Creating a LoadBalancer

The LoadBalancer needs to bind both my-http-backend-service and my-tomcat-backend-service. In this scenario, only /examples and /examples/* will be traffic forwarded to my-tomcat-backend-service. Other than that, every URI forwards traffic to my-http-backend-service:

//create load balancer(url-map) to associate my-http-backend-service as default
$ gcloud compute url-maps create my-loadbalancer --default-service my-http-backend-service


//add /examples and /examples/* mapping to my-tomcat-backend-service
$ gcloud compute url-maps add-path-matcher my-loadbalancer --default-service my-http-backend-service --path-matcher-name tomcat-map --path-rules /examples=my-tomcat-backend-service,/examples/*=my-tomcat-backend-service


//create target-http-proxy that associate to load balancer(url-map)
$ gcloud compute target-http-proxies create my-target-http-proxy --url-map=my-loadbalancer


//allocate static global ip address and check assigned address
$ gcloud compute addresses create my-loadbalancer-ip --global
$ gcloud compute addresses describe my-loadbalancer-ip --global
address: 35.186.192.6

creationTimestamp: '2018-12-08T13:40:16.661-08:00'

...
...
//create forwarding rule that associate static IP to target-http-proxy
$ gcloud compute forwarding-rules create my-frontend-rule --global --target-http-proxy my-target-http-proxy --address 35.186.192.6 --ports 80
If you don't specify an --address option, ephemeral external IP address will be created and assigned.

Finally, the LoadBalancer has been created. However, one missing configuration remains. Private hosts don't have any firewall rules to allow Tomcat traffic (8080/tcp). This is why, when you see the LoadBalancer status, a healthy status of my-tomcat-backend-service is kept down (0):

In this case, you need to add one more firewall rule that allows connection from LoadBalancer to a private subnet (use the private network tag for this). According to the GCP documentation (https://cloud.google.com/compute/docs/load-balancing/health-checks#https_ssl_proxy_tcp_proxy_and_internal_load_balancing), the health check heart-beat will come from the address range 35.191.0.0/16 to 130.211.0.0/22:

//add one more Firewall Rule that allow Load Balancer to Tomcat (8080/tcp)

$ gcloud compute firewall-rules create private-tomcat --network=my-custom-network --source-ranges 35.191.0.0/16,130.211.0.0/22 --target-tags private --allow tcp:8080

After a few minutes, the my-tomcat-backend-service healthy status will be up to (1); now you can access the LoadBalancer from a web browser. When accessing /, it should route to my-http-backend-service, which has the nginx application on public hosts:

On the other hand, if you access the /examples/ URL with the same LoadBalancer IP address, it will route to my-tomcat-backend-service, which is a Tomcat application on a private host, as shown in the following screenshot:

Overall, there are some steps that need to be performed in order to set up a LoadBalancer, but it's useful to integrate different HTTP applications onto a single LoadBalancer to deliver your service efficiently with minimal resources.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset