Create a Network Load Balancer – Elastic Load Balancing
Mục Lục
Create a Network Load Balancer
A load balancer takes requests from clients and distributes them across targets in a
target group, such as EC2 instances.
Before you begin, ensure that the virtual private cloud (VPC) for your load balancer
has at least one public subnet in each Availability Zone where you have targets. You
must also configure a target group and register at least one target to set as default in
order to route your traffic to the target group.
To create a load balancer using the AWS CLI, see Tutorial: Create a Network Load Balancer using the AWS CLI.
To create a load balancer using the AWS Management Console, complete the following tasks.
Step 1: Configure a target group
Configuring a target group allows you to register targets such as EC2 instances.
The target group that you configure in this step is used as the target group in the
listener rule when you configure your load balancer. For more information, see Target groups for your Network Load Balancers.
To configure your target group
-
Open the Amazon EC2 console at
https://console.aws.amazon.com/ec2/. -
In the navigation pane, choose Target Groups.
-
Choose Create target group.
-
On the Basic configuration pane, do
the following:-
For Choose a target type, select
Instances to register targets by instance
ID, IP addresses to register targets by IP
address, or Application Load Balancer to register an Application Load Balancer as a
target. -
For Target group name, enter a name for the
target group. -
For Protocol, choose a protocol as
follows:-
If the listener protocol is TCP, choose
TCP or
TCP_UDP. -
If the listener protocol is TLS, choose
TCP or
TLS. -
If the listener protocol is UDP, choose
UDP or
TCP_UDP. -
If the listener protocol is TCP_UDP, choose
TCP_UDP.
-
-
(Optional) For Port, modify the default value
as needed. -
For VPC, select a virtual private cloud (VPC)
with the targets that you want to register with your target
group. -
For Protocol version, select
HTTP1 when the request protocol is HTTP/1.1
or HTTP/2; select HTTP2, when the request
protocol is HTTP/2 or gRPC; and select gRPC,
when the request protocol is gRPC.
-
-
On the Health checks pane, modify the default
settings as needed. For Advanced health check settings,
choose the health check port, count, timeout, interval, and specify success
codes. If health checks consecutively exceed the Unhealthy
threshold count, the load balancer takes the target out of
service. If health checks consecutively exceed the Healthy
threshold count, the load balancer puts the target back in
service. For more information, see Health checks for your target groups. -
(Optional) Add one or more tags as follows:
-
Expand the Tags section.
-
Choose Add tag.
-
Enter the tag Key and tag
Value. For more information,
see Tags.
-
-
Choose Next.
Step 2: Register targets
You can register EC2 instances, IP addresses, or an Application Load Balancer with your target group.
This is an optional step to create a load balancer. However, you must register your
targets to ensure that your load balancer can route traffic to them.
-
On the Register targets page, add one or more targets
as follows:-
If the target type is Instances, select one
or more instances, enter one or more ports, and then choose
Include as pending below. -
If the target type is IP addresses, select
the network, enter the IP address and ports, and then choose
Include as pending below. -
If the target type is Application Load Balancer, select an
Application Load Balancer.
-
-
Choose Create target group.
Step 3: Configure a load balancer and a
listener
To create a Network Load Balancer, you must first provide basic configuration information for your
load balancer, such as a name, scheme, and IP address type. Then provide information
about your network, and one or more listeners. A listener is a process that checks
for connection requests. It is configured with a protocol and a port for connections
from clients to the load balancer. For more information about supported protocols
and ports, see Listener configuration.
To configure your load balancer and listener
-
Open the Amazon EC2 console at
https://console.aws.amazon.com/ec2/. -
In the navigation pane, choose Load Balancers.
-
Choose Create load balancer.
-
Under Network Load Balancer, choose Create.
-
Basic configuration
-
For Load balancer name, enter a name for your
load balancer. For example,my-nlb
. The name
of your Network Load Balancer must be unique within your set of Application Load Balancers and Network Load Balancers
for the Region. It can have a maximum of 32 characters, and contain
only alphanumeric characters and hyphens. It must not begin or end
with a hyphen, or withinternal-
. -
For Scheme, choose
Internet-facing or
Internal. An internet-facing load balancer
routes requests from clients to targets over the internet. An
internal load balancer routes requests to targets using private IP
addresses. -
For IP address type, choose IPv4
if your clients use IPv4 addresses to communicate with the load balancer or
Dualstack if your clients use both IPv4 and
IPv6 addresses to communicate with the load balancer.
-
-
Network mapping
-
For VPC, select the VPC that you used for
your EC2 instances. If you selected
Internet-facing for
Scheme, only VPCs with an internet gateway
are available for selection. -
For Mappings, select one or more Availability
Zones and corresponding subnets. Enabling multiple Availability
Zones increases the fault tolerance of your applications. For
internet-facing load balancers, you can select an Elastic IP address
for each Availability Zone. This provides your load balancer with
static IP addresses. Alternatively, for an internal load balancer,
you can assign a private IP address from the IPv4 range of each
subnet instead of letting AWS assign one for you.
-
-
Listeners and routing
-
The default is a listener that accepts TCP traffic on port 80. You
can keep the default listener settings, or modify
Protocol and Port as
needed. -
For Default action, select a target group to
forward traffic. If you didn’t create a target group previously, you
must create one now. You can optionally choose Add
listener to add another listener (for example, a TLS
listener). -
(Optional) Add tags to categorize your listener.
-
For Secure listener settings (available only
for TLS listeners), do the following:-
For Security policy, choose a security
policy that meets your requirements. -
For ALPN policy, choose a policy to enable
ALPN or choose None to disable ALPN. -
For Default SSL certificate, choose
From ACM (recommended) and select a
certificate. If you don’t have an available certificate,
you can import a certificate into ACM or use ACM to
provision one for you. For more information, see Issuing and managing
certificates in the AWS Certificate Manager User Guide.
-
-
-
Tags
(Optional) Add tags to categorize your load balancer. For more information,
see Tags. -
Summary
Review your configuration, and choose Create load
balancer. A few default attributes are applied to
your load balancer during creation. You can view and edit them after
creating the load balancer. For more information, see Load balancer attributes.
Step 4: Test the load balancer
After creating your load balancer, you can verify that your EC2 instances have
passed the initial health check and then test that the load balancer is sending
traffic to your EC2 instances. To delete the load balancer, see Delete a Network Load Balancer.
To test the load balancer
-
After the load balancer is created, choose Close.
-
In the left navigation pane, choose Target Groups.
-
Select the newly created target group.
-
Choose Targets and verify that your instances are
ready. If the status of an instance isinitial
, it’s probably
because the instance is still in the process of being registered, or it has
not passed the minimum number of health checks to be considered healthy.
After the status of at least one instance is healthy, you can test your load
balancer. For more information, see Target health status. -
In the navigation pane, choose Load Balancers.
-
Select the newly created load balancer.
-
Copy the DNS name of the load balancer (for example,
my-load-balancer-1234567890abcdef.elb.us-east-2.amazonaws.com).
Paste the DNS name into the address field of an internet-connected web
browser. If everything is working, the browser displays the default page of
your server.