NLB server groups - Server Load Balancer - Alibaba Cloud Documentation Center

Server groups route client requests to backend servers. When you add a listener, you must specify a server group. The listener accepts client connection requests on the configured protocol and port and forwards the traffic to the server group. Network Load Balancer (NLB) uses health checks to determine the availability of backend servers.

NLB server group types and descriptions

Server group type	Backend server type	Description
Server	Supports Elastic Compute Service (ECS) instances, elastic network interfaces (ENIs), and Elastic Container Instance (ECI) instances as backend servers.	The added cloud servers must be in the same Virtual Private Cloud (VPC) as the server group to receive requests forwarded from the NLB instance.
IP	Supports IP addresses as backend servers.	The IP addresses are not limited to the CIDR block of the VPC where the server group resides. You can add IP addresses of servers across regions, across VPCs, or in on-premises data centers. The IP addresses act as backend services to receive requests forwarded from the NLB instance. Add IP addresses that are within the CIDR block of the VPC where the server group resides. The NLB instance forwards requests to servers within this VPC. Add IP addresses of servers across regions, across VPCs, or in on-premises data centers. The NLB instance must work with other products, such as Cloud Enterprise Network (CEN), to forward requests to servers in other VPCs or on-premises data centers. Note Only private IP addresses are supported. Public IP addresses are not supported.

Important

NLB does not automatically update backend server information when a backend server of an NLB instance is released or its private IP address is changed. To prevent service disruptions, you must remove the backend server from the NLB server group before you release or modify it.

Create a server group

Log on to the NLB console.
In the top navigation bar, select the region in which the NLB instance is deployed.
In the left-side navigation pane, choose NLB > Server Groups.
On the Server Groups page, click Create Server Group.

In the Create Server Group dialog box, set the following parameters and click Create.

Configuration	Description
Server Group Type	Select a server group type: Server: Supports ECS, ENI, and ECI instances as backend servers. IP: Supports IP addresses as backend servers. Note Only private IP addresses are supported. Public IP addresses are not supported.
VPC	Select a VPC from the drop-down list.
Backend Server Protocol	Select a backend protocol: TCP: Associate with TCP and TCP/SSL listeners. UDP: Associate with UDP listeners.
Scheduling Algorithm	Select a scheduling algorithm: Round-robin: Distributes requests to backend servers in sequence. Weighted Round-robin (Default): Backend servers with higher weights receive more requests. Source IP Hash: Uses consistent hashing based on source IP addresses. Requests from the same source IP address are scheduled to the same backend server. Four-tuple Hash: Uses consistent hashing based on four-tuples (source IP, destination IP, source port, and destination port). Packets from the same stream are scheduled to the same backend server. QUIC ID Hash: Uses consistent hashing based on QUIC IDs. Requests with the same QUIC ID are hashed to the same backend server. Important QUIC is implemented based on draft-ietf-quic-transport-10 and iterates rapidly. Therefore, compatibility is not guaranteed for all QUIC versions. We recommend that you perform tests before you apply the protocol to a production environment. Weighted Least Connections: Distributes requests based on both the weight and the number of active connections of each backend server. If backend servers have the same weight, the server with the fewest active connections receives more requests. Note You can select QUIC ID hash only when the backend protocol is UDP.
Select Resource Group	Select a resource group.
Tags	Set a Tag Key and a Tag Value.
IPv6	Select whether to enable IPv6 attachment. If you enable IPv6 attachment, the server group can have IPv4 and IPv6 backend servers. If you do not enable IPv6 attachment, the server group can have only IPv4 backend servers. Note If IPv6 is not enabled for the VPC selected for the server group, IPv6 attachment is disabled by default.
Connection Draining	Select whether to enable connection draining. This feature is disabled by default. If you enable connection draining, you must set Connection Draining Timeout. The value ranges from 0 to 900 seconds. A value of 0 indicates that connections are immediately interrupted. When a backend server is removed or fails a health check: By default, connection draining is disabled. Existing connections are not actively interrupted. They are interrupted only when the client actively disconnects or the persistent connection session expires. If you enable connection draining, existing connections can be transmitted normally for a period of time. After the timeout period ends, the connections are actively interrupted. This ensures smooth service unpublishing.
Client IP Preservation	Enable or disable client IP address preservation. After you enable this feature, backend servers can retrieve client source IP addresses. If you disable this feature, backend servers can access the NLB instance as clients. To retrieve client source IP addresses, enable Proxy Protocol for the listener. Note If you enable client IP address preservation, server groups of the IP type do not automatically carry client source IP addresses. You must enable Proxy Protocol for the listener to retrieve source IP addresses.
Port Forwarding For All Ports	Specify whether to enable multi-port forwarding. If you enable this feature, you do not need to specify a port when you add a backend server because NLB forwards traffic to the backend server based on the port of the frontend request. Note If you enable the All Ports feature for your listener, you must enable this feature for the backend server group.
Health Check	Enable or disable health checks.
Health Check Configuration	If you enable health checks, click Edit to modify the health check configuration.
Health Check Protocol	Select a health check protocol: TCP (Default): Checks whether the server port is active by sending SYN handshake packets. HTTP: Checks whether the application on the server is healthy by sending HEAD or GET requests to simulate browser access. UDP: Obtains status information by sending ICMP Echo Request and UDP probe packets. Note You can select UDP for Health Check Protocol only when the backend protocol of the server group is UDP.
Health Check Method	Select a health check method: GET: If a response packet is larger than 8 KB, it is truncated. This does not affect the health check result. HEAD: The HEAD method is used for HTTP health checks by default. Make sure that your backend servers support HEAD requests. If your backend application servers do not support the HEAD method or the HEAD method is disabled, health checks may fail. In this case, use the GET method for health checks. Note This parameter takes effect only when the health check protocol is HTTP.
Health Check Protocol Version	Select an HTTP version: HTTP1.0 (default) or HTTP1.1. Note The health check protocol version must be the same as the HTTP version supported by the backend application. Otherwise, health checks fail. If a backend server: Supports only HTTP 1.0, you must select HTTP 1.0 as the health check protocol version. Supports only HTTP 1.1, you must select HTTP 1.1 as the health check protocol version. Supports both HTTP 1.0 and HTTP 1.1, you can select either version. This parameter takes effect only when the health check protocol is HTTP.
Health Check Port	Select the probe port that the health check service uses to access the backend server. Backend Server Port: The health check uses the ports of the backend servers by default. Custom Port: Specify a port for health checks. Note If you enable port forwarding for all ports, you must specify a port for health checks.
Health Check Path	Enter the URL of the health check page. Note This parameter takes effect only when the health check protocol is HTTP.
Health Check Domain Name	Enter the domain name for health checks. Backend Server Internal IP (Default): Use the private IP address of the backend server as the domain name for health checks. Custom Domain Name: Enter a domain name. Note This parameter takes effect only when the health check protocol is HTTP.
Health Check Status Codes	Select the status codes that indicate a successful health check. You can select http_2xx (default), http_3xx, http_4xx, and http_5xx. Note This parameter takes effect only when the health check protocol is HTTP.
Custom Request/response	When you configure a health check for a UDP listener, you can enable Custom Request/response. Then, enter the request content in the Custom Request field (for example, youraccountID) and the expected response in the Custom Response field (for example, slb123). You must also add the corresponding health check acknowledgement logic to the application on the backend server. For example, when the application receives a request that contains youraccountID, it must return a response that contains slb123. If the NLB instance receives the expected response from the backend server, the health check is successful. Otherwise, the health check fails. This method ensures the reliability of UDP health checks. Note This parameter takes effect only when the health check protocol is UDP.
Response Timeout Period	Enter the period for which to wait for a response from a health check. If a backend server does not return a response within the specified period, the health check fails.
Health Check Interval	Enter the interval at which to perform health checks. Note If the Health Check Protocol is UDP, you must set Interval to be greater than or equal to Response Timeout. This ensures that UDP probe packets are not considered unresponsive due to a timeout.
Healthy Threshold	The number of consecutive successful health checks required to change the status of a backend server from unhealthy to healthy.
Unhealthy Threshold	The number of consecutive failed health checks required to change the status of a backend server from healthy to unhealthy.

Add cloud servers as backend services

If you create a server group of the Server type, you must add backend servers to process forwarded requests. You cannot attach the same ECS, ENI, or ECI instance to a server group that has port forwarding enabled for all ports.

On the Server Groups page, find the server group that you want to manage and use one of the following methods to go to the Backend Servers page.
- In the Actions column, click Modify Backend Server.
- Click the server group ID. On the server group details page, click the Backend Servers tab.
On the Backend Servers tab, click Add Backend Server.
In the Add Backend Server panel, select a Server Type, and click Next.
- For Server type, select Cloud Service ECS/Elastic Network Interface (ENI). Then, select the target server or click Purchase ECS Instance in the upper-right corner.
  Note
  To select an ENI, ensure that a secondary ENI is attached to the target ECS instance and the Advanced Mode switch is enabled. Then, click the icon to the right of the target ECS instance ID and select an ENI.
- If the server type is Elastic Container Instance ECI, select the target server or click Purchase Elastic Container Instance in the upper-right corner.
Configure the port and weight for the server and click OK.
Note
If multi-port forwarding is enabled for a server group, you do not need to specify a port when you add a backend server. NLB forwards traffic to backend servers based on the port of the frontend request.
The default weight is 100. A server that has a higher weight receives more requests.
You can hover over the icon to modify the weights and ports of servers in bulk:
- Click Copy Down: If you modify the weight or port of the current server, the weights or ports of all servers below it are also changed.
- Click Copy Up: If you modify the weight or port of the current server, the weights or ports of all servers above it are also changed.
- Click Copy All: If you modify the weight or port of the current server, the weights or ports of all servers in the server group are also changed.
- Click Reset:
  - Click Reset next to Weight: Resets the weights of all servers in the server group to the default value.
  - Click Reset next to Port: Clears the port numbers of all servers in the server group.
Warning
If you set the weight to 0, the server no longer receives new requests.

Add IP addresses as backend services

If you create a server group of the IP type, you must add IP addresses as backend services to process forwarded requests. You cannot add the same IP address to a server group that has port forwarding enabled for all ports.

Note

You cannot add VIPs of NLB instances in the same VPC or VIPs of ALB instances created in the same VPC after .
Only private IP addresses are supported. Public IP addresses are not supported.

On the Server Groups page, find the server group that you want to manage and use one of the following methods to add an IP address.
- In the Actions column, click Modify Backend Server.
- Click the server group ID.
On the backend server group details page, click the Backend Servers tab, and click Add IP Address.
On the Select Servers tab of the Add Backend Server panel, enter an IP address and click Next.
You can configure multiple ports and weights for the added IP address.
On the Ports/Weights tab, set the port and weight for the added IP address, and then click OK.
Note
If multi-port forwarding is enabled for a server group, you do not need to specify a port when you add a backend server. NLB forwards traffic to backend servers based on the port of the frontend request.
The default weight is 100. A server that has a higher weight receives more requests.
You can hover over the icon to modify the weights and ports of servers in bulk:
- Click Copy Down: If you modify the weight or port of the current server, the weights or ports of all servers below it are also changed.
- Click Copy Up: If you modify the weight or port of the current server, the weights or ports of all servers above it are also changed.
- Click Copy All: If you modify the weight or port of the current server, the weights or ports of all servers in the server group are also changed.
- Click Reset:
  - Click Reset next to Weight: Resets the weights of all servers in the server group to the default value.
  - Click Reset next to Port: Clears the port numbers of all servers in the server group.
Warning
If you set the weight to 0, the server no longer receives new requests.

More operations

Operation	Procedure
Edit the basic information of a server group	On the Server Groups page, find the target server group, click Modify Basic Information, and in the Modify Basic Information dialog box, modify the scheduling algorithm, connection draining, and client IP persistence parameters.
Edit health checks	On the Server Groups page, find the target server group and click Modify Health Check Settings. In the Modify Health Check Settings dialog box, modify the health check configuration parameters. Warning After you disable health checks, NLB no longer checks the health status of backend servers. If a backend server fails, NLB cannot automatically switch traffic to other normal backend servers. If you increase the health check interval, it will take longer for NLB to detect a failed backend server.
Remove a backend server	You can remove backend servers from a server group as needed. Warning Directly removing a backend server from a server group may cause business interruptions. First, set the weight of the backend server to 0, and then remove it from the server group. On the Server Groups page, click the target server group instance ID. Click the Backend Servers tab, find the target server, click Remove, and then click OK.
Delete a server group	You can delete a server group if it is not associated with any listener forwarding rules. Deleting a server group does not affect the servers. If you no longer need a registered ECS, ENI, or ECI instance, you can stop or release the instance. On the Server Groups page, find the target server group, select > Delete in the Actions column, and then click OK.

References

CreateServerGroup: Creates a server group for an NLB instance.
DeleteServerGroup: Deletes a server group for an NLB instance.
AddServersToServerGroup: Adds backend servers to a server group of an NLB instance.
RemoveServersFromServerGroup: Removes backend servers from a server group of an NLB instance.
UpdateServerGroupAttribute: Updates the configurations of a server group for an NLB instance.