Load Balancing Service
TWSC Load Balancing Service offers Application Load Balancer (HTTP and HTTPs with SSL) and Network Load Balancer (TCP). When network traffic becomes heavy, the Load Balancer automatically distributes traffic to different VCS instances to keep the service flexible, scalable and highly available.
- For the permission differences between a Tenant Admin and a Tenant User when using VCS instances, please refer to User roles and permissions.
- TWCC CLI currently does not support this feature.
Create load balancers
- On the service list, click Load Balancing to go to the Load Balancer Management page, and select +CREATE.
You can click on the asterisk to the left of the service in "All Services" and pin your frequently used services to "My Favorite Services" to speed up the process.
- Configure the load balancer, and then click NEXT: REVIEW & CREATE >.
- Name: Enter the name of the load balancer.
- Description (optional): Enter the description for the load balancer.
- Type: Choose the type of load balancer as Application Load Balancer or Network Load Balancer.
- Listener
- Protocol:
- Application Load Balancer can handle HTTP and HTTPs with SSL traffic*.
- Network Load Balancer can handle TCP traffic.
- Port: Enter the port number for port forwarding.
- SSL certificate:
- Click Add to configure multiple listerners and ports.
- Protocol:
- Method: Select one method of balancing from ROUND_ROBIN, LEAST_CONNECTIONS, and SOURCE_IP.
- Virtual Network: Select a virtual network.
- Assign Public IP: You can choose not to assign it, auto-assign a floating IP, or assign a static IP**. Please refer to Elastic IP for usage details.
*To use a HTTPS with SSL listener, please create SSL Certificate first.
**After creation, you can adjust the IP selection on the "Load Balancer Details" page. If you have assigned IPs, you need to detach them before you can select other IPs.
- Review the configuration for the load balancer, and then click CREATE.
- After the load balancer has been created, you will be directed back to the list page. The newly created load balancer appears at the top of the list, and you can select the load balancer to enter its detail page. You can edit the settings when it turns to the ACTIVE state.
After creating, attach the load balancer to VCS instances to enable the traffic balancing mechanism for your applications.
Manage load balancers
- On the Load Balancer Management page, click the list of load balancers to enter the load balancer details page.
- On the load balancer details page, you can view the basic information and the configuration for network connections, or execute actions including EDIT, DELETE, REFRESH, etc.
- Once the load balancer is created, a VIP (Virtual IP) will be generated for external services, and private IP will be provided for maintenance purpose.
Update load balancer's SSL certificate
SSL certificates have a validity period. You can create a new certificate to replace the certificate about to expire:
- Enter the Load Balancer Details page, and then click the EDIT button.
- Select the newly created certificate name for the existing HTTPS with SSL listener, and then click OK.
- After the update, you will be directed to the Load Balancer Details page. You can see the name of the new SSL certificate, and its state wll change to the
ACTIVE
when it is successfully renewed.
Attach load balancers to VCS instances
- Enter Load Balancer Management page. Select the load balancer you want to attach, click the menu button and then click on EDIT.
You can use the search bar with keywords to find your load balancer if too many are on the list.
- You may also find EDIT button in Load Balancer Details page.
- Click Add Server in the Edit Load Balancer window to attach VCS intances to the load balancer.
- Enter the Private IP and Port of the VCS intance, e.g.,
192.xxx.xxx.xx:80
. Then select Add Server to set up the private IP and port of the second VCS instance.
- Click OK when all servers are added.
- Back to the Load Balancer Details page, the IPs of attached instances are shown in the Networks & Connection block. The load balancer starts running when it turns to the ACTIVE state.
SSL certificates
Deploy SSL certificates on your load balancers can help you build trust with customers by encrypting and securing communications between the web server and the client browser, preventing criminals from reading or modifying information transferred.
In order to comply with the information security requirements, only the TLS 1.2 transport layer security protocol is provided.
Create a SSL certificate
- Click SSL Certificate on the left side > Click +CREATE in the SSL Certificate Management page.
- Enter the name, description, and Base64 Encode (PKCS#12 format) of your SSL certificate, and then click NEXT: REVIEW & CREATE >
TWSC currently supports only PKCS#12 format, please refer to Convert SSL certificate format for more information.
- Review SSL certificate configuration, and then click CREATE.
- The certificate will appear in the list after creation. You can deploy the certificate on a HTTPs with SSL listener when it turns to the ACTIVE state.
Manage SSL certificates
After creating the SSL certificate with reference, you can select it when creating an Application Load Balancer, or you can add/update it to an existing load balancer.
TWSC currently supports only PKCS#12 format, please refer to Convert SSL certificate format for more information.
Delete a SSL certificate
- Go to the SSL Certificate Management page, select the SSL certificate you want to delete, and then click the DELTE button.
To secure SSL certificates, only the creator can view and use the SSL certificate.