All Products
Search

This Product

    Server Load Balancer:Use an ALB instance to provide IPv4 services

    Document Center

    Server Load Balancer:Use an ALB instance to provide IPv4 services

    Last Updated:Aug 25, 2023

    Alibaba Cloud Application Load Balancer (ALB) supports HTTP, HTTPS, and Quick UDP Internet Connections (QUIC) and is designed to balance the loads of applications at Layer 7. This topic describes how to create an ALB instance that supports IPv4 to forward requests from IPv4 clients to backend servers.

    Prerequisites

    • A virtual private cloud (VPC) is created. For more information, see Create a VPC with an IPv4 CIDR block and Create a VPC with an IPv6 CIDR block.

    • The service-linked role AliyunServiceRoleForAlb is attached to your Alibaba Cloud account. A service-linked role is required the first time you create an ALB instance. The service-linked role allows the ALB instance to access cloud services and resources, such as elastic network interfaces (ENIs), security groups, elastic IP addresses (EIPs), and Internet Shared Bandwidth instances. For more information, see Service-linked roles for ALB.

    Procedure

    快速入门

    1. Preparations

      Before you use the ALB service, you must select a region to deploy an ALB instance, and create a VPC and Elastic Compute Service (ECS) instances.

    2. Step 1: Create an ALB instance

      To use the ALB service, you must first create an ALB instance. An ALB instance is an entity that provides load balancing services.

    3. Step 2: Create a server group

      You must create a server group and add backend servers to receive client requests that are forwarded by ALB.

    4. Step 3: Configure a listener

      Configure a listener to listen for connection requests and forward the requests to backend servers based on a specified scheduling algorithm.

    5. (Optional) Step 4: Create a CNAME record

      ALB allows you to map common domain names to the public domain name of the ALB instance by using CNAME records. This facilitates access to network resources.

    Preparations

    Before you use the ALB service, you must select a region where you want to deploy an ALB instance, and create a VPC and one or more ECS instances.

    • Select a region to deploy your ALB instance. Make sure that the ALB instance and the ECS instances that you want to add to the ALB instance are deployed in the same region and in the same VPC. We recommend that you deploy ECS instances across different zones to improve service availability.

    • Create a VPC

    • Create an instance by using the wizard

    Step 1: Create an ALB instance

    1. Log on to the ALB console.

    2. On the Instances page, click Create ALB.

    3. On the Application Load Balancer page, set the following parameters.

      Parameter

      Description

      Region

      Select the region where you want to create the ALB instance.

      Network Type

      Select a network type for the ALB instance. The system assigns a public or private IP address to the ALB instance based on the selected network type. In this example, Internet is selected.

      • Intranet: If you create an internal-facing ALB instance, a private IP address is assigned to each zone. The ALB instance is accessible only over the internal network.

      • Internet: If you create an Internet-facing ALB instance, a public IP address and a private IP address are assigned to each zone. Internet-facing ALB instances use EIPs to provide services over the Internet. If you select Internet, you are charged instance fees and bandwidth fees or data transfer fees for the EIPs.

        • EIPs are used to provide services over the Internet and expose ALB instances to the Internet.

        • Private IP addresses allow ECS instances in VPCs to access ALB instances.

        Note

        If an ALB instance is assigned an IPv4 address and an IPv6 address, the IPv4 address is used to provide services over the Internet. If you need to use the IPv6 address to provide services over the Internet, you must change the network type of the ALB instance. In this case, you are charged IPv6 gateway fees. For more information, see Billing rules.

      VPC

      Select the VPC where you want to deploy the ALB instance.

      Zone

      Select zones and vSwitches.

      1. ALB supports multi-zone deployment. If the selected region supports two or more zones, you must select at least two zones to ensure high availability. You are not charged additional fees by ALB.

      2. Select a vSwitch in each zone that you selected. If no vSwitches are available, create one as prompted.

      3. Optional: Select an EIP in each zone that you selected.

        • If no EIP is available in a zone, you can click Automatically assign EIP. The system automatically creates a pay-as-you-go (pay-by-data-transfer) EIP and associates the EIP with the ALB instance. The EIP uses BGP (Multi-ISP) lines and is protected by Anti-DDoS Origin Basic.

        • Alternatively, you can associate an existing EIP with the ALB instance.

          Important

          • You can associate only pay-as-you-go (pay-by-data-transfer) EIPs that are not associated with Internet Shared Bandwidth instances with an ALB instance.

          • The EIPs allocated to different zones of the same ALB instance must be of the same type.

      IP Mode

      Select an IP mode for the ALB instance.

      • Static IP: Only one IP address is available in each zone. The IP address cannot be changed. An ALB instance that uses a static IP address supports at most 100,000 queries per second (QPS).

      • Dynamic IP: One or more IP addresses are available in each zone. The number of IP addresses that the ALB instance uses is based on your workload. This mode supports up to one million QPS.

      IP Version

      Select an IP version. In this example, IPv4 is selected.

      • IPv4: If you select this option, the ALB instance can be accessed only by IPv4 clients.

      • Dual-stack Networking: If you select this option, the ALB instance can be accessed by both IPv4 and IPv6 clients.

      Note

      • For more information about the regions in which the dual-stack feature is supported, see Overview of ALB instances.

      • If you want to enable the dual-stack feature, you must enable IPv6 for the vSwitches in the zones of the VPC.

      • If dual-stack is enabled for ALB, ALB can forward requests from both IPv4 and IPv6 clients to the backend servers.

        • Dual-stack ALB instances can forward requests from IPv6 clients to backend IPv4 services of the following types: ECS, elastic network interface (ENI), Elastic Container Instance, and IP. Backend services of the Function Compute type are not supported.

        • Dual-stack ALB instances can forward requests from IPv6 clients to backend IPv6 services of the following types: ECS, ENI, and Elastic Container Instance. Backend services of the Function Compute and IP types are not supported.

      • You cannot enable access control for listeners of dual-stack ALB instances.

      • You cannot upgrade existing IPv4 ALB instances to dual-stack ALB instances. You can only create dual-stack ALB instances.

      Edition

      Select the edition of the ALB instance.

      • Basic: Basic ALB instances support basic routing features such as request forwarding based on domain names, URLs, and HTTP headers.

      • Standard: Standard ALB instances support basic and advanced routing features, such as custom TLS security policies, redirects, and rewrites.

      • WAF Enabled: As an upgrade from standard ALB instances, WAF-enabled ALB instances are integrated with Web Application Firewall (WAF) 3.0 to protect web applications. Network traffic is filtered by WAF before traffic is routed to ALB listeners.

      Note

      Limits on WAF-enabled ALB instances:

      • Before you purchase WAF-enabled ALB instances, you must complete real-name verification.

      • For more information about the regions in which WAF-enabled ALB instances are supported, see Limits on WAF-enabled ALB instances.

      • Make sure that WAF 3.0 is activated within your Alibaba Cloud account.

        • If WAF is not activated in your Alibaba Cloud account, a pay-as-you-go WAF 3.0 instance is created after you create a WAF-enabled ALB instance.

        • If a WAF 2.0 instance already exists in your Alibaba Cloud account, release the WAF 2.0 instance or migrate data from the WAF 2.0 instance to a WAF 3.0 instance. (Automatic migration is not supported. If you want to migrate data, join the DingTalk group 34657699 for consultation). For more information about how to release a WAF 2.0 instance, see Terminate the WAF service.

      • You can upgrade only basic and standard ALB instances that are in the Running state to WAF-enabled ALB instances.

      For more information about the differences among basic ALB instances, standard ALB instances, and WAF-enabled ALB instances, see Functions and features.

      Associate with EIP Bandwidth Plan

      If an ALB instance is deployed in two zones, uses the static IP mode, and is not associated with an EIP bandwidth plan, the default maximum Internet bandwidth of the ALB instance is 400 Mbit/s. If an ALB instance is deployed in two zones, uses the dynamic IP mode, and is not associated with an EIP bandwidth plan, the default maximum Internet bandwidth of the ALB instance is 400 Mbit/s, which can be increased to up to 4,000 Mbit/s. For more information, see Performance metrics.

      If you require a larger bandwidth, associate an Internet Shared Bandwidth instance with your ALB instance. If you select Associate with EIP Bandwidth Plan, you must select an Internet Shared Bandwidth instance. If no Internet Shared Bandwidth instance is available, click Purchase EIP Bandwidth Plan and purchase an Internet Shared Bandwidth instance. Then, return to the ALB buy page and click 刷新 to select the Internet Shared Bandwidth instance that you purchased.

      We recommend that you purchase a pay-as-you-go Internet Shared Bandwidth instance. For more information about how to purchase an Internet Shared Bandwidth instance, see Create an Internet Shared Bandwidth instance.

      Note

      This parameter is available only when Network Type is set to Internet.

      Billing Method

      By default, Pay-by-Data-Transfer is selected. The maximum bandwidth value is not a guaranteed value. It indicates the upper limit of bandwidth and is for reference only. In case of resource contention, the bandwidth allocated to each ALB instance may be less than the maximum bandwidth value. For more information about the billing of EIPs, see EIP billing.

      Note

      This parameter is available only if Network Type is set to Internet and Associate with EIP Bandwidth Plan is not selected.

      Instance name

      Enter a name for the ALB instance.

      Resource Group

      Select the resource group to which the ALB instance belongs.

      Notes on Creating Service Linked Roles

      A service-linked role is required the first time you create an ALB instance. The service-linked role allows the ALB instance to access cloud services and resources, such as ENIs, security groups, EIPs, and Internet Shared Bandwidth instances. For more information, see Service-linked roles for ALB.

    4. Click Buy Now and complete the payment.

    5. Return to the Instances page and select the region where the ALB instance is deployed to view the ALB instance.

    Step 2: Create a server group

    1. In the left-side navigation pane, choose ALB > Server Groups.

    2. On the Server Groups page, click Create Server Group.

    3. In the Create Server Group dialog box, configure the parameters and click Create.

      Parameter

      Description

      Server Group Type

      Select a server group type. Valid values:

      • Server: allows you to add backend servers by specifying ECS instances, ENIs, or elastic container instances.

      • IP: allows you to add backend servers by specifying IP addresses.

      • Function Compute: allows you to add backend servers by specifying functions.

      In this example, Server is selected.

      Server Group Name

      Enter a name for the server group.

      VPC

      Select the VPC where the ECS instances are deployed from the drop-down list.

      Backend Server Protocol

      Select a backend protocol. In this example, HTTP is selected.

      Scheduling Algorithm

      Select a scheduling algorithm. In this example, Weighted Round-robin is selected.

      IPv6 Support

      Select whether to enable IPv6 support. IPv6 support is disabled in this example.

      • After you enable IPv6, you can add IPv4 and IPv6 backend servers to the server group. You can set Server Group Type only to Server.

      • If IPv6 is disabled, you can add only IPv4 backend servers to the server group. You can set Server Group Type to Server, IP, or Function Compute.

      Note

      • If IPv6 is not enabled for the VPC of the server group, you cannot enable IPv6.

      • This parameter is unavailable for server groups of the IP and Function Compute types.

      • When you create a listener for an IPv4 ALB instance, you cannot add IPv6 server groups.

      Session Persistence

      After session persistence is enabled, ALB forwards requests from a client to the same backend server. In this example, session persistence is disabled.

      Persistent Connection

      Specify whether to enable the persistent TCP connection feature. The persistent TCP connection feature is disabled in this example.

      After the persistent TCP connection feature is enabled, a number of persistent TCP connections are maintained between the ALB instance and the backend servers. If the ALB instance receives a request and an idle persistent TCP connection exists, ALB preferentially uses the persistent TCP connection to forward the request to a backend server. This reduces the number of TCP handshakes and the workload on the backend servers.

      Configure Health Check

      In this example, health checks are enabled and the default health check settings are used. For more information, see Create a server group.

    4. In the Server group created dialog box, click Add Backend Server.

    5. On the Backend Servers tab, click Add Backend Server.

    6. In the Add Backend Server panel, select one or more ECS instances and click Next.

    7. Specify the ports and the weights of the backend servers and click OK.

    8. Return to the Server Groups page to view the server groups that you configured.

    Step 3: Configure a listener

    1. In the left-side navigation pane, choose ALB > Instances.

    2. On the Instances page, find the ALB instance that you want to manage and click Create Listener in the Actions column.

    3. In the Configure Listener step, set the following parameters and click Next.

      • Listener Protocol: Select a protocol for the listener. HTTP is selected in this example.

      • Listener Port: The listener port that is used to receive and forward requests to backend servers. Valid values: 1 to 65535. 80 is used in this example.

      • Listener Name: Enter a name for the listener.

      • Advanced Settings: In this example, the default advanced settings are used. You can click Modify to modify the settings. For more information about the parameters, see Add an HTTP listener.

    4. In the Select Server Group step, select a server group to receive requests forwarded by the ALB instance. Then, click Next.

    5. In the Configuration Review step, confirm the configurations and click Submit.

    6. On the Listener tab, you can view the listener that you created.

      You can add forwarding rules to the listener of the ALB instance to control how ALB forwards requests to backend servers. For more information, see Manage forwarding rules for a listener.

    (Optional) Step 4: Create a CNAME record

    ALB allows you to map common domain names to the public domain name of the ALB instance by using CNAME records. This facilitates access to network resources. For more information, see Configure a CNAME record.

    1. In the left-side navigation pane, choose ALB > Instances.

    2. On the Instances page, copy the domain name of the ALB instance.

    3. To create a CNAME record, perform the following steps:

      1. Log on to the Alibaba Cloud DNS console.

      2. On the Domain Name Resolution page, click Add Domain Name.

      3. In the Add Domain Name dialog box, enter the domain name of your host and click OK.

        Important

        Before you create the CNAME record, you must use a TXT record to verify the ownership of the domain name.

      4. In the Actions column of the domain name that you want to manage, click DNS Settings.

      5. On the DNS Settings page, click Add DNS Record.

      6. In the Add DNS Record panel, set the following parameters and click OK.

        Parameter

        Description

        Record Type

        Select CNAME from the drop-down list.

        Hostname

        Enter the prefix of your domain name.

        DNS Request Source

        Select Default.

        Record Value

        Enter the CNAME. The CNAME is the domain name of the ALB instance.

        TTL Period

        Select the time-to-live (TTL) value of the record on the DNS server. In this example, the default value is used.

        Note

        • New CNAME records immediately take effect. The time that is required for a modified CNAME record to take effect is determined by the TTL value. The default TTL value is 10 minutes.

        • If the CNAME record that you want to create conflicts with an existing record, specify another domain name.

    4. Check whether the CNAME record is valid.

      Enter the custom domain name in your browser. If you can access the application, the CNAME record is valid. For more information, see Verify a DNS record.

    Release an ALB instance

    After you release an ALB instance, you are no longer charged for the ALB instance. However, you are still charged for the backend servers.

    You cannot release an ALB instance for which deletion protection is enabled. If you want to release the ALB instance, disable Deletion Protection on the details page of the ALB instance. Otherwise, an error message is returned.

    Warning If you mapped a custom domain name to the domain name or IP address of an ALB instance and you want to release the ALB instance, you must map the custom domain name to another ALB instance to prevent service interruptions.

    1. In the left-side navigation pane, choose ALB > Instances.

    2. Find the ALB instance that you want to release and choose 更多 > Release in the Actions column.

    3. In the Release Instance message, click OK.

    References

    API references: