the service capacity of your applications by distributing network traffic across different backend servers. Each ALB instance supports up to one million queries per second (QPS).
Listener The smallest unit of ALB. You must specify the protocol and port for each listener to process different requests. For example, you can configure a listener of ALB to process HTTP requests on port 80. You must add at least one listener to each ALB instance before the ALB instance can distribute network traffic. You can add up to 50 listeners to each ALB instance to distribute network traffic for different workloads.
Forwarding rule ALB distributes requests to one or more backend servers in server groups based on forwarding rules. ALB provides advanced routing features. In addition to the basic routing features, you can specify conditions such as the HTTP header, cookie, and HTTP method in a forwarding rule to route network traffic to different backend servers.
Server group Backend servers that are used to receive requests are specified in logical groups, which are referred to as server groups. Each server group contains one or more backend servers that process requests distributed by ALB. Server groups of ALB are independent from ALB. You can associate a server group with different ALB instances. You can specify up to 1,000 backend servers in each server group. ALB supports multiple types of backend servers. For example, you can specify Elastic Compute Service (ECS) instances, elastic container instances, and elastic network interfaces (ENIs) as backend servers.
Health check ALB checks the availability of backend servers by performing health checks. If a backend server is declared unhealthy, ALB does not forward requests to the backend server until the backend server recovers. ALB supports flexible health check configurations. For example, you can specify the protocol, port, and thresholds for health checks. ALB provides health check templates that can be applied to different server groups.

ALB types

Alibaba Cloud provides Internet-facing and internal-facing ALB instances. You can specify the type of ALB instance based on your business requirements. Whether EIPs and EIP bandwidth plans are used is based on the specified ALB type.

The preceding figures show the components of an Internet-facing ALB instance and the components of an internal-facing ALB instance.
Term Description
EIP bandwidth plan EIP bandwidth plans provide bandwidth sharing and transferring for resources that are created in the same region. EIP bandwidth plans support multiple metering methods such as pay-by-bandwidth and pay-by-enhanced-95th-percentile. You can use EIP bandwidth plans to reduce spending on Internet bandwidth. Internet-facing ALB instances use EIPs and EIP bandwidth plans that support the pay-by-bandwidth and pay-by-enhanced-95th-percentile metering methods to provide Internet-facing services.
Domain name A domain name that can be accessed over the Internet or a private network and can be resolved to the virtual IP address of an ALB instance. You can also create a Canonical Name (CNAME) record to map a readable domain name to the domain name of ALB. For more information, see Configure a CNAME record.
EIP EIPs are required only by Internet-facing ALB instances. You do not need to associate EIPs with internal-facing ALB instances. An EIP is an IP address that ALB uses to provide services over the Internet. You can associate multiple EIPs with an Internet-facing ALB instance. To ensure high availability, Internet-facing ALB must use at least two EIPs in different zones to provide services.
Virtual IP address Virtual IP addresses of ALB are used to receive requests. Each virtual IP address is a private IP address that belongs to a virtual private cloud (VPC).

Activate ALB

Click the following button to navigate to the ALB buy page.

Create ALB