Backend Servers for Load Balancers
Manage backend servers for use with a load balancer.
When you create a load balancer, you must specify the backend servers (Compute instances ) to include in each backend set . The load balancer routes incoming traffic to these backend servers based on the policies you specified for the backend set. You can use the Console to add and remove backend servers in a backend set.
Selection of a backend server's transport protocol (HTTP, HTTPS (using SSL), and TCP) is configured in the backend set. See Backend Sets for Load Balancers for more information.
You can perform the following backend server management tasks:
Traffic Routing
To route traffic to a backend server, the Load Balancer service requires the IP address of the compute instance and the relevant application port. If the backend server resides within the same VCN as the load balancer, we recommend that you specify the compute instance's private IP address. If the backend server resides within a different VCN that's not peered with this VCN, you must specify the public IP address of the compute instance. If the backend server resides in a peered VCN, we recommend that you specify the private IP of the compute instance. You also must ensure that the VCN's security rules allow internet traffic.
When you add backend servers to a backend set, you specify either the instance OCID or an IP address for the server to add. An instance with multiple VNICs attached can have multiple IP addresses pointing to it. Note the following:
-
If you identify a backend server by OCID, the load balancer uses the primary VNIC's primary private IP address.
-
If you identify the backend servers to add to a backend set by their IP addresses, it's possible to point to the same instance more than once.
To enable backend traffic, your backend server subnets must have appropriate ingress and egress security rules. When you add backend servers to a backend set, you can specify the applicable network security groups (NSGs). If you prefer to use security lists for your VCN, the Load Balancer service Console can suggest security list rules for you. You also can configure them yourself through the Networking service. See Security Lists for more information.
To accommodate high-volume traffic, we strongly recommends that you use stateless security rules for your load balancer subnets. See Stateful Versus Stateless Rules for more information.
You can add and remove backend servers without disrupting traffic.
You can set up backend servers as compute instance pools. See Creating Instance Pools for more information.
Using Backend Servers with Public IP Addresses
If your backend servers have public IP addresses, configure a NAT gateway by adding route rules for connecting your public load balancer to its public IP address-based backend servers. See NAT Gateway for more information. Refer to the FAQ entry on adding route rules in Flexible Load Balancing FAQ.