Skip to main content

Create a load balancer

If you are creating a load balancer to work with a Managed Kubernetes cluster, use the Configure a load balancer in a Managed Kubernetes cluster for Ingress or Create and configure a load balancer in a Managed Kubernetes cluster for Envoy Gateway instruction. For the load balancer to function correctly in the cluster, all operations with the load balancer must be performed using kubectl.

  1. Select the configuration and network.
  2. Create a target group.
  3. Create rules and HTTP policies.

1. Select a configuration and network

warning

The load balancer subnet must always have a free IP address for automatically recreating load balancer ports in case of issues — one for a non-redundant load balancer, two for a redundant one. If there is no free IP address, the load balancer will transition to the ERROR.
If the load balancer and servers are to be placed in the same subnet, its size must be at least /28.

  1. In the control panel, from the top menu, click Products and select Cloud Servers.

  2. Go to the Load Balancers section → Load Balancers tab.

  3. Click Create load balancer.

  4. Select the location where the load balancer will be created.

  5. Select a configuration based on the project load.

  6. Enter a load balancer name.

  7. Optional: enter a comment — any additional information about the load balancer, which will be displayed only in the Control panel.

  8. Optional: to access the load balancer logs, enable logging. Logging uses some of the load balancer's computing resources.

    8.1. Select the Collect technical load balancer logs checkbox.

    8.2. Select a log group or create a new group.

    8.3. If you selected a new group, enter its name.

  9. Select a subnet:

    • private subnet — we recommend this option. Traffic balancing will only occur within the subnet. You can attach a public floating IP address to a private address — the load balancer will be accessible from the internet via NAT; ;
    • public subnet — the load balancer will be accessible from the internet and will be able to proxy requests from the public subnet to cloud servers in the private subnet.
  10. Specify an IP address in the subnet — a free address that will be assigned to the load balancer.

  11. Optional: if you selected a private subnet in step 9, attach a public floating IP address. If there is no free IP address, create a public floating IP address. The private subnet where you are creating the load balancer must be prepared for attaching a public floating IP address.

  12. Click Next.

2. Create a target group

  1. Open the Servers tab.

  2. Optional: to change the name of the target group, click , enter the name, and click .

  3. Select the traffic destination protocol that the load balancer will use to forward traffic to the target group. The following protocol combinations for receiving traffic on the load balancer and forwarding traffic to the target group are available:

    • TCP–TCP — classic L4 load balancing;
    • TCP–PROXY — client information is not lost and is transmitted in a separate connection header;
    • UDP–UDP — the UDP protocol is faster than TCP but less reliable;
    • HTTP–HTTP — L7 load balancing;
    • HTTPS–HTTP — L7 load balancing with encryption and SSL certificate termination on the load balancer.
  4. For the selected protocol, the standard port will be selected automatically — change it if necessary. The port value will be common to all servers in the group.

  5. Select the servers to be added to the target group.

  6. Specify settings for each selected server:

    6.1. Select an IP address.

    6.2. Optional: modify the port.

    6.3. Specify the server weight — this is a proportional measure indicating the share of requests that the server processes. If the weight values are equal, the servers handle an equal number of requests. For example, if there is one server with a weight of "2" and two servers with a weight of "1" in a group, the first server will receive 50% of all requests, and the other two will receive 25% each. The maximum weight value is 256.

    6.4. Optional: to direct traffic to a server only when other servers in the group are unavailable, select the Backup checkbox.

  7. Open the Algorithm tab.

  8. Select the request distribution algorithm — Round Robin or Least connections.

  9. Optional: to enable the Sticky Sessions method, select the Sticky sessions checkbox and choose a session identifier. For the APP-cookie identifier, enter the cookie name.

  10. Open the Availability Checks tab.

  11. Select the availability check type. You cannot change the check type after creating the group.

  12. If the HTTP check type is selected, specify the request parameters — method, path, and expected response codes.

  13. Specify the check interval — the interval in seconds at which the load balancer sends check requests to the servers.

  14. Specify the connection timeout — the maximum wait time for a response in seconds, which must be less than the interval between checks.

  15. Specify the success threshold — the number of consecutive successful requests after which a server is moved to the working state.

  16. Specify the failure threshold — the number of consecutive unsuccessful requests after which server operation is suspended.

  17. Optional: to add another target group, click Add target group and configure it.

  18. Click Next.

3. Create rules and HTTP policies

  1. Select the protocol for receiving traffic on the load balancer — TCP, UDP, HTTP, or HTTPS. The Prometheus option is also available for configuring load balancer monitoring.
  1. For the selected protocol, the standard port on which the load balancer will listen for traffic will be selected automatically — change it if necessary.

  2. Optional: enter allowed CIDRs — the IP addresses from which the load balancer will accept traffic using the selected protocol and port. You can enter a subnet in CIDR format or a single IP address with a /32 mask. If you leave the field empty, the load balancer will accept traffic from any IP address. You can specify allowed IP addresses in the rule after creating the load balancer.

    If the field is missing, traffic filtering (port security) is disabled in the load balancer network.

  3. Select a target group. Available groups are those to which traffic can be balanced using the selected protocol for incoming traffic.

  4. Optional: expand the Advanced rule settings block and specify the connection settings:

    • for incoming requests to the load balancer — specify the connection timeout and maximum connections;
    • for requests from the load balancer to servers — specify the connection timeout, inactivity timeout, and TCP packet wait timeout.
  5. Optional: to add another rule, click Add rule and repeat steps 1-5. There is no limit on the number of rules.

  6. Check the final cost of the load balancer.

  7. Click Create load balancer.