DocsICP FilingConsole
官方文档
首页

Server Load Balancer (SLB)

更新时间:
复制 MD 格式
产品详情
我的收藏

Server Load Balancer (SLB) is a service that distributes incoming traffic across multiple Elastic Compute Service (ECS) instances. SLB uses forwarding rules to direct traffic. This expands an application's service capacity and improves its availability.

Purchase and import an SLB instance

To use the Server Load Balancer service, you must have an SLB instance.

  • If you already have an SLB instance, you can import it into your current workspace.

    Note

    You can import an SLB instance in the following scenarios:

    • The SLB instance was purchased from the Alibaba Cloud Management Console before you enabled Resource Management.

    • The SLB instance was added to Resource Management and later removed from a bound workspace.

  • If you do not have an SLB instance, you must purchase one.

This topic describes how to purchase and import an SLB instance.

Purchase an SLB instance

Log on to the console. Go to Products & Services > Compute & Network > Server Load Balancer to purchase an SLB instance. For more information, see Purchase a Server Load Balancer instance.

Important

After you purchase an SLB instance, if you change its billing method, subsequent configuration changes, such as bandwidth modifications, will take effect at 00:00 the next day. No other configuration changes can be made until the current change takes effect.

Import an SLB instance

You can import an existing SLB instance into the current workspace.

Prerequisites

You have developer permissions.

Procedure

  1. Log on to the Resource Management console.

  2. In the navigation pane on the left, click Compute & Network > Server Load Balancer.

  3. Click the Import button in the upper-left corner. A dialog box appears that lists all SLB instances in the region. Select an SLB instance that has not been imported and click OK.

    The import list contains the following information:

    • Name/(ID): The name and ID of the SLB instance.

    • Import Information: Indicates whether the SLB instance has been imported and provides information about the workspace to which it was imported.

    • Network Type: Classic network or virtual private cloud (VPC). An SLB instance in a VPC is automatically imported into the workspace bound to that VPC.

    • Service Endpoint: The service endpoint provided by the SLB instance and its type: public network or internal network.

    • Creation Time: The time when the SLB instance was created.

  4. After the import is complete, the new SLB instance appears in the list. You can click the name of the SLB instance to configure its listeners or modify the weights of attached ECS instances.

    The Operations column in this list provides the following features:

    • Stop: Stops the current SLB instance. The instance will stop forwarding traffic to backend ECS instances.

    • More > Assign to Application: Assigns the SLB instance to an application. This requires that you have already created an application.

Assign and release an SLB instance

After you purchase or import an SLB instance, you can assign it to an application or release it from an application.

Prerequisites

An application has been created.

Assign an SLB instance

  1. Log on to the Resource Management console.

  2. In the navigation pane on the left, click Compute & Network > Server Load Balancer. On the Server Load Balancer tab, find the SLB instance that you want to assign to an application.

  3. You can assign a single SLB instance to an application, or assign multiple SLB instances to the same application in a batch operation.

    • Single assignment: Click More > Assign to Application in the Operations column for the instance. In the Assign to Application window, enter the Application and Application Service Instance.

    • Batch assignment: Select the checkboxes of multiple instances. Click More > Assign to Application above the instance list. In the confirmation window that appears, click OK. Then, in the Assign to Application window, enter the Application and Application Service Instance.

      Note

      • If the application has no service instances, you can assign the SLB instance directly to the application. A new service instance associated with the latest version of the application's technology stack is created.

      • If the application has service instances, you must specify which service instance to assign.

  4. Click OK. After the assignment is complete, the name of the application to which the SLB instance is assigned appears in the Service Instance Binding column.

Release an SLB instance

  1. Log on to the Resource Management console.

  2. In the navigation pane on the left, click Compute & Network > Server Load Balancer. On the Server Load Balancer tab, find the SLB instance that you want to release from an application.

  3. Click More > Release from Application in the Operations column for the instance. A confirmation window appears to prevent accidental operations.

  4. In the confirmation window, click OK. The application name is then removed from the Service Instance Binding column for the SLB instance.

Delete and remove an SLB instance

After you purchase or import an SLB instance, you can also delete it or remove it from a workspace.

Delete an SLB instance

  1. Log on to the Resource Management console.

  2. In the navigation pane on the left, click Compute & Network > Server Load Balancer. On the Server Load Balancer tab, find the SLB instance that you want to delete.

  3. You can delete a single SLB instance or delete multiple SLB instances in a batch operation.

    • Single deletion: Click More > Delete in the Operations column for the SLB instance. In the confirmation window that appears, click OK.

    • Batch deletion: Select the checkboxes of the SLB instances that you want to delete, and then click Delete above the instance list.

      After the deletion is complete, the SLB instance disappears from the instance list, and billing for it stops.

Remove an SLB instance

  1. Log on to the Resource Management console. In the navigation pane on the left, click Compute & Network > Server Load Balancer. On the Server Load Balancer tab, find the SLB instance that you want to remove.

  2. Select the checkbox of one or more SLB instances that you want to remove, and then click Remove above the instance list.

    After the removal is complete, the SLB instance disappears from the instance list.

    Note

    The remove operation only removes the SLB instance from the current workspace. It does not delete the instance. Therefore, billing for the removed SLB instance continues.

Add a certificate

  1. Log on to the Resource Management console. In the navigation pane on the left, click Compute & Network > Server Load Balancer to go to the SLB list page.

  2. Above the list, click the Certificates tab to go to the certificate list page.

  3. Above the list, click Add and enter the certificate information.

    After you upload the certificate, you can use the HTTPS protocol and select the certificate when you configure the SLB instance.

Certificate format requirements

  • The certificate must be in the PEM format for Linux environments. Server Load Balancer does not support certificates in other formats. If your certificate is in another format, you must first convert it.

  • If the certificate is issued by a root certificate authority (CA), the certificate you receive is a single file. No additional certificates are required. Browsers and other clients will trust the configured site.

  • If the certificate is issued by an intermediate CA, the certificate file you receive contains multiple certificates. You must manually combine the server certificate and the intermediate certificate into a single file for upload.

  • To combine the certificates, place the server certificate first, followed by the intermediate certificate. Do not leave any blank lines between them.

    Note

    Typically, the issuing authority provides instructions when issuing the certificate. Be sure to follow these instructions.

The following examples show the certificate format and certificate chain format. Confirm that your format is correct before uploading.

  • Certificate issued by a root CA (in PEM format for Linux)

    Certificate rules:

    • The certificate must begin and end as follows: -----BEGIN CERTIFICATE----------END CERTIFICATE-----.

    • Upload all of this content.

    • Each line must contain 64 characters, and the last line can contain fewer than 64 characters.

  • Certificate chain issued by an intermediate CA

    -----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----

    Certificate chain rules:

    • There must be no blank lines between certificates.

    • Each certificate must comply with the format specified in the first point.

RSA private key format requirements

RSA private key rules:

  • The content must start with -----BEGIN RSA PRIVATE KEY----- and end with -----END RSA PRIVATE KEY-----.

  • Upload all of this content.

  • Each line must contain 64 characters, and the last line can contain fewer than 64 characters.

If your private key is not in the required format, you can convert it by running the following command:

openssl rsa -in old_server_key.pem -out new_server_key.pem

Then, upload the content of new_server_key.pem along with the certificate.

Configure a listener

You can configure listeners for an SLB instance in Resource Management. A listener checks each connection request by port and distributes the traffic to backend servers. This section describes how to configure listeners.

Configure a listener

You can configure the frontend and backend protocols and ports in the listener. If a connection request matches the listener configuration, the traffic is distributed to the backend servers. To add a listener, perform the following steps:

  1. Log on to the Resource Management console.

  2. In the navigation pane on the left, click Compute & Network > Server Load Balancer. On the Server Load Balancer tab, click the name of the SLB instance for which you want to create a listener to go to its details page.

  3. On the Listeners tab, click Add. In the Create Listener window that appears, enter the following information:

    • Frontend Protocol[Port]: Select HTTP, HTTPS, or TCP from the drop-down list and enter the corresponding port.

      • For most websites, select the HTTP protocol and enter port 80.

      • For HTTPS websites, enter port 443 and select a certificate.

      • For custom protocols, you can select the TCP protocol. The allowed custom port ranges are 80, 443, 2800-3300, 5000-10000, and 13000-14000.

    • Backend Protocol[Port]: The backend protocol is the same as the frontend protocol by default. You must enter the listening port of the backend service.

    • Forwarding Rule: Supports Round-robin and Least Connections.

    • Peak Bandwidth: Disabled by default. If you enable it, you can set a peak bandwidth.

    • X-Forwarded-For: Enabled by default. This feature obtains the client's real IP address.

    • Session Persistence: Disabled by default. If you enable it, Server Load Balancer distributes access requests from the same client to the same backend server for processing.

    • Health Check: After you enable this feature, if a backend server becomes abnormal, Server Load Balancer automatically distributes new requests to other healthy backend servers. When the abnormal server becomes healthy again, Server Load Balancer automatically resumes sending requests to it. For more information, see Configure health checks.

  4. Click OK to finish.

    The listener appears in the list with a status of In Use.

Listener access control

Warning

Access control is disabled by default. If you enable it, only IP addresses in the whitelist can access the listener of the SLB instance. Use this feature with caution. If you have configured access control permissions in the Alibaba Cloud SLB console, you must manage access control in the Alibaba Cloud SLB console.

  1. Log on to the Resource Management console.

  2. In the navigation pane on the left, click Compute & Network > Server Load Balancer. On the Server Load Balancer tab, click the name of the SLB instance for which you want to create a listener to go to its details page.

  3. On the Listeners tab, click Access Control > Settings in the Operations column. In the window that appears, turn on the switch for access control and click OK.

  4. In the Operations column, click Access Control > Edit. In the window that appears, enter the IP addresses and click OK.

    Separate the IP addresses with commas (,). You can enter up to 300 IP addresses.

More related operations

After a listener is created, you can perform operations such as Stop, Start, Edit, Delete, and View Task Logs on the Listeners tab.

Related links

What is a listener?

Manage backend servers

In Resource Management, the backend server group of an SLB instance is the group of all backend servers that the instance can use. By default, requests are distributed to this backend server group.

You can perform operations such as attaching, detaching, and assigning weights to the backend servers of an SLB instance.

Log on to the Resource Management console. In the navigation pane on the left, click Compute & Network > Server Load Balancer. On the Server Load Balancer tab, click the name of the SLB instance for which you want to configure backend servers to go to its details page. Then, perform the following operations:

Attach a backend server

  1. On the Backend Server Group tab, select To Be Attached. Find the ECS instance that you want to attach and click Attach in the Operations column.

  2. In the dialog box that appears, set the Traffic Weight for the server and click Confirm. You can view the successfully attached ECS instance on the Attached tab.

Detach a backend server

  1. On the Backend Server Group tab, select Attached. You can detach a single server or multiple servers in a batch operation.

    • Batch detachment: Select the checkboxes of the ECS instances that you want to detach and click Detach above the list.

    • Single detachment: Find the ECS instance that you want to detach and click Detach in the Operations column.

  2. In the dialog box that appears, click Confirm. You can view the successfully detached ECS instance on the To Be Attached tab.

Note

A detached ECS instance is not deleted. You can re-attach it or manage it in the ECS console.

Assign weights

On the Backend Server Group tab, you can assign weights to one or more attached backend servers.

Modify the weight of a single server

  1. On the Backend Server Group tab, select Attached.

  2. In the row for the target server, click Modify Weight.

  3. Enter the desired weight for Traffic Weight.

  4. Click OK.

Modify weights in a batch operation

  1. Select the checkboxes of multiple target servers and click Modify Weight above the list.

  2. In the Batch Set Traffic Weight section, enter the desired weight, or set the Traffic Weight for each server individually.

  3. You can click OK to apply the changes.

Related links

Backend server overview

Previous:View disk detailsNext:Security groups