Migrating services from an external NLB to L7 ALB with an internal NLB as a target

You can migrate the load from a Yandex Network Load Balancer load balancer to a Yandex Application Load Balancer L7 load balancer. A network load balancer distributes traffic across your load balancer pods deployed in a Yandex Managed Service for Kubernetes cluster. If the L7 load balancer does not support your load balancer configuration, you can add an internal network load balancer as a target for your L7. The internal network load balancer will be distributing traffic across NGINX Ingress Controller pods deployed in a Managed Service for Kubernetes cluster; the internal network load balancer's IP address will be specified in the L7 load balancer's target group.

During the migration process, the L7 load balancer will have a Yandex Smart Web Security security profile connected to it. An L7 load balancer with a connected security profile operates as follows:

You can create a service migration infrastructure using the following tools:

• Management console: Use the Yandex Cloud management console to create your infrastructure step by step.
• Terraform: Streamline creating and managing your resources using the Infrastructure as Code (IaC) approach. Download a Terraform configuration example and deploy your infrastructure using the Terraform Yandex Cloud provider.