Tencent Cloud CLB comes with various protocols such as TCP, UDP, TCP SSL, HTTP, and HTTPS, providing businesses with domain names and URL-based forwarding services. This document guides you to quickly create a CLB instance and forward client requests to two CVM instances.
- You have created two CVM instances (this document takes rs-1 and rs-2 as two sample instances). For information on how to create CVM instances, please see Creating Instances via CVM Purchase Page.
- You have deployed backend services on the two CVM instances. This document takes HTTP forwarding as an example. Nginx servers have been deployed on CVM instances rs-1 and rs-2, and the two instances return two HTML static pages saying "Hello nginx! This is rs-1!" and "Hello nginx! This is rs-2!". For more information, please see Deploying Nginx on CentOS.
- This document describes the steps for bill-by-IP accounts. For bill-by-CVM accounts, please first purchase public network bandwidth for CVM instances. If you are unsure of your account type, please see Checking Account Type.
- In this example, different services deployed on real servers will return different values. In practice, the services deployed on real servers are identical to provide a consistent experience for all users.
Step 1: Purchasing a CLB Instance
After a successful purchase, the system will automatically assign a VIP to the CLB instance. The VIP will be used as the IP address to provide services to clients.
- Log in to the Tencent Cloud console and go to the CLB purchase page.
- First, select the same region as your CVM instance. Next, select Cloud Load Balancer as the instance type, Public Network as the network type. For more details, please see Product Attribute Selection.
The beta test of static single-line IP is only available in Jinan, Hangzhou, Fuzhou, Shijiazhuang, Wuhan, and Changsha. You can submit an application for using it. Once allowed, you can select an ISP (China Mobile, China Unicom, or China Telecom) on the purchase page. If you want to try it out in Guangzhou, Shanghai, Nanjing, Beijing, Chengdu, and Chongqing, please contact your sales rep.
- Click Buy Now and make a payment.
- Return to the Instance Management page, select the region to see the new instance.
Step 2: Configuring a CLB Listener
A CLB listener is used for forwarding through a specified protocol and port. This document demonstrates how to configure a CLB instance to forward client HTTP requests.
Configure the HTTP listening protocol and port
When a client initiates a request, the CLB instance will receive the request according to the listening frontend protocol and port, and forward the request to the real server.
- Log in to the CLB Console.
- On the Instance Management page, click Configure Listener under the Operation column of the target CLB instance.
- On the Listener Management tab, click Create under HTTP/HTTPS Listener.
- In the Create Listener window, please configure the following items and click Submit.
- Listener name.
- Listen protocol port (e.g., HTTP:80).
Configure the listener's forwarding rule
If a client initiates a request, the CLB instance will forward the request according to the configured listener's forwarding rule.
- On the Listener Management tab, click + on the right of the new listener.
- In the Create Forwarding Rules window, configure the domain name, URL, balancing method, and then click Next.
- Domain name: the domain name of your real server (e.g., www.example.com).
- Default domain name: if a client request does not match any listener domain names, the CLB instance will forward the request to the default domain name (default server). Each listener can be configured with only one default domain name. If a listener has no default domain name, the CLB instance will forward the request to the first domain name. This example will skip the configuration step.
- URL: the access path to your real server (e.g.,
- Select Weighted Round Robin as the balancing method and then click Next. For more information, please see Load Balancing Methods.
- Enable health check. Use the default values for both check domain and path fields, and click Next.
- Disable session persistence and click Submit.
For more information on CLB listeners, please see CLB Listener Overview.
- Forwarding rules: each listener can be configured with multiple domain names, and each domain name can be configured with multiple URLs. You can select a listener or domain name, and then click the + icon to create new rules.
- Session persistence: if session persistence is disabled and a round-robin method is selected, requests from the same client will be assigned to different real servers in sequence; if session persistence is enabled, or it is disabled but
ip_hash balancing method is used, requests from the same client will always be assigned to the same real server.
Bind real servers to the listener
If a client initiates a request, the CLB instance will forward the request to the CVM instance that is bound to its listener for processing.
- On the Listener Management tab, click + to expand the new listener. Click the URL, and click Bind in the Forwarding Rules section on the right.
- In the pop-up window, select CVM as the instance type, select the two CVM instances rs-1 and rs-2 (which are in the same region as the CLB instance), set their ports to 80 and weights to 10 (the default value), and click Confirm.
- Now you can view the bound CVM instances and their health check status in the Forwarding Rules section. If the port health status is Healthy, the CVM instance can normally process requests forwarded by CLB instances.
One forwarding rule (listening protocol, port, domain name, and URL) can be bound with multiple ports of the same CVM instance. If a user deploys the same service on the port 80 and 81 of rs-1, both ports can be bound with the sample forwarding rule and both will receive requests forwarded by the CLB instance.
Step 3: Configuring a Security Group
After creating a CLB instance, you can configure a CLB security group to isolate public network traffic. For more information, please see CLB Security Group Configuration.
After configuring a security group, you can enable or disable the Allow Traffic by Default feature:
Method 1: Enable "Allow Traffic by Default in Security Group"
For more information, please see CLB Security Group Configuration.
Method 2: Allow specific client IPs on the CVM security group
For more information, please see CLB Security Group Configuration.
Step 4: Verifying the CLB Service
After configuring a CLB instance, you can verify whether it is effective by accessing different real servers via different domain names and URLs under the same CLB instance, or verifying the Content-based Routing feature.
Method 1: Configure
hosts and map the domain name to the CLB instance
- In a Windows device, modify the hosts file at the directory
C:\Windows\System32\drivers\etc, and map the domain name to the CLB instance's VIP.
- To verify whether the hosts is successfully configured, you can run a ping command in the cmd.exe to test whether the domain name is successfully bound with the VIP. If there are data packs returned, they are successfully bound.
- Test the CLB service by accessing http://www.example.com/image/ via a browser. If your page returns the image below, then the request has been forwarded to the CVM rs-1 by the CLB instance, and the CVM has normally processed the request and returned the service page.
- As the balancing method of the listener is weighted round robin, and the weights of the two CVM instances are 10, you can refresh the browser to initiate the request again. If your page returns the image below, the request has been forwarded to the CVM rs-2 by the CLB instance.
The / in the image/ cannot be omitted. / indicates that image is a default directory instead of a file name.
Configuring Redirection (optional)
CLB supports automatic redirection and manual redirection. For more information, please see Configuring Layer-7 Redirection.
- Automatic redirection (forced HTTPS): when a PC or mobile browser accesses a web service with an HTTP request, an HTTPS response is returned to the browser after the request passes through the CLB proxy, forcing the browser to access the webpage using HTTPS.
- Manual redirection: if you want to temporarily deactivate your web business in cases such as product sellout, page maintenance, or update and upgrade, you need to redirect the original page to a new page. Otherwise, the old address in a visitor's favorites and search engine database will return a 404 or 503 error message page, degrading the user experience, resulting in traffic waste, and even invalidating the accumulated scores on search engines.