Fault-tolerant website with load balancing by Yandex Network Load Balancer
Create and set up a website on a LAMP
- Prepare your cloud.
- Prepare the network infrastructure.
- Create an instance group.
- Upload the website files.
- Create a network load balancer.
- Test the fault tolerance.
If you no longer need the website, delete all its resources.
You can also use a ready-made config file to deploy an infrastructure to host a fault-tolerant load-balanced site in a VM group via Terraform.
Prepare your cloud
Sign up for Yandex Cloud and create a billing account:
- Go to the management console
and log in to Yandex Cloud or create an account if you do not have one yet. - On the Billing
page, make sure you have a billing account linked and it has theACTIVE
orTRIAL_ACTIVE
status. If you do not have a billing account, create one.
If you have an active billing account, you can go to the cloud page
Learn more about clouds and folders.
Required paid resources
The cost of hosting a website includes:
- Fee for the disks and continuously running VMs (see Yandex Compute Cloud pricing).
- Fee for using dynamic public IP addresses (see pricing Yandex Virtual Private Cloud).
- Fee for network load balancers and traffic balancing (see Yandex Network Load Balancer pricing).
Prepare the network infrastructure
Before creating a VM:
-
Go to the Yandex Cloud management console
and select the folder where you will perform the operations. -
Make sure that the selected folder contains a network with subnets in the
ru-central1-a
andru-central1-b
availability zones. To do this, select Virtual Private Cloud on the folder page. If the subnets or network you need are not listed, create them.
Create an instance group
To create an instance group with a pre-installed web server:
-
In the management console
, select Compute Cloud. -
Open the Instance groups tab and click Create group.
-
Under Basic parameters:
- Give your instance group a name, such as
nlb-vm-group
. - Select a service account from the list or create a new one. To be able to create, update, and delete group instances, assign the
editor
role to the service account. In Instance Groups, all operations are performed on behalf of a service account.
- Give your instance group a name, such as
-
Under Allocation, select three availability zones (
ru-central1-a
andru-central1-b
) to ensure fault tolerance of your hosting. -
Under Instance template, click Define and set up the configuration for a basic instance:
-
Under Basic parameters, enter the template Description:
-
Under Image/boot disk selection, open the Cloud Marketplace tab and click Show more. Choose a product:
Click Use.
-
Under Disks, specify:
- Disk type: HDD.
- Size: 3 GB.
-
Under Computing resources, specify:
- Platform: Intel Ice Lake.
- vCPU: 2.
- Guaranteed vCPU share: 20%
- RAM: 1 GB.
-
Under Network settings:
- Select a cloud network and its subnets.
- In the Public address field, select Auto.
-
Under Access, specify the data required to access the VM:
- In the Service account field, select the service account to link the VM to.
- Enter the username in the Login field.
- In the SSH key field, paste the contents of the public key file.
To establish an SSH connection, you need to create a key pair. For more information, see Creating an SSH key pair.
-
Click Save.
-
-
Under Scaling, enter the Size of the instance group: 2.
-
Under Integration with Load Balancer, select Create target group and specify
nlb-tg
as the group name. -
Click Create.
It may take a few minutes to create an instance group. Once all VMs change their status to RUNNING
, you can upload the website files to them.
See also
Upload the website files
To test the web server, upload the website files to each VM. For example, you can use the index.html
file from this archive
Do the following for each VM instance in the created group:
-
On the Virtual machines tab, click on the name of the desired VM in the list. Under Network, find the VM's public IP address.
-
Connect to the VM via SSH.
-
Grant your user write access to the directory
/var/www/html
:sudo chown -R "$USER":www-data /var/www/html
-
Upload the website files to the VM via SCP
.Linux/macOSWindowsUse the
scp
command-line utility:scp -r <path to the file directory> <VM username>@<VM IP address>:/var/www/html
Use WinSCP
to copy the local file directory to/var/www/html
on the VM.
Create a network load balancer
When creating a network load balancer, you need to add a listener that the load balancer will use to receive traffic, attach the target group created together with the instance group, and set up health checks for resources in it.
To create a network load balancer:
-
In the management console
, open Network Load Balancer. -
Click Create a network load balancer.
-
Name the load balancer, such as
nlb-1
. -
Under Listeners, click Add listener and specify the parameters:
- Listener name:
nlb-listener
. - Port:
80
. - Target port:
80
.
- Listener name:
-
Click Add.
-
Under Target groups:
- Click Add target group and choose the previously created target group
nlb-tg
. If there's only one target group, it's selected automatically. - Under Health check, click Configure and edit the parameters:
- Name of the check:
health-check-1
. - Healthy threshold: Number of successful checks required to consider the VM ready to receive traffic:
5
. - Unhealthy threshold: Number of failed checks after which no traffic will be routed to the VM:
5
.
- Name of the check:
- Click Apply.
- Click Add target group and choose the previously created target group
-
Click Create.
Test the fault tolerance
-
In the management console
, select Compute Cloud. -
Go to the page of the VM from the previously created group. Under Network, find the VM's public IP address.
-
Connect to the VM via SSH.
-
Stop the web service to simulate a failure on the web server:
LAMPLEMPsudo service apache2 stop
sudo service nginx stop
-
Go to Network Load Balancer and select the
nlb-1
load balancer created earlier. -
Find the listener IP address under Listeners. Open the website in the browser using the listener address.
The connection should be successful, even though one of the web servers has failed.
-
When the check is complete, start the web service again:
LAMPLEMPsudo service apache2 start
sudo service nginx start
How to delete the resources you created
To shut down the hosting and stop paying for the created resources:
How to create an infrastructure using Terraform
With Terraform
For more information about the provider resources, see the documentation on the Terraform
If you change the configuration files, Terraform automatically determines which part of your configuration is already deployed and what should be added or removed.
To deploy an infrastructure to host a fault-tolerant load-balanced site in a VM group via Terraform:
-
Install Terraform, get the authentication credentials, and specify the source for installing the Yandex Cloud provider (see Configure a provider, step 1).
-
Prepare files with the infrastructure description:
Ready-made archiveCreating files manually- Create a directory for files:
- Download the archive
(2 KB). - Unpack the archive to the directory. As a result, the
load-balancer.tf
configuration file will be added to it.
-
Create a directory for files:
-
Create the
load-balancer.tf
configuration file in the directory:load-balancer.tfterraform { required_providers { yandex = { source = "yandex-cloud/yandex" version = ">= 0.47.0" } } } provider "yandex" { zone = "ru-central1-a" } variable "folder_id" { description = "Yandex Cloud Folder ID where resources will be created" default = "<folder_ID>" } resource "yandex_iam_service_account" "ig-sa" { name = "ig-sa" } resource "yandex_resourcemanager_folder_iam_member" "editor" { folder_id = var.folder_id role = "editor" member = "serviceAccount:${yandex_iam_service_account.ig-sa.id}" } resource "yandex_compute_instance_group" "ig-1" { name = "nlb-vm-group" folder_id = var.folder_id service_account_id = "${yandex_iam_service_account.ig-sa.id}" instance_template { platform_id = "standard-v3" resources { core_fraction = 20 memory = 1 cores = 2 } boot_disk { mode = "READ_WRITE" initialize_params { image_id = "<image_ID>" type = "network-hdd" size = 3 } } network_interface { network_id = "${yandex_vpc_network.network-1.id}" subnet_ids = ["${yandex_vpc_subnet.subnet-1.id}","${yandex_vpc_subnet.subnet-2.id}" ] nat = true } metadata = { user-data = "#cloud-config\nusers:\n - name: <username>\n groups: sudo\n shell: /bin/bash\n sudo: 'ALL=(ALL) NOPASSWD:ALL'\n ssh-authorized-keys:\n - ${file("<path_to_public_SSH_key>")}" } } scale_policy { fixed_scale { size = 2 } } allocation_policy { zones = ["ru-central1-a", "ru-central1-b"] } deploy_policy { max_unavailable = 1 max_expansion = 0 } load_balancer { target_group_name = "nlb-tg" } } resource "yandex_lb_network_load_balancer" "foo" { name = "nlb-1" listener { name = "nlb-listener" port = 80 } attached_target_group { target_group_id = "${yandex_compute_instance_group.ig-1.load_balancer.0.target_group_id}" healthcheck { name = "health-check-1" unhealthy_threshold = 5 healthy_threshold = 5 http_options { port = 80 } } } } resource "yandex_vpc_network" "network-1" { name = "network1" } resource "yandex_vpc_subnet" "subnet-1" { name = "subnet1" zone = "ru-central1-a" network_id = "${yandex_vpc_network.network-1.id}" v4_cidr_blocks = ["192.168.1.0/24"] } resource "yandex_vpc_subnet" "subnet-2" { name = "subnet2" zone = "ru-central1-b" network_id = "${yandex_vpc_network.network-1.id}" v4_cidr_blocks = ["192.168.2.0/24"] }
For more information about the parameters of resources used in Terraform, see the provider documentation:
-
In the
variable
section, enter the value for thefolder_id
variable, that is, the ID of the folder where the resources are created. -
Under
metadata
, enter the metadata for creating a VM instance, as well as the contents of the SSH key. Specify the key in the format<any_name>:<SSH key contents>
. Regardless of the username specified, the key is assigned to the user set in the LAMP (LEMP) image configuration. Such users vary depending on an image. For more information, see Keys processed in public images. -
Under
boot_disk
, specify the ID of a VM image with a relevant set of components: -
Create resources:
-
In the terminal, change to the folder where you edited the configuration file.
-
Make sure the configuration file is correct using the command:
terraform validate
If the configuration is correct, the following message is returned:
Success! The configuration is valid.
-
Run the command:
terraform plan
The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.
-
Apply the configuration changes:
terraform apply
-
Confirm the changes: type
yes
in the terminal and press Enter.
-