Use CLB to balance loads for IPv4 services - Server Load Balancer

When applications are deployed on a single server, single points of failure (SPOFs) such as server breakdown or traffic exceeding server capacity will degrade overall system availability and user experience. Classic Load Balancer (CLB) can transform your system by distributing traffic across multiple backend servers, achieving a scalable and highly available application system.

Solution overview

Here's how to use CLB to balance loads for IPv4 services:

Create an Internet-facing CLB instance: The instance is assigned a static public IP address, enabling services to be accessed over the Internet without an elastic IP address (EIP).
Configure server groups and listeners for the CLB instance:
1. A CLB server group is a group of backend servers that handle business requests distributed by CLB. Adjust the number of backend servers to manage changing business traffic.
2. CLB listeners check for incoming requests from clients on specific protocols and ports, and forward them to the associated server group for processing.
Configure domain name resolution: CLB uses an IP address to provide services. In real-world scenarios, users typically resolve their custom domain names to their CLB instance's IP address to enable domain name-based access to the services.

The CLB service architecture is as follows:

Prerequisites

Elastic Compute Service (ECS) instances ECS01 and ECS02 are created in the same region, which is also where you will deploy a CLB instance. For zone-level high availability of your business, we recommend creating the two ECS instances in different zones.
Click to view scripts to create and deploy a sample application on ECS
On ECS01:
```
yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "Hello World ! This is ECS01." > index.html
```
On ECS02:
```
yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "Hello World ! This is ECS02." > index.html
```
A custom domain name is registered. If your ECS instances are deployed in a region within the Chinese mainland, you must obtain an Internet content provider (ICP) number for the domain name.

Procedure

Step 1: Create an Internet-facing CLB instance

Log on to the CLB console and select the region to deploy your CLB instance in the top menu bar.

Click Create CLB. On the buy page, set the parameters by referring to the following table:

Key parameters and recommended configuration

Parameter	Description	Recommendations
Region	The region where a CLB instance is located.	Select a region that supports Multi-zone deployment. Select the region where your ECS instances are deployed.
Zone Type	A CLB instance can be used in one or more zones within a region. Single zone: If this option is displayed, the region you select only supports deploying CLB in a single zone. Multi-zone: If this option is displayed, the region you select only supports deploying CLB in multiple zones. By default, CLB in the Primary Zone provides services. If the primary zone fails, the system automatically switches to CLB in the Secondary Zone to continue load balancing. For details, see Implement zone-disaster recovery (multi-zone disaster recovery).
Instance Billing Method	Pay-By-CLCU: Suitable for testing environments or business with significant traffic fluctuations. A CLB instance automatically scales its resources based on the traffic volume. Pay-By-Specification: Suitable for business with relatively stable traffic volumes. A fixed specification fee is charged.	Select Pay-By-CLCU, because you don't need to choose a specification.
Instance Type	Internet: CLB provides services using a public IP address that can be accessed by clients over the Internet. Intranet: CLB provides services within a virtual private cloud (VPC) using a private IP address and cannot forward requests from the Internet.	Select Internet.
IP Version	The version of the IP address used by CLB to provide services. IPv4: CLB uses only an IPv4 address to provide services. IPv6: CLB uses only an IPv6 address to provide services.	Select IPv4.
Internet Data Transfer Fee	Only Internet-facing CLB instances charge data transfer fees. By traffic: Suitable for business with significant traffic fluctuations. By bandwidth: Suitable for business with relatively stable bandwidth usage.	Select By traffic.

For details on CLB billing, see Pay-as-you-go.

Complete the instance purchase and creation process. Go to the Instances page in the CLB console to check the instance.

Step 2: Configure listeners and server groups

On the Instances page, click the ID of the CLB instance. On the instance details page, click the Listener tab, then click Add Listener.

Configure the listener protocol and port by referring to the following table:

Key parameters and recommended configuration

Parameter

Description

Recommendations

Select Listener Protocol

The protocol used by CLB to provide services.

TCP and UDP: commonly referred to as Layer 4 listener protocols.
HTTP and HTTPS: Commonly referred to as Layer 7 listener protocols.

Note

Layer 4 listeners: Directly forward requests to backend servers. For example, when a client request reaches CLB, a TCP listener modifies the destination IP address and destination port of the packets based on the backend port configured in the listener and forwards the traffic to the specified backend server.
Layer 7 listeners: Essentially a reverse proxy. When a client request reaches CLB, CLB establishes a new TCP connection with the backend server, accessing the backend server using the HTTP protocol through the TCP connection, instead of directly forwarding the packets to the backend server.

For more information, see Service architecture.

Select HTTP.

Note

In terms of underlying implementation, Layer 7 listeners include an additional Layer 7 processing step compared to Layer 4 listeners. Additionally, scenarios such as client port exhaustion or excessive connections to backend servers may result in suboptimal performance for Layer 7 services. Therefore, if you have high performance requirements, we recommend choosing Layer 4 listeners.

Listener Port

The port used by CLB to provide services.

Specify 80.

For detailed configuration of other parameters, see CLB listeners.

Configure a server group and add backend servers to it.
Select the servers that you want to add as backend servers.
Configure the port for applications on the backend server to provide services and click Add.
(Recommended) Keep the default configurations for health checks.
Recommended configuration for CLB health checks
CLB performs health checks to check the availability of backend servers.
After you enable this feature, if a backend server is declared unhealthy, CLB stops forwarding requests to the backend server and distributes subsequent requests to healthy ones. After the unhealthy backend server recovers, CLB distributes requests to it.
The health check feature prevents SPOFs caused by unhealthy backend servers and improves the availability of services.
Important
If your business is sensitive to traffic fluctuations, frequent health checks may affect the availability of your business.
To reduce the impacts of health checks on your business, reduce the health check frequency, increase the health check interval, or change Layer 7 health checks to Layer 4 ones.
To ensure business continuity, we recommend that you enable the health check feature.
For more information, see CLB health checks.
Confirm and submit the configurations.

Step 3: Configure domain name resolution

On the Instances page, find the CLB instance you created and copy the IP address in the IP Address column.
Add an A record to resolve your custom domain name to the CLB's IP address.
1. Log on to the Alibaba Cloud DNS console, find the domain name you want, and click DNS Settings in the Actions column.
2. Click Add DNS Record, set Record Type, Hostname, and Record Value, and keep the default values for the other parameters.
  - Record Type: Specify an A record, which points the custom domain name to an IPv4 address.
  - Host Record: Specify the domain name prefix.
  - Record Value: Enter the CLB's IP address.

Step 4: Test the load balancing effect

Use any local PC as a client that accesses your services over the Internet.

Access your custom domain name in the browser several times. The accessed server alternates between ECS01 and ECS02, as shown in the following figures.

Note

If the backend server protocol and port you configured to provide services are not the listener ones, enter the URL of your services in the address bar of the browser, for example: http://www.example.com:9000.

Disable either of the ECS instances, and if client requests can still be processed normally, this shows that CLB maintains business availability even when one backend server fails.

Subsequent operations

Delete resources

If you no longer need the resources after testing the solution described in this topic, delete them right away to avoid undesired costs.

DNS record: Log on to the Alibaba Cloud DNS console. Click the domain name, find the record, and click Delete in the Actions column to remove it.
CLB instance: Log on to the CLB console. In the Actions column for the CLB instance, choose > Release Settings, select Release Now, and confirm the action.
ECS instances and security group:
1. Log on to the ECS console. Select the region where the ECS instances are located in the top menu bar, choose an instance, click > Release in the Actions column, select Release Now in the dialog box, and confirm the action.
2. Log on to the Security Groups page of the ECS console, select the region where the security group is deployed in the top menu bar, find the security group, click Delete in the Actions column, and confirm the action.
VPC and related network resources: Log on to the VPC console, select the region where the VPC is located in the top menu bar. Click Delete in the Actions column and complete the process.

FAQs

What are the main differences between newly created Internet- and internal-facing CLB instances?

The network type of newly created internal-facing CLB instances is VPC (not classic network).

Comparison item	Internet-facing CLB	Internal-facing CLB
Internet accessibility	A static public IP address is inherently associated with an Internet-facing CLB instance, which can be accessed over the Internet. When the instance is released, you can unassociate the public IP address and retain it as an EIP for other uses.	By default, internal-facing CLB cannot be accessed over the Internet. But it can be associated with an EIP to be accessible over the Internet. EIPs can be associated with and unassociated from CLB as required.
IP address for providing services	Only uses a public IP address.	Uses a private IP address within a VPC. After associating an EIP with CLB, it also uses the EIP.
Networking	ECS instances and elastic network interfaces (ENIs) both in the local VPC and in other VPCs can be associated with CLB as backend servers.	Only ECS instances and ENIs in the local VPC can be associated with CLB as backend servers.

Note

After creation, Internet- and internal-facing CLB instances cannot be converted to one another.

How do I choose a CLB instance type based on the billing method and data transfer fees?

Refer to the following table:

Billing method	Metering method	Instance type	Internet data transfer billing method	Scenarios
Pay-as-you-go	Pay-by-LCU	Internet-facing	Pay-by-data-transfer	Workloads with periodic or large fluctuations, like gaming and video streaming. Temporary traffic spikes.
		Internal-facing	N/A
	Pay-by-specification	Internet-facing	Pay-by-data-transfer	Stable traffic volume. Temporary traffic spikes.
			Pay-by-bandwidth
		Internal-facing	N/A

For CLB instances whose Internet metering method is By bandwidth, are the upstream and downstream maximum bandwidths the same?

Yes, they are.

For example, if you have a CLB instance with a maximum bandwidth of 20 Mbit/s, both the upstream and downstream maximum bandwidths are 20 Mbit/s.

What are the differences between specifications for CLB instances whose Internet metering method is By specification?

Different CLB instance specifications offer varying traffic processing performance. Key performance metrics include maximum connections, connections per second (CPS), and queries per second (QPS). For more information, see High-performance CLB instances.

Does CLB support migration between VPCs?

No, it does not.

If you want CLB services in another VPC, create a CLB instance in it.

Does CLB support forwarding traffic to non-Alibaba Cloud Internet-facing servers?

No, CLB currently only supports Alibaba Cloud's ECS instances, ENIs, and Elastic Container Instances as backend servers.

Can I associate ECS instances created with another account to CLB as backend servers?

No, CLB only supports adding backend servers created with the same account.

Can an EIP be associated with both an internal-facing CLB and a NAT Gateway at the same time?

No, an EIP can only be associated with one cloud resource at a time.

References

For CLB use scenarios and components, see What is CLB?
For CLB features, see Features.
Regions in which CLB is available.
CLB billing.