Integrating an instance group with Network Load Balancer or Application Load Balancer
Using Yandex Network Load Balancer and Yandex Application Load Balancer, you can evenly distribute the workload across Yandex Compute Cloud VM instances. An instance group can be integrated with these services: Compute Cloud will automatically create a Network Load Balancer or Application Load Balancer target group from this instance group and perform monitoring so that unhealthy instances are not added to the group.
How integration works
Creating a target group
In Yandex Cloud load balancing services, a target group is a set of resources where your network applications are running. The load balancer the target group is linked to distributes incoming requests across its resources. To learn more about target groups, see the Network Load Balancer and Application Load Balancer documentation.
Target groups usually include Compute Cloud VM instances. This allows you to set up an instance group so that a Network Load Balancer or Application Load Balancer target group could be created automatically from it. The target group created this way will be associated with the instance group:
- When an instance is added to the instance group or restarted after being stopped, it is added to the target group.
- When an instance is stopped or removed from the instance group, it is removed from the target group.
To make sure the target group starts receiving traffic, link it to a load balancer. Compute Cloud does not do that automatically.
- The Network Load Balancer target group should be linked to the load balancer directly.
- The Application Load Balancer target group should be linked to a backend group and the backend group, to the load balancer, either directly or via an HTTP router, depending on the load balancing type. For more information, see our guides for managing Application Load Balancer resources.
Health checks from load balancers
Once a target group is linked to a load balancer, it sends health checks to the group instances to find out which of them are healthy and which are not when distributing traffic. To learn more about health checks, see the Network Load Balancer and Application Load Balancer documentation.
An instance added to the instance group or restarted after being stopped gets into the target group and is assigned the OPENING_TRAFFIC
status in the instance group, and the load balancer starts sending health checks to it. If the instance passes the required number of health checks (the healthy threshold set in the health check settings), the load balancer considers it healthy and the instance starts receiving traffic from the load balancer and switches to the RUNNING_ACTUAL
status.
By default, the instance may be in the OPENING_TRAFFIC
status for an unlimited time until it gets healthy. You can limit this time in the integration settings (the max_opening_traffic_duration
field). In this case, Compute Cloud will automatically recover the instance that is not receiving any traffic for too long since it has been added to the group or started. For more information about instance recovery, see Auto-healing specifics.
You can disable load balancer health checks using the ignore_health_checks
parameter. In this case, the checks will not affect the instance group in any way. Negative check results will not prompt the instances to autoheal, and the group will receive no traffic from load balancers.
Ignoring load balancer health checks
Ignoring health checks may be useful in blue-green deployments, e.g.:
-
There are two instance groups connected to the load balancer that serve as target groups:
- The blue one hosts the stable version of the app available to users. Instance Groups automatically restores instances in this group if they fail load balancer health checks.
- The green one is used to test the next application version. This group is set up to ignore load balancer health checks.
-
Load balancer health checks are intentionally configured so that the green instances fail them and receive no user traffic. However, these checks have no effect on the deployment of instances in the group. User traffic only goes to the blue group instances.
-
To transfer user traffic to the new app version tested in the green group:
- Load balancer health checks are reconfigured for the green instances to pass them and start receiving user traffic.
- To enable autohealing for green instances that fail load balancer health checks, ignoring health checks is disabled in this group.
- Load balancer health checks are reconfigured for the blue instances to fail them and stop receiving user traffic.
- In the blue group, ignoring load balancer health checks is enabled.
Now the blue instance group will be used for testing, and the green one will receive user traffic.
Settings
You can integrate an instance group with Network Load Balancer or Application Load Balancer in the management console or describe the integration in the group's YAML specification to provide the specification through the Yandex Cloud CLI or API. You can specify the settings when creating or updating a group.
An instance group can only be integrated with one of the services: either Network Load Balancer or Application Load Balancer. You cannot set up integration of an instance group with both services at the same time.
Below, you can find the descriptions of the fields with the settings from the YAML specification and their respective fields in the management console.
Settings for integration with Network Load Balancer
load_balancer_spec:
target_group_spec:
name: "ig-tg"
description: "Instance group as target group"
labels:
foo: "baz"
bar: "baz"
max_opening_traffic_duration: 30s
ignore_health_checks: false
The fields and options in the management console are located under Integration with Network Load Balancer on the instance group creation and editing pages.
YAML key Management console field or option |
Description |
---|---|
load_balancer_spec Create target group |
Settings for instance group integration with Network Load Balancer. If the key is missing in the YAML specification or the option is disabled in the management console, the group will not be integrated with Network Load Balancer. |
target_group_spec |
Parameters of a Network Load Balancer target group created from the instance group. |
name Name of the target group |
Name of the target group. |
description Description of the target group |
Description of the target group. |
labels |
Target group labels in <label_name>: <label_value> format. |
max_opening_traffic_duration Traffic timeout |
Time during which a new instance in the group must pass the health check from the load balancer. Possible values: 0 and 1+ sec. The default value is 0 (unlimited). For more information, see Health checks from load balancers. |
ignore_health_checks |
Ignore load balancer health checks. The possible values are true or false . |
Settings for integration with Application Load Balancer
application_load_balancer_spec:
target_group_spec:
name: "ig-tg"
description: "Instance group as target group"
labels:
foo: "baz"
bar: "baz"
max_opening_traffic_duration: 30s
ignore_health_checks: false
The fields and options in the management console are located under Integration with Application Load Balancer on the instance group creation and editing pages.
YAML key Management console field or option |
Description |
---|---|
application_load_balancer_spec Create target group |
Settings for instance group integration with Application Load Balancer. If the key is missing in the YAML specification or the option is disabled in the management console, the group will not be integrated with Application Load Balancer. |
target_group_spec |
Parameters of an Application Load Balancer target group created from the instance group. |
name Name of the target group |
Name of the target group. |
description Description of the target group |
Description of the target group. |
labels |
Target group labels in <label_name>: <label_value> format. |
max_opening_traffic_duration Traffic timeout |
Time during which a new instance in the group must pass the health check from the load balancer. The possible values are 0 and 1+ sec. The default value is 0 (unlimited). For more information, see Health checks from load balancers. |
ignore_health_checks |
Ignore load balancer health checks. The possible values are true or false . |