Difference between revisions of "Load balancer (Networking)"
Jump to navigation
Jump to search
↑ https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#overview
↑ https://aws.amazon.com/elasticloadbalancing/faqs/
↑ https://docs.openstack.org/octavia/latest/user/guides/basic-cookbook.html#deploy-a-load-balancer-with-backend-re-encryption
| (62 intermediate revisions by 6 users not shown) | |||
| Line 1: | Line 1: | ||
| − | Load balancing across multiple application instances is a commonly used technique for optimizing resource utilization, maximizing throughput, reducing latency, and ensuring fault‑tolerant configurations. | + | [[wikipedia:Load balancing (computing)|Load balancing]] across multiple application instances is a commonly used technique for optimizing resource utilization, maximizing throughput, reducing latency, and ensuring fault‑tolerant configurations. |
| − | Load balancing in [[Nginx]] is configured using <code>[[upstream]]</code> directive.<ref>https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#overview</ref> | + | Load balancing in [[Nginx]] is configured using <code>[[upstream]]</code> directive.<ref>https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#overview</ref>. |
| + | * Supported load balancing algorithms: [[Round Robin]], [[Least Connections]], [[IP Hash]], [[Generic Hash]], [[Least Time]] ([[Nginx Plus]]), [[Random]] | ||
| + | * Sticky methods ([[NGINX Plus]]): Sticky cookie, Sticky route ([[NGINX Plus]]), Sticky learn | ||
| + | |||
| + | Network load balancer can provide service for different protocols, such as [[TCP]], [[UDP]], [[HTTP]] or [[HTTPS]]. | ||
| + | |||
| + | |||
| + | |||
| + | == Configuration options == | ||
| + | * Listening port | ||
| + | * [[FQDN]] | ||
| + | * [[Protocol]]: [[TCP]], [[UDP]], [[HTTP]], [[HTTPS]], [[WebSockets]] | ||
| + | * Destination servers and destination port | ||
| + | * Load Balancing algorithm: [[WRR]], [[weighted least connection]], [[source IP hash]] | ||
| + | * [[Sticky]] [[session]] (session affinity) | ||
| + | |||
| + | == Nginx configuration example == | ||
| + | <pre> | ||
| + | upstream backend { | ||
| + | # no load balancing method is specified for Round Robin. Other options: least_conn, ip_hash, least_time header, random two least_time=last_byte | ||
| + | server backend1.example.com slow_start=30s; | ||
| + | server backend2.example.com max_conns=3; | ||
| + | server backend3.example.com weight=5; | ||
| + | server backend4.example.com; | ||
| + | #server backend5.example.com:443; (if you are connecting to an https backend. Additional configuration is required) | ||
| + | server 192.0.0.1 backup; | ||
| + | #queue 100 timeout=70; (option if using max_conns directive) | ||
| + | } | ||
| + | </pre> | ||
| + | |||
| + | |||
| + | == HTTPS termination == | ||
| + | [[HTTPS]] termination is at least supported on [[Nginx]], [[Amazon ELB]]<ref>https://aws.amazon.com/elasticloadbalancing/faqs/</ref> and [[OpenStack]] <ref>https://docs.openstack.org/octavia/latest/user/guides/basic-cookbook.html#deploy-a-load-balancer-with-backend-re-encryption</ref> | ||
| + | |||
| + | == Activities == | ||
| + | * Read NGINX how to secure HTTP Traffic to Upstream Servers https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/ | ||
| + | |||
| + | == Related terms == | ||
| + | * [[Amazon Load Balancers]] | ||
| + | * [[Security groups for your Application Load Balancer (ALB)]] | ||
| + | * [[Security groups for your Network Load Balancer (NLB)]] (do not have) | ||
| + | * [[ALB]] | ||
| + | * [[Amazon Elastic Load Balancer (ELB)]] | ||
| + | * [[Application Load Balancer (ALB)]]: [[AWS Application Load Balancer (ALB)]] | ||
| + | * [[Google Cloud Load Balancing]] | ||
| + | * [[Load Balancer as a Service (LBaaS)]] | ||
| + | * <code>[[openstack loadbalancer create]]</code> | ||
| + | * [[Envoy Proxy]] | ||
| + | * [[Oracle Cloud Load Balancer]] | ||
| + | * [[Kubernetes load balancers]] | ||
| + | * [[IncompatibleProtocols]] | ||
| + | * [[MetalLB]] ([[Kubernetes]]) | ||
| + | * [[Emerald Dshackle]] | ||
| + | * [[Outlier detection]] ([[Envoy]]) | ||
| + | * [[Round-robin]] | ||
| + | |||
| + | == See also == | ||
| + | * {{HTTPS}} | ||
| + | * {{Proxy}} | ||
| + | * {{ALB}} | ||
| + | * {{LB}} | ||
| + | |||
| + | [[Category:web]] | ||
Latest revision as of 15:01, 14 October 2024
Load balancing across multiple application instances is a commonly used technique for optimizing resource utilization, maximizing throughput, reducing latency, and ensuring fault‑tolerant configurations.
Load balancing in Nginx is configured using upstream directive.[1].
- Supported load balancing algorithms: Round Robin, Least Connections, IP Hash, Generic Hash, Least Time (Nginx Plus), Random
- Sticky methods (NGINX Plus): Sticky cookie, Sticky route (NGINX Plus), Sticky learn
Network load balancer can provide service for different protocols, such as TCP, UDP, HTTP or HTTPS.
Contents
Configuration options[edit]
- Listening port
- FQDN
- Protocol: TCP, UDP, HTTP, HTTPS, WebSockets
- Destination servers and destination port
- Load Balancing algorithm: WRR, weighted least connection, source IP hash
- Sticky session (session affinity)
Nginx configuration example[edit]
upstream backend {
# no load balancing method is specified for Round Robin. Other options: least_conn, ip_hash, least_time header, random two least_time=last_byte
server backend1.example.com slow_start=30s;
server backend2.example.com max_conns=3;
server backend3.example.com weight=5;
server backend4.example.com;
#server backend5.example.com:443; (if you are connecting to an https backend. Additional configuration is required)
server 192.0.0.1 backup;
#queue 100 timeout=70; (option if using max_conns directive)
}
HTTPS termination[edit]
HTTPS termination is at least supported on Nginx, Amazon ELB[2] and OpenStack [3]
Activities[edit]
- Read NGINX how to secure HTTP Traffic to Upstream Servers https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/
Related terms[edit]
- Amazon Load Balancers
- Security groups for your Application Load Balancer (ALB)
- Security groups for your Network Load Balancer (NLB) (do not have)
- ALB
- Amazon Elastic Load Balancer (ELB)
- Application Load Balancer (ALB): AWS Application Load Balancer (ALB)
- Google Cloud Load Balancing
- Load Balancer as a Service (LBaaS)
openstack loadbalancer create- Envoy Proxy
- Oracle Cloud Load Balancer
- Kubernetes load balancers
- IncompatibleProtocols
- MetalLB (Kubernetes)
- Emerald Dshackle
- Outlier detection (Envoy)
- Round-robin
See also[edit]
- HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL, WebSockets, WebRTC,ssl_certificateQUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure, Axios HTTP client, HTTP cookies, HTTP ETag, Hypertext Transfer Protocol -- HTTP/1.1 - Proxy servers:
Squid, Reverse proxy,Nginx,HAProxy,Varnish, Load balancer, Load Balancer as a Service (LBaaS), Symantec proxySG and Advanced Secure Gateway (ASG), Traefik, tinyproxy, Proxyrack, Luminati Networks, SOCKS, Envoy Proxy - ALB, Load balancer (Networking), AWS ALB,
openstack loadbalancer create, AWS ALB Ingress Controller, Target group, AWS Load Balancer Controller,alb-http-drop-invalid-header-enabled, Least Outstanding Requests (LOR) - Load Balancers, LoadBalancerSourceRanges, Kubernetes LoadBalancer, ALB,
type: LoadBalancer, AWS Load Balancer controller, Emerald Dshackle
Advertising:
