Create an internal network load balancer
The feature is at the Preview stage.
Note
The internal load balancer's listener is assigned a random IP address from the range of addresses of the selected subnet.
If you don't have the Yandex Cloud command line interface, install it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
Before creating a load balancer, create a target group to attach to it.
-
View a description of the CLI command to create a network load balancer:
yc load-balancer network-load-balancer create --help
-
To create an internal load balancer with a listener, run the following command:
yc load-balancer network-load-balancer create \ --name internal-lb-test \ --type internal \ --region-id ru-central1 \ --listener name=test-listener,port=80,internal-subnet-id=<subnet ID>,internal-address=<internal IP address from subnet address range>
-
Get the list of all load balancers to make sure that the load balancer was created:
yc load-balancer network-load-balancer list
You can create an internal load balancer using the create API method.
With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it by configuration files. They store the infrastructure description in HashiCorp Configuration Language (HCL). Terraform and its providers are distributed under the Mozilla Public License.
For more information about the provider resources, see the documentation on the Terraform site or mirror site.
If you change the configuration files, Terraform automatically determines which part of your configuration is already deployed and what should be added or removed.
If you don't have Terraform, install it and configure the Yandex Cloud provider.
To create an internal network load balancer with a listener:
-
In the configuration file, describe the parameters of resources that you want to create:
name
: The name of the network load balancer.type
: The type of the network load balancer. Use internal to create aninternal
network load balancer.listener
: The listener parameters.name
: The name of the listener.port
: The port to receive traffic.internal_address_spec
: The specification of the internal load balancer's listener.address
: Internal IP address from the range of the selected subnet.subnet_id
: The subnet..
Example configuration file structure:
provider "yandex" { token = "<OAuth or static key of service account>" folder_id = "<folder ID>" zone = "ru-central1-a" } resource "yandex_lb_network_load_balancer" "internal-lb-test" { name = "internal-lb-test" type = "internal" listener { name = "my-listener" port = 8080 internal_address_spec { address = "<internal IP address>" subnet_id = "<subnet ID>" } }
For more information about the resources you can create using Terraform, see the provider documentation.
-
Make sure that the configuration files are correct.
- In the command line, go to the directory where you created the configuration file.
- Run the check using the command:
terraform plan
If the configuration is described correctly, the terminal displays a list of created resources and their parameters. If there are errors in the configuration, Terraform points them out.
-
Deploy the cloud resources.
- If the configuration doesn't contain any errors, run the command:
terraform apply
- Confirm that you want to create the resources.
Afterwards, all the necessary resources are created in the specified folder. You can check that the resources are there with the correct settings using the management console.
- If the configuration doesn't contain any errors, run the command:
Examples
Creating an internal load balancer without a listener
To create an internal load balancer without a listener, run the command:
yc load-balancer network-load-balancer create \
--name internal-lb-test-1 \
--type internal \
--region-id ru-central1
-
In the configuration file, describe the resource parameters without the
listener
section:Example of creating an internal network load balancer without a listener using Terraformresource "yandex_lb_network_load_balancer" "internal-lb-test" { name = "internal-lb-test" type = "internal"
For more information about resources that you can create using Terraform, see the provider documentation.
-
Make sure that the configuration files are correct.
-
In the command line, go to the directory where you created the configuration file.
-
Run the check using the command:
terraform plan
If the configuration is described correctly, the terminal displays a list of created resources and their parameters. If there are errors in the configuration, Terraform points them out.
-
-
Deploy the cloud resources.
-
If the configuration doesn't contain any errors, run the command:
terraform apply
-
Confirm the resource creation: type
yes
in the terminal and press Enter.Afterwards, all the necessary resources are created in the specified folder. You can verify that the resources are there and properly configured in the management console or using the following CLI command:
yc load-balancer network-load-balancer get <name of internal network load balancer>
-
Creating an internal load balancer with a listener and attached target group
-
To create an internal load balancer with a listener and immediately attach a target group to it, get the list of target groups:
yc load-balancer target-group list
Result:
+----------------------+------------------+---------------------+-------------+--------------+ | ID | NAME | CREATED | REGION ID | TARGET COUNT | +----------------------+------------------+---------------------+-------------+--------------+ | b7rv80bfibkph3ekqqle | test-internal-tg | 2020-08-09 07:49:18 | ru-central1 | 3 | +----------------------+------------------+---------------------+-------------+--------------+
-
Run the command using the target group ID in the
target-group-id
parameter:yc load-balancer network-load-balancer create \ --name internal-lb-test-3 \ --type internal \ --region-id ru-central1 \ --listener name=test-listener,port=80,internal-subnet-id=e9b81t3kjmi0auoi0vpj,internal-address=10.10.0.14 \ --target-group target-group-id=b7rv80bfibkph3ekqqle,healthcheck-name=http,healthcheck-interval=2s,healthcheck-timeout=1s,healthcheck-unhealthythreshold=2,healthcheck-healthythreshold=2,healthcheck-http-port=80
Note the format of the
healthcheck-interval
andhealthcheck-timeout
parameters: specify their values asNs
, whereN
is the value in seconds.
-
To create an internal network load balancer with a listener, open the Terraform configuration file and add the
listener
section to the internal network load balancer's description. To attach a target group, add theattached_target_group
section and specify the target group in thetarget_group_id
field.Example of creating an internal network load balancer with a listener and attached target group using Terraformresource "yandex_lb_network_load_balancer" "internal-lb-test" { name = "internal-lb-test" type = "internal" listener { name = "my-listener" port = 9000 internal_address_spec { subnet_id = "b0cp4drld130kuprafls" ip_version = "ipv4" } } attached_target_group { target_group_id = "${yandex_lb_target_group.my-target-group.id}" healthcheck { name = "http" http_options { port = 9000 path = "/ping" } } } }
For more information about resources that you can create using Terraform, see the provider documentation.
-
Make sure that the configuration files are correct.
-
In the command line, go to the directory where you created the configuration file.
-
Run the check using the command:
terraform plan
If the configuration is described correctly, the terminal displays a list of created resources and their parameters. If there are errors in the configuration, Terraform points them out.
-
-
Deploy the cloud resources.
-
If the configuration doesn't contain any errors, run the command:
terraform apply
-
Confirm the resource creation: type
yes
in the terminal and press Enter.Afterwards, all the necessary resources are created in the specified folder. You can verify that the resources are there and properly configured in the management console or using the following CLI command:
yc load-balancer network-load-balancer get <name of internal network load balancer>
-