Creating a network load balancer
Note
Before creating a network load balancer, create a target group to attach to it.
You can only set the load balancer type (internal or external) when creating it. You cannot update its type afterwards.
To create a network load balancer:
-
In the management console
, select the folder to create a load balancer in. -
In the list of services, select Network Load Balancer.
-
Click Create a network load balancer.
-
Enter a name. The naming requirements are as follows:
- The name must be from 3 to 63 characters long.
- It may contain lowercase Latin letters, numbers, and hyphens.
- The first character must be a letter and the last character cannot be a hyphen.
-
Assign a public IP address to the load balancer. You can assign an address automatically or select one from the list of reserved addresses.
-
Under Listeners, add a listener:
-
Click Add listener.
-
In the window that opens, set the listener parameters:
-
Name.
-
Protocol:
TCP
orUDP
.Note
By default, the listener uses TCP. To use UDP, submit a request to technical support
. -
Port where the listener will listen for incoming traffic. The values range from
1
to32767
. -
Target port the load balancer will redirect traffic to. The values range from
1
to32767
.
-
-
Click Add.
-
-
Under Target groups add a target group:
-
Click Add target group.
-
Select a target group or create a new one:
- In the Target group field, select
Create target group. - In the window that opens, enter a target group name.
- Add virtual machines to the target group.
- Click Create.
- In the Target group field, select
-
Optionally, under Health check, click Configure. In the window that opens, specify the resource health check settings:
- Name.
- Type:
HTTP
orTCP
. For health checks to use HTTP, specify the URL to check in the Path field. - Port for health checks. The values range from
1
to32767
. - Timeout in sec: Response timeout in seconds. The possible values are from
1
to60
. The interval must be at least 1 second longer than the waiting time. - Interval in sec: Health check interval in seconds. The values range from
1
to60
. - Healthy threshold: Number of successful checks required to consider a VM instance ready to receive traffic.
- Unhealthy threshold: Number of failed checks to stop routing traffic to a VM.
-
Click Apply.
-
-
Click Create.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
See the description of the CLI command to create a network load balancer:
yc load-balancer network-load-balancer create --help
-
To create a load balancer with a listener and a target group, run this command:
yc load-balancer network-load-balancer create <load_balancer_name> \ --listener name=<listener_name>,` `port=<port>,` `target-port=<target_port>,` `protocol=<protocol>,` `external-ip-version=<IP_address_version> \ --target-group target-group-id=<target_group_ID>,` `healthcheck-name=<health_check_name>,` `healthcheck-interval=<interval_between_checks>s,` `healthcheck-timeout=<health_check_timeout>s,` `healthcheck-unhealthythreshold=<number_of_failed_checks_to_get_Unhealthy_status>,` `healthcheck-healthythreshold=<number_of_successful_checks_to_get_Healthy_status>,` `healthcheck-tcp-port=<TCP_port>,` `healthcheck-http-port=<HTTP_port>,` `healthcheck-http-path=<URL>
Where:
listener
: Listener parameters:name
: Name of the listener.port
: Port where the load balancer will accept incoming traffic. The acceptable values are from1
to32767
.target-port
: Port to which the load balancer will redirect traffic. The acceptable values are from1
to32767
.protocol
: Protocol the listener will use (TCP
orUDP
).external-address
: External IP address of the listener.external-ip-version
: Version of the external IP address (ipv4
oripv6
).
-
--target-group
: Target group parameters and settings of its resource health checks:-
target-group-id
: Target group ID.To find out the ID, get a list of target groups in the folder.
-
healthcheck-name
: Resource health check name. -
healthcheck-interval
: Health check interval in seconds. The possible values are from1s
to60s
. The interval must be at least 1 second longer than the waiting time. -
healthcheck-timeout
: Response timeout in seconds. The possible values are from1s
to60s
. -
healthcheck-unhealthythreshold
: Number of failed checks after which no traffic will be routed to a virtual machine. The possible values are from2
to10
. -
healthcheck-healthythreshold
: Number of successful checks required to consider a virtual machine ready to receive traffic. The possible values are from2
to10
. -
healthcheck-tcp-port
: Port for health checks via TCP. The possible values are from1
to32,767
. -
healthcheck-http-port
: Port for health checks via HTTP. The possible values are from1
to32,767
. -
healthcheck-http-path
: URL to perform health checks via HTTP.
You cannot specify
healthcheck-tcp-port
andhealthcheck-http-port
at the same time.Warning
The
healthcheck-interval
andhealthcheck-timeout
parameter values must be in<time_in_seconds>s
format, e.g.,20s
. -
Terraform
For more information about the provider resources, see the documentation on the Terraform
If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.
If you don't have Terraform, install it and configure the Yandex Cloud provider.
-
Describe the parameters of the network load balancer resource in a configuration file.
Here is an example of the configuration file structure:
resource "yandex_lb_network_load_balancer" "foo" { name = "<load_balancer_name>" deletion_protection = "<deletion_protection>" listener { name = "<listener_name>" port = <port_number> external_address_spec { ip_version = "<IP_address_version>" } } attached_target_group { target_group_id = "<target_group_ID>" healthcheck { name = "<health_check_name>" http_options { port = <port_number> path = "<URL>" } } } }
Where:
name
: Name of the network load balancer.deletion_protection
: Deletion protection for the network load balancer. You cannot delete a load balancer with this option enabled. If load balancer deletion protection is enabled, you can still delete its listeners and target groups. The default value isfalse
.listener
: Listener properties:name
: Listener name.port
: Port in the range from1
to32767
on which the network load balancer will receive incoming traffic.external_address_spec
: Specification of the listener for the external load balancer:ip_version
: External IP address specification. Specify the IP address version,ipv4
oripv6
. The default value isipv4
.
attached_target_group
: Description of the network load balancer's target group parameters:-
target_group_id
: Target group ID.To find out the ID, get a list of target groups in the folder.
-
healthcheck
: Health check parameters. Enter a name, a port number ranging from1
to32767
, and a path for health checks.
-
For more information about the
yandex_lb_network_load_balancer
resource parameters in Terraform, see the provider documentation . -
Make sure the settings are correct.
-
Using the command line, navigate to the folder that contains the up-to-date Terraform configuration files with an infrastructure plan.
-
Run the command:
terraform validate
If there are errors in the configuration files, Terraform will point to them.
-
-
Create a network load balancer.
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
-
To create a new network load balancer, use the create REST API method for the NetworkLoadBalancer resource or the NetworkLoadBalancerService/Create gRPC API call.
Examples
Creating a network load balancer without a listener
Create a network load balancer named test-load-balancer-1
without a listener or target group.
Run the following command:
yc load-balancer network-load-balancer create test-load-balancer-1
-
In the configuration file, describe the resource parameters without the
listener
andattached_target_group
sections:resource "yandex_lb_network_load_balancer" "foo" { name = "test-load-balancer-1" deletion_protection = "true" }
For more information about the resources you can create with Terraform, see the provider documentation
. -
Make sure the settings are correct.
-
Using the command line, navigate to the folder that contains the up-to-date Terraform configuration files with an infrastructure plan.
-
Run the command:
terraform validate
If there are errors in the configuration files, Terraform will point to them.
-
-
Create a network load balancer.
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
-
Use the create API method and include the following information in the request body:
{
"folderId": "<folder_ID>",
"name": "test-load-balancer-1",
"type": "EXTERNAL"
}
Creating a network load balancer with a listener and attached target group
Create a network load balancer with a listener and attached target group with the following test specifications:
- Name:
test-load-balancer-2
. - Listener parameters:
- Name:
test-listener
. - Port:
80
. - Target port:
81
. - Protocol:
TCP
. - IP address version:
ipv4
.
- Name:
- Target group ID:
enpu2l7q9kth********
. - Target group resource health check parameters:
- Name:
http
. - Health check interval:
2
seconds. - Response timeout:
1
second. - Unhealthy threshold:
2
. - Healthy threshold:
2
. - Port for HTTP health checks:
80
. - URL for health checks:
/
.
- Name:
Run the following command:
yc load-balancer network-load-balancer create test-load-balancer-2 \
--listener name=test-listener,`
`port=80,`
`target-port=81,`
`protocol=tcp,`
`external-ip-version=ipv4 \
--target-group target-group-id=enpu2l7q9kth********,`
`healthcheck-name=http,`
`healthcheck-interval=2s,`
`healthcheck-timeout=1s,`
`healthcheck-unhealthythreshold=2,`
`healthcheck-healthythreshold=2,`
`healthcheck-http-port=80,`
`healthcheck-http-path=/
-
In the configuration file, describe the resource parameters with the
listener
andattached_target_group
sections:resource "yandex_lb_network_load_balancer" "foo" { name = "test-load-balancer-2" deletion_protection = "true" listener { name = "test-listener" port = 80 target_port = 81 protocol = "tcp" external_address_spec { ip_version = "ipv4" } } attached_target_group { target_group_id = "enpu2l7q9kth********" healthcheck { name = "http" interval = 2 timeout = 1 unhealthy_threshold = 2 healthy_threshold = 2 http_options { port = 80 path = "/" } } } }
For more information about the resources you can create with Terraform, see the provider documentation
. -
Make sure the settings are correct.
-
Using the command line, navigate to the folder that contains the up-to-date Terraform configuration files with an infrastructure plan.
-
Run the command:
terraform validate
If there are errors in the configuration files, Terraform will point to them.
-
-
Create a network load balancer.
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
-
Use the create API method and include the following information in the request body:
{
"folderId": "<folder_ID>",
"name": "test-load-balancer-2",
"type": "EXTERNAL",
"listenerSpecs": [
{
"name": "test-listener",
"port": "80",
"protocol": "TCP",
"targetPort": "81",
"externalAddressSpec": {
"ipVersion": "IPV4"
}
}
],
"attachedTargetGroups": [
{
"targetGroupId": "b7rjtf12qdee********",
"healthChecks": [
{
"name": "http",
"interval": "2s",
"timeout": "1s",
"unhealthyThreshold": "2",
"healthyThreshold": "2",
"httpOptions": {
"port": "80",
"path": "/"
}
}
]
}
]
}