Alibaba Cloud Network Load Balancer (NLB) supports TCP, UDP, and SSL over TCP, and provides high-performance Layer 4 load balancing capabilities. This topic describes how to create an NLB instance to forward client requests to backend IPv4 services.
Prerequisites
A virtual private cloud (VPC) is created in the China (Shanghai) region and a vSwitch is created in each of Zone E and Zone G. In this example, the VPC is named VPC1 and the vSwitches are named VSW1 and VSW2. For more information, see Create a VPC and a vSwitch.
An Elastic Compute Service (ECS) instance (ECS01) is deployed in VSW1 and another ECS instance (ECS02) is deployed in VSW2.
For more information about how to create an ECS instance, see Create an instance by using the wizard.
The following commands show how to deploy applications on ECS01 and ECS02:
A domain name is registered, and an Internet content provider (ICP) number is obtained for the domain name. For more information, see Register a domain name on Alibaba Cloud and Overview.
The following table describes the configurations of VPC1. The configurations are for reference only.
The following table describes the configurations of ECS01 and ECS02. The configurations are for reference only.
Step 1: Create an NLB instance
- Log on to the NLB console.
In the top navigation bar, select the region in which the NLB instance is deployed.
On the Instances page, click Create NLB.
On the NLB (Pay-As-You-Go) International Site page, configure the parameters. Click Buy Now.
The following table describes only some of the parameters. Keep the default values for other parameters. For more information, see Create and manage an NLB instance.
Parameter
Description
Region
Select the region in which you want to create the NLB instance.
Network Type
Select a network type for the NLB instance. The system assigns public or private IP addresses to the NLB instance based on the selected network type. Internet is selected in this example.
VPC
Select the VPC where you want to deploy the NLB instance.
Zone ID
Select at least two zones. In this example, Shanghai Zone E and Shanghai Zone G are selected, and a vSwitch in each zone is selected.
IP Version
Select an IP version. In this example, IPv4 is selected.
Instance Name
Enter a name for the NLB instance.
Resource Group
Select a resource group for the NLB instance.
Service-linked Role
The first time you create an NLB instance, click Create Service-linked Role to create the AliyunServiceRoleForNlb service-linked role. The role is assigned the AliyunServiceRolePolicyForNlb policy, which allows NLB to access other cloud services. For more information, see System policies for NLB.
Step 2: Create a server group
In the left-side navigation pane, choose .
On the Server Group page, click Create Server Group.
In the Create Server Group dialog box, configure the parameters and click Create. The following table describes the parameters.
The following table describes only the key parameters. Other parameters use the default values. For more information, see Create and manage a server group.
Parameter
Description
Server Group Type
Select a server group type. In this example, Server Type is selected.
Server Group Name
Enter a name for the server group.
VPC
Select a VPC from the VPC drop-down list. Only servers in the VPC can be added to the server group.
Backend Server Protocol
Select a backend protocol. Valid values: TCP, UDP, SSL over TCP. In this example, TCP is selected.
Scheduling Algorithm
Select a scheduling algorithm. In this example, Weighted Round-robin is selected.
Health Check
Health checks are enabled by default. In this example, the default setting is used.
Click the ID of the server group to go to the Backend Servers tab.
Click Add Backend Server . In the Add Backend Server panel, select ECS01 and ECS02 and click Next.
In the Ports/Weights step, specify port 80, use the default weight 100, and then click OK.
Step 3: Configure a listener
In the left-side navigation pane, choose .
On the Instances page, find the NLB instance that you want to manage and click Create Listener.
On the Configure Server Load Balancer page, configure the parameters and click Next.
The following table describes only some of the parameters. Keep the default values for other parameters. For more information, see Add a TCP listener.
Parameter
Description
Select Listener Protocol
Select a listener protocol. In this example, TCP is selected.
Listener Port
Specify the listener port to receive and forward requests to backend servers. In this example, port 80 is selected.
Listener Name
Enter a name for the listener.
Advanced Settings
In this example, the default settings are used. You can click Modify to modify the settings.
In the Server Group step, select a Server Type and select a server group from the drop-down list next to Server Type, view the backend servers, and then click Next.
In the Confirm step, confirm the configurations and click Submit.
Click OK to return to the Listener tab. After the status of the listener in the Health Check Status changes to Healthy, ECS01 and ECS02 can forward requests from the NLB instance.
Step 4: Create a DNS record
In actual business scenarios, we recommend that you use CNAME records to map custom domain names to the domain name of your NLB instance.
In the left-side navigation pane, choose .
On the Instances page, copy the domain name of the NLB instance that you want to manage.
Perform the following steps to create a CNAME record:
NoteIf your domain name is not registered by using Alibaba Cloud Domains, you must add your domain name to Alibaba Cloud DNS before you can configure a DNS record. For more information, see Manage domain names. If your domain name is registered by using Alibaba Cloud Domains, skip this step.
Log on to the Alibaba Cloud DNS console.
On the Authoritative DNS Resolution page, find your domain name and click DNS Settings in the Actions column.
On the DNS Settings tab of the domain name details page, click Add DNS Record.
In the Add DNS Record panel, configure the parameters and click OK. The following table describes the parameters.
Parameter
Description
Record Type
Select CNAME from the drop-down list.
Hostname
The prefix of the domain name. In this example, @ is entered.
NoteIf the domain name is a root domain name, enter @.
DNS Request Source
Select Default.
Record Value
Enter the CNAME, which is the domain name of the NLB instance.
TTL
Specify a time-to-live (TTL) value for the CNAME record to be cached on the DNS server. In this example, the default value is used.
Step 5: Verify the results
Test the availability of the NLB instance.
In this example, a Linux client that has Internet access is used. If you use CentOS and telnet is not installed, run the
yum install -y telnet
command to install telnet.Run the
telnet Domain name Port
command. If the response packet includes Connected to nlb-..., the NLB instance can forward requests to backend servers.Trying *.*.*.*... Connected to www.example.com. Escape character is '^]'.
Access the domain name from a browser, such as
http://domain name
. If you can receive a response packet as shown in the following figure, the NLB instance can forward requests to backend servers.
(Optional) Simulate faults.
Stop the application on ECS01. Run the
systemctl stop nginx.service
command on ECS01 to stop the application.Run the
telnet Domain name Port
command on your client again to test whether you can receive a response packet that includes Connected to nlb-....Trying *.*.*.*... Connected to www.example.com. Escape character is '^]'.
Access the domain name from a browser, such as
http://domain name
. If you can receive a response packet as shown in the following figure, the NLB instance can forward requests to backend servers.Start the application on ECS01 and stop the application on ECS02. Run the
systemctl start nginx.service
command on ECS01 to restart the application, and run thesystemctl stop nginx.service
command on ECS02 to stop the application.Run the
telnet Domain name Port
on your client again to test whether you can receive a response packet that includes Connected to nlb-....Trying *.*.*.*... Connected to www.example.com. Escape character is '^]'.
Access the domain name from a browser, such as
http://domain name
. If you can receive a response packet as shown in the following figure, the NLB instance can forward requests to backend servers.The preceding tests show that single points of failure (SPOFs) caused by a single server does not compromise the availability of the NLB instance.
Release resources
Release the ECS instances and the security groups.
Delete ECS01 and its security group.
Log on to the ECS console. In the top navigation bar, select the region in which ECS01 instance resides, and click the icon on the right side of ECS01. In the dialog box that appears, select Release to immediately release the instance.
Log on to the ECS console. In the top navigation bar, select the region in which ECS01 resides, select the security group of ECS01, and then click Delete to delete the security group.
Repeat the preceding steps to delete ECS02 and its security group.
Delete the DNS record.
For more information, see Delete a DNS Record.
Release NLB resources.
Log on to the ECS console. In the top navigation bar, select the region where the NLB instance resides, and click the icon on the right of the NLB instance. In the dialog box that appears, select Release and click OK.
Log on to the NLB console. In the top navigation bar, select the region in which the NLB instance resides. On the Server Groups page, click the icon on the right side of the server group. In the dialog box that appears, select Delete and click OK.
Release VPC resources.
Log on to the VPC console. In the top navigation bar, select the region where the VPC resides.
Click Delete in the Actions column and select Forcefully Delete to delete the VPC and the vSwitches.
References
For more information about the use scenarios and components of NLB, see What is NLB?
For more information about the features of NLB, see Functions and features.
For more information about NLB quotas and how to increase quotas, see Limits.
For more information about the regions in which NLB is available, see Regions that support NLB.
For more information about the billing of NLB, see NLB billing.