Moving a VM to a target group in a new availability zone

To move an L7 load balancer backend VM to a target group in a new availability zone:

1. Enable load balancer traffic in the new availability zone:

   Management console

   CLI

   Terraform

   API

   1. In the management console, select the folder with your load balancer.
   2. Select Application Load Balancer.
   3. Click next to the load balancer you need, then select Edit.
   4. In the window that opens, under Allocation, enable traffic in the availability zone where you plan to move your VM.
   5. Click Save.

   If you do not have the Yandex Cloud CLI yet, install and initialize it.

   The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id settings.

   1. See the description of the CLI command for enabling load balancer traffic:

      yc application-load-balancer load-balancer enable-traffic --help
      

   2. Get a list of all L7 load balancers in the default folder:

      yc application-load-balancer load-balancer list
      

      Result:

      +----------------------+-----------------------+-------------+----------------+---------+
      |          ID          |         NAME          |  REGION ID  | LISTENER COUNT | STATUS  |
      +----------------------+-----------------------+-------------+----------------+---------+
      | ds732hi8pn9n******** |      sample-alb1      | ru-central1 |              1 |  ACTIVE |
      | f3da23i86n2v******** |      sample-alb2      | ru-central1 |              1 |  ACTIVE |
      +----------------------+-----------------------+-------------+----------------+---------+
      

   3. Enable traffic in the new availability zone:

      yc application-load-balancer load-balancer enable-traffic <load_balancer_name> \
        --zone <availability_zone>
      

      Where --zone is the availability zone where you plan to move your VMs.

      Result:

      id: ds7pmslal3km********
      name: sample-alb1
      folder_id: b1gmit33ngp3********
      status: ACTIVE
      region_id: ru-central1
      network_id: enpn46stivv8********
      allocation_policy:
        locations:
          - zone_id: ru-central1-a
            subnet_id: e9bavnqlbiuk********
            disable_traffic: true
          - zone_id: ru-central1-b
              subnet_id: e2lgp8o00g06********
          - zone_id: ru-central1-d
              subnet_id: b0cv501fvp13********
      log_group_id: ckgah4eo2j0r********
      security_group_ids:
        - enpdjc5bitmj********
      created_at: "2023-08-09T08:34:24.887765763Z"
      log_options: {}
      

   If you do not have Terraform yet, install it and configure the Yandex Cloud provider.

   1. Open the Terraform L7 load balancer configuration file and, under allocation_policy, specify the new availability zone and the ID of the previously created subnet:

      ...
        allocation_policy {
          location {
            zone_id   = [
              "<previous_availability_zone>",
              "<new_availability_zone>"
            ]
            subnet_id = [
              "<subnet_ID_in_previous_availability_zone>",
              "<ID_of_subnet_in_new_availability_zone>"
            ]
          }
        }
      }
      ...
      

      Where:

      • zone_id: Availability zones where the load balancer will receive traffic.
      • subnet_id: IDs of the subnets in these availability zones.

      For more information about resource properties in Terraform, see the relevant provider documentation.

   2. Apply the changes:

      1. In the terminal, change to the folder where you edited the configuration file.

      2. Make sure the configuration file is correct using the command:

         terraform validate
         

         If the configuration is correct, the following message is returned:

         Success! The configuration is valid.
         

      3. Run the command:

         terraform plan
         

         The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

      4. Apply the configuration changes:

         terraform apply
         

      5. Confirm the changes: type yes in the terminal and press Enter.

      The load balancer will start receiving traffic in the new availability zone. You can check this in the management console or using this CLI command:

      yc alb load-balancer get <load_balancer_name>
      

   Use the update REST API method for the LoadBalancer resource or the LoadBalancerService/Update gRPC API call.

2. Set up a security group for the load balancer if needed. For proper load balancer operation, its security groups must allow outbound connections to the subnet addresses in your VM’s new availability zone.

3. Move your VM to the new availability zone.

4. Add your VM to the load balancer target group and delete its old entry.

5. Make sure the load balancer identifies your VM status as HEALTHY:

   Management console

   API

   1. In the management console, select the folder with your load balancer.
   2. Select Application Load Balancer.
   3. Select the load balancer you need.
   4. Navigate to the Health checks tab.
   5. Expand the list of targets. Make sure the target group VMs have the HEALTHY status.

   Use the getTargetStates REST API method for the LoadBalancer resource or the LoadBalancerService/GetTargetStates gRPC API call.

   The load balancer will not recognize a VM status as HEALTHY immediately after adding it to the target group. This may take a few minutes depending on your backend settings.

   If the load balancer consistently identifies your VM status as UNHEALTHY over an extended period, check its security group configuration.