HTTP routers
An HTTP router defines the routing rules for HTTP requests to backend groups.
You can only set HTTP routers for listeners of the HTTP type. If a listener accepts pure
TCP traffic (Stream type), a backend group is explicitly specified for it.
If an HTTP router is used in at least one load balancer, you cannot delete it. First, you need to delete it from all load balancers.
Using HTTP router settings, you can modify request and response headers and generate small static responses directly in the load balancer. You can create an empty HTTP router and then add routes to it.
Routes inside an HTTP router are combined in virtual hosts. Routing is a two-step process.
-
The most suitable virtual host is selected based on the
Hostheader (:authorityif using HTTP/2). -
The first route whose predicate matches the request is selected. The order of virtual hosts inside the router doesn't matter. However, the order of routes inside the virtual host matters: the most specific routes must be at the top of the list.
Virtual hosts
Virtual hosts consolidate routes belonging to the same set of domains, i.e., the Host (:authority) header values of an HTTP request. Both exact matches and wildcards are supported. When an incoming request is received, the balancer checks route predicates one-by-one and selects the first predicate matching the request.
The load balancer routes traffic to the backend that refers to various resources. These resources may be vulnerable to external threats. You can protect your resources using Yandex Smart Web Security by connecting a security profile to the virtual host.
When an Application Load Balancer Ingress controller manages the load balancer, connect the security profile using an Ingress resource annotation.
The modifications of the HTTP headers of requests and responses are also configured at the virtual host level.
Routes
Routes are sets of conditions (predicates) that are used by the load balancer to select a route for the request and actions on the request. Possible conditions and actions depend on the route type.
Route types
HTTP routers support two types of routes, HTTP and gRPC:
-
HTTP routes process HTTP requests over HTTP/1.1 and HTTP/2.
You can specify a full request path or its beginning, an RE2 regular expression, or a request method (GET, POST, etc.) as a route condition.
You can perform one of the actions with the request that satisfies the conditions:
-
Send the request to a HTTP backend group for processing. In this case, you can configure request processing timeouts:
-
Timeout: Maximum lifetime of an HTTP connection between a load balancer node and the backend, with or without data being transferred. The default value is
60. -
Idle timeout: Maximum connection lifetime with no data being transferred. There is no default value. If the timeout is not specified, it is ignored.
If either an active or idle connection times out, the load balancer will return the
504 Gateway Timeoutcode.
In addition to timeouts, you can add WebSocket support or enable URI modification before sending the request to the backends.
-
-
Redirect the request to another address with the selected response code and request URI modifications. In this case, you can modify the path (completely or partially), delete query parameters, and change the host, port, and schema.
-
Immediately return a static response.
-
-
gRPC routes are designed for processing gRPC requests (remote procedure calls) over HTTP/2.
You can specify the beginning of a method, or the full method name (FQMN, fully qualified method name), or a RE2 regular expression as a condition for a gRPC route. The value must start with a slash
/.You can perform one of the actions with the request that satisfies the conditions:
- Sending a request to a gRPC backend group for processing. In this case, you can replace the Host header and configure timeouts to process the request.
- Immediately return a static response.