Yandex Cloud
Search
Contact UsGet started
  • Blog
  • Pricing
  • Documentation
  • All Services
  • System Status
    • Featured
    • Infrastructure & Network
    • Data Platform
    • Containers
    • Developer tools
    • Serverless
    • Security
    • Monitoring & Resources
    • ML & AI
    • Business tools
  • All Solutions
    • By industry
    • By use case
    • Economics and Pricing
    • Security
    • Technical Support
    • Customer Stories
    • Cloud credits to scale your IT product
    • Gateway to Russia
    • Cloud for Startups
    • Education and Science
    • Yandex Cloud Partner program
  • Blog
  • Pricing
  • Documentation
© 2025 Direct Cursus Technology L.L.C.
Yandex Compute Cloud
  • Yandex Container Solution
    • Resource relationships
    • Graphics processing units (GPUs)
    • Images
      • Overview
      • Access
      • YAML specification
      • Instance template
      • Variables in an instance template
      • Scaling types
      • Instance health checks and automatic recovery
      • Integrating with network and L7 load balancers
      • Handling a stateful workload
      • Stopping and pausing an instance group
      • Sequentially restarting and recreating instances in a group
      • Statuses
    • Dedicated host
    • Encryption
    • Backups
    • Quotas and limits
  • Access management
  • Terraform reference
  • Monitoring metrics
  • Audit Trails events
  • Release notes

In this article:

  • How integration works
  • Creating a target group
  • Health checks from load balancers
  • Settings
  • Settings for integration with Network Load Balancer
  • Settings for integration with Application Load Balancer
  • Use cases
  1. Concepts
  2. Instance groups
  3. Integrating with network and L7 load balancers

Integrating an instance group with Network Load Balancer or Application Load Balancer

Written by
Yandex Cloud
Updated at April 18, 2025
  • How integration works
    • Creating a target group
    • Health checks from load balancers
  • Settings
    • Settings for integration with Network Load Balancer
    • Settings for integration with Application Load Balancer
  • Use cases

Using Yandex Network Load Balancer and Yandex Application Load Balancer, you can evenly distribute the workload across Yandex Compute Cloud VM instances. An instance group can be integrated with these services: Compute Cloud will automatically create a Network Load Balancer or Application Load Balancer target group from this instance group and perform monitoring so that unhealthy instances are not added to the group.

How integration worksHow integration works

Creating a target groupCreating a target group

In Yandex Cloud load balancing services, a target group is a set of resources where your network applications are running. The load balancer the target group is linked to distributes incoming requests across its resources. To learn more about target groups, see the Network Load Balancer and Application Load Balancer documentation.

Target groups usually include Compute Cloud VM instances. This allows you to set up an instance group so that a Network Load Balancer or Application Load Balancer target group could be created automatically from it. The target group created this way will be associated with the instance group:

  • When an instance is added to the instance group or restarted after being stopped, it is added to the target group.
  • When an instance is stopped or removed from the instance group, it is removed from the target group.

To make sure the target group starts receiving traffic, link it to a load balancer. Compute Cloud does not do this automatically.

  • The Network Load Balancer target group should be linked to the load balancer directly.
  • The Application Load Balancer target group should be linked to a backend group and the backend group, to the load balancer, either directly or via an HTTP router, depending on the load balancing type. For more information, see our guides for managing Application Load Balancer resources.

Health checks from load balancersHealth checks from load balancers

Once a target group is linked to a load balancer, it sends health checks to the group instances to find out which of them are healthy and which are not when distributing traffic. To learn more about health checks, see the Network Load Balancer and Application Load Balancer documentation.

When you add an instance to the group or restart a stopped one, this instance is added to the target group, gets the OPENING_TRAFFIC status in the instance group, and starts receiving health checks from the load balancer. If the instance passes the required number of health checks (the healthy threshold you set when configuring health checks), the load balancer considers it healthy. The instance starts receiving traffic from the load balancer and switches to the RUNNING_ACTUAL status.

By default, an instance may have the OPENING_TRAFFIC status indefinitely until it gets healthy. You can limit this time in the integration settings (the max_opening_traffic_duration field). Compute Cloud will then automatically recover the instance that has received no traffic for too long since it was added to the group or started. For more information about VM recovery, see Autohealing features.

You can disable load balancer health checks using the ignore_health_checks parameter. In this case, the checks will not affect the instance group in any way. Negative check results will not prompt the instances to autoheal, and the group will receive no traffic from load balancers.

Ignoring load balancer health checks

Ignoring health checks may be useful in blue-green deployments, e.g.:

  1. There are two instance groups connected to the load balancer that serve as target groups:

    • The blue instance group hosts the stable version of the app available to users. Instance Groups automatically restores instances in this group if they fail load balancer health checks.
    • The green instance group is used to test the next application version. This group is set up to ignore load balancer health checks.
  2. Load balancer health checks are intentionally configured so that the green instances fail them and receive no user traffic. However, these checks have no effect on the deployment of instances in the group. User traffic only goes to the blue group instances.

  3. To transfer user traffic to the new app version tested in the green group:

    1. Load balancer health checks are reconfigured for the green instances to pass them and start receiving user traffic.
    2. To enable autohealing for green instances that fail load balancer health checks, ignoring health checks is disabled in this group.
    3. Load balancer health checks are reconfigured for the blue instances to fail them and stop receiving user traffic.
    4. In the blue group, ignoring load balancer health checks is enabled.

Now the blue instance group will be used for testing, and the green one will receive user traffic.

SettingsSettings

You can integrate an instance group with Network Load Balancer or Application Load Balancer in the management console or describe the integration in the group's YAML specification to provide the specification through the Yandex Cloud CLI or API. You can specify the settings when creating or updating a group.

An instance group can only be integrated with one of the services: either Network Load Balancer or Application Load Balancer. You cannot set up integration of an instance group with both services at the same time.

Below, you can find the descriptions of the fields with the settings from the YAML specification and their respective fields in the management console.

Settings for integration with Network Load BalancerSettings for integration with Network Load Balancer

load_balancer_spec:
  target_group_spec:
    name: "ig-tg"
    description: "Instance group as target group"
    labels:
      foo: "baz"
      bar: "baz"
  max_opening_traffic_duration: 30s
  ignore_health_checks: false

The fields and options in the management console are located under Integration with Network Load Balancer on the instance group creation and editing pages.

YAML key
Management console field or option
Description
load_balancer_spec
Create target group
Settings for instance group integration with Network Load Balancer. If the key is missing in the YAML specification or the option is disabled in the management console, the group will not be integrated with Network Load Balancer.
target_group_spec Parameters of a Network Load Balancer target group created from the instance group.
name
Name of the target group
Name of the target group.
description
Description of the target group
Description of the target group.
labels Target group labels in <label_name>: <label_value> format.
max_opening_traffic_duration
Traffic timeout
Time during which a new instance in the group must pass the health check from the load balancer. The possible values are 0 and 1+ sec. The default value is 0 (unlimited). For more information, see Load balancer health checks.
ignore_health_checks Ignore load balancer health checks. The possible values are true or false.

Settings for integration with Application Load BalancerSettings for integration with Application Load Balancer

application_load_balancer_spec:
  target_group_spec:
    name: "ig-tg"
    description: "Instance group as target group"
    labels:
      foo: "baz"
      bar: "baz"
  max_opening_traffic_duration: 30s
  ignore_health_checks: false

The fields and options in the management console are located under Integration with Application Load Balancer on the instance group creation and editing pages.

YAML key
Management console field or option
Description
application_load_balancer_spec
Create target group
Settings for instance group integration with Application Load Balancer. If the key is missing in the YAML specification or the option is disabled in the management console, the group will not be integrated with Application Load Balancer.
target_group_spec Parameters of an Application Load Balancer target group created from the instance group.
name
Name of the target group
Name of the target group.
description
Description of the target group
Description of the target group.
labels Target group labels in <label_name>: <label_value> format.
max_opening_traffic_duration
Traffic timeout
Time during which a new instance in the group must pass the health check from the load balancer. The possible values are 0 and 1+ sec. The default value is 0 (unlimited). For more information, see Load balancer health checks.
ignore_health_checks Ignore load balancer health checks. The possible values are true or false.

Use casesUse cases

  • Running an autoscaling instance group
  • Updating an instance group under load
  • Implementing a secure high-availability network infrastructure with a dedicated DMZ based on the Check Point NGFW
  • Configuring a fault-tolerant architecture in Yandex Cloud
  • Creating a load balancer with DDoS protection

Was the article helpful?

Previous
Updating secondary disks in an instance template
Next
Handling a stateful workload
© 2025 Direct Cursus Technology L.L.C.