Getting started with Yandex Application Load Balancer
Yandex Application Load Balancer is a cloud service terminating TLS connections and routing requests to backend applications. Application Load Balancer operates at Layer 7 of the OSI model
In this tutorial, you will deploy the Application Load Balancer infrastructure and configure traffic routing to the test application backend.
This infrastructure includes:
Below we explain how to create each component individually. Alternatively, you can use the wizard to create all components at once.
Getting started
- Log in to the management console
or sign up. If you have not signed up yet, navigate to the management console and follow the on-screen instructions. - On the Yandex Cloud Billing
page, check whether you have a billing account withACTIVE
orTRIAL_ACTIVE
status. If you do not have a billing account yet, create one. - If you do not have a folder yet, create one. While creating a folder, you can also create a default virtual network with subnets in all availability zones.
Create a VM and set up a test web server on it
-
Create the
test-vm1
VM from the Ubuntu 24.04 public image in theru-central1-a
availability zone. -
If you have the Yandex Cloud CLI installed, you can connect to your VM via OS Login:
yc compute ssh --name test-vm1
-
Start a test web server listening on port
8080
:mkdir test-server; echo 'HELLO' > test-server/hello.txt; python3 -m http.server -d test-server 8080
-
Make sure your web server returns a list of subdirectories in the
test-server
directory. Open the terminal on your computer and run this command:curl --verbose <VM_public_IP_address>:8080
Create a target group
The system will deploy your application backends on the target group VM. The load balancer will distribute requests to your application backend endpoints via the target group.
In our example, the target group will consist of a single VM.
- In the management console
, select the folder where you want to create your target group. - In the list of services, select Application Load Balancer.
- In the left-hand menu, select Target groups.
- Click Create target group.
- Specify the target group name:
test-target-group
. - Select
test-vm1
. - Click Create.
If you do not have the Yandex Cloud (CLI) command line interface yet, install and initialize it.
Run this command:
yc alb target-group create test-target-group \
--target subnet-name=<VM_subnet_name>,ip-address=<VM_internal_IP_address>
Create a backend group
Backend groups contain traffic distribution rules and health check configurations for targets. Create a group and add a backend to it.
- In the left-hand menu, select Backend groups.
- Click Create backend group.
- Specify your backend group name:
test-backend-group
. - Under Backends, click Add. Specify the backend settings:
- Specify the backend name:
backend-1
. - In the Target group list, select
test-target-group
. - Set Port:
8080
.
- Specify the backend name:
- Expand Protocol settings:
- Select the
HTTP
type.
- Select the
- Click Add health check and configure health checks:
- Timeout, s:
1
. - Interval:
3
. - Healthy threshold:
2
. - Unhealthy threshold:
2
. - Type:
HTTP
. - Path:
/
.
- Timeout, s:
- Click Create.
-
Create a backend group:
yc alb backend-group create test-backend-group
-
Create a backend and a health check:
yc alb backend-group add-http-backend \ --backend-group-name test-backend-group \ --name backend-1 \ --port 8080 \ --target-group-name test-target-group \ --target-group-id <target_group_ID> \ --http-healthcheck healthy-threshold=2,unhealthy-threshold=2,timeout=1s,interval=3s,path=/
Create an HTTP router
HTTP routers implement rules for client-to-backend traffic and allow you to modify requests at the load balancer layer.
- In the left-hand menu, select HTTP routers.
- Click Create HTTP router.
- Specify the router name:
test-http-router
. - Under Virtual hosts, click Add virtual host.
- Specify the host name:
test-virtual-host
. - Click Add route.
- Set Name to
test-route
. - In the Path field, select
Starts with
and specify the/
path. - In the Action field, keep
Routing
. - From the Backend group list, select
test-backend-group
. - Do not change other settings. Click Create.
-
Create an HTTP router:
yc alb http-router create test-http-router
-
Create a virtual host:
yc alb virtual-host create test-virtual-host --http-router-name test-http-router
-
Add a route:
yc alb virtual-host append-http-route test-route \ --http-router-name test-http-router \ --prefix-path-match / \ --backend-group-name test-backend-group \ --virtual-host-name test-virtual-host
Create an L7 load balancer
A load balancer uses listeners to receive incoming requests which it then distributes across target group VMs according to the rules specified in the HTTP router.
In the following example, we will deploy a load balancer and its backend node in the same subnet and availability zone.
-
In the left-hand menu, select Load balancers.
-
Click Create L7 load balancer.
-
Specify the load balancer name:
test-load-balancer
. -
Under Network settings, select the network containing the subnet where you want to place your load balancer node.
-
Under Allocation, select a subnet in your preferred availability zone and configure it to enable incoming traffic.
Remove other availability zones by clicking
in each zone’s row. -
Under Listeners, click Add listener and specify listener settings:
- Specify the listener name:
test-listener
. - Under Public IP address, enable traffic.
- Specify the
80
port. - Select the Automatically type.
- Specify the listener name:
-
In the HTTP router field, select
test-http-router
. -
Click Create.
-
Create a load balancer and its backend node in the same subnet:
yc alb load-balancer create test-load-balancer \ --network-name <network_name> \ --location subnet-name=<subnet_name_in_ru-central1-a_zone>,zone=ru-central1-a
-
Add a listener:
yc alb load-balancer add-listener test-load-balancer \ --listener-name test-listener \ --http-router-id <HTTP_router_ID> \ --external-ipv4-endpoint port=80
Test the load balancer
In the terminal, run this command:
curl --verbose <load_balancer_public_IP_address>:80
The response must return HTTP 200
with an HTML list of test VM web root subdirectories.
Next, you can expand your target group by adding more VMs, create additional application backends, and set up routes to their endpoints.
How to delete the resources you created
To stop paying for the resources you created, delete them in the following order: