Configuring Load Balancing and Route

This section describes how to configure the endpoint and route for component access from outside the environment. Access it from your VPC or Internet.

CAE allows you to configure multiple load balancers at the same time to implement multiple access modes for a component.

Up to 10 load balancers can be configured for a component at the same time.

Prerequisites

You have created an application and component.

Configuring Load Balancing and Route

Log in to CAE.
Choose Component Configurations.
Select the target component from the drop-down list in the upper part of the page.
Click Edit in the Access Mode module.
In the Access Component from Another Environment area, click Load Balancing and Route Configuration > Add Load Balancing and Route Configuration.

On the Create Load Balancing and Route Configuration page, select a load balancer and configure a load balancing policy by referring to Table 2.

**Table 1** Selecting a load balancer
Parameter	Description
Load Balancer	You can select Dedicated or Built-in load balancer. If you select Built-in load balancer, only EIP-based public network access is supported. If you select Dedicated, select the corresponding load balancer from the drop-down list. NOTE: To use a Dedicated load balancer, add the configuration for VPC to access the CAE environment first. Only load balancers in the environment's VPC are supported. If no load balancer is available, click Create Load Balancer to create a load balancer. For details, see Creating a Dedicated Load Balancer.

**Table 2** Configuring a load balancing policy
Parameter	Description
Policy	You can select Weighted round robin, Weighted least connections, or Source IP hash. Weighted round robin: Requests are forwarded to different servers based on their weights, which indicate server processing performance. Backend servers with higher weights receive proportionately more requests, whereas equal-weighted servers receive the same number of requests. This algorithm is often used for short connections, such as HTTP services. Weighted least connections: In addition to the weight assigned to each server, the number of connections processed by each backend server is also considered. Requests are forwarded to the server with the lowest connections-to-weight ratio. Building on least connections, the weighted least connections algorithm assigns a weight to each server based on their processing performance. This algorithm is often used for persistent connections, such as database connections. Source IP hash: The source IP address of each request is calculated using the hash algorithm to obtain a unique hash key, and all backend servers are numbered. The generated key allocates the client to a particular server. This allows requests from different clients to be routed based on source IP addresses and ensures that a client is directed to the same server as always. This algorithm applies to TCP connections without cookies.
Sticky Session	This parameter is available when Policy is set to Weighted round robin or Weighted least connections. Disable: default. Application cookie: A cookie will be generated after receiving a request from the client. All subsequent requests with the cookie are routed to the same backend server.
Health Check	The health check is for the load balancer. Disable: default. HTTP: initiates an HTTP request. TCP: specifies a port for TCP connections.

Set the parameters by referring to Table 3 and Table 4.

**Table 3** Configuring a listener
Parameter	Description
*External Protocol	HTTP and HTTPS are supported. Default value: HTTPS.
*Access Port	The default value is 443 for HTTPS and 80 for HTTP. Value range: 1 to 65535. The port number must be unique.
Access Control	This parameter is available when you select Built-in load balancer for Load Balancer. You can create an access control policy to allow or forbid an IP address to access a component. The value can be an IP address or an IP network segment. Allow all IP addresses Whitelist Only IP addresses in the whitelist are allowed to access the component. Blocklist IP addresses in the blocklist are forbidden to access the component. NOTE: In the access mode configuration, the same access port of the same load balancer can have only one access control configuration. Therefore, pay attention to the following: If you select Built-in load balancer for Load Balancer and configure multiple routing rules for the same port, the access control configurations of these routing rules must be the same. If you select Dedicated for Load Balancer, access control cannot be configured on CAE. Each time you configure a port, a listener is created on the selected load balancer. You can configure access control for the listener corresponding to the port by referring to What Is Access Control?
Security Policy	The value cannot be changed after being set. TLS-1-2 supports TLS 1.2 and corresponding cipher suites (moderate compatibility and high security). TLS-1-0 supports TLS 1.0, 1.1, and 1.2 and corresponding cipher suites (ultra-high compatibility and low security). TLS-1-1 supports TLS 1.1 and 1.2 and corresponding cipher suites (moderate compatibility and high security). TLS-1-2-STRICT supports TLS 1.2 and corresponding cipher suites (fair compatibility and high security). NOTE: The security policies in an environment must be the same.
*Default Server Certificate	Select a certificate from the drop-down list. This parameter is available when External Protocol is set to HTTPS. To add a certificate, click Add Certificate. For details, see Adding a Certificate.
SNI	Select a domain name and the corresponding certificate from the drop-down list. This parameter is available when External Protocol is set to HTTPS. NOTE: If many domain names are bound and the corresponding certificates need to be configured, configure SNI. If it is not configured, all domain names are resolved using Default Server Certificate.

**Table 4** Forwarding policy
Parameter	Description
Domain Name	Select a domain name from the drop-down list. NOTE: To add a domain name, select Configure new domain name. For details, see Adding a Domain Name.
Match URL By	You can select Prefix, Regular expression, or Exact. Prefix: URLs whose prefix is the same as the specified one can be accessed, for example, /healthz/v1 and /healthz/v2. Regular expression: The URL rule can be set, for example, /[A-Za-z0-9_.-]+/test. All URLs that comply with this rule can be accessed, for example, /abcA9/test and /v1-Ab/test. Two regular expression standards are supported: POSIX and Perl. Exact: Only the URL that is the same as the specified one can be accessed. For example, if the URL is set to /healthz, only /healthz can be accessed.
URL	Start with a slash (/) and use letters, digits, and special characters _~';@^-%#&$.+?,=!:\|/()[]{}, for example: /healthz*.
Listening Port	Value range: 1 to 65535.

Figure 1 Load balancing and route configuration
Click to enlarge

The access address consists of a domain name and access port. For example, if the domain name is test-test-16.com and the access port is 13456, the access address is http://test-test-16.com:13456/.

Click OK.
(Optional) To add more load balancing and route configurations, repeat 5 to 8.
Click OK.
Make the configurations take effect.
- If the component has been deployed, click Activate Settings in the upper part of the page. In the dialog box displayed on the right, confirm the configurations and click OK for the configurations to take effect.
- If the component has not been deployed, click Set and Deploy Component in the upper part of the page. In the dialog box displayed on the right, click OK. After the deployment is complete, the configurations take effect.
Choose Components, click the IP address (example: http://test-test-16.com:13456/) in the Access Address column of the component to view its static web page. If you have configured an access control whitelist or blocklist, only IP addresses in the whitelist or not in the blocklist can access the component.

Figure 2 Accessing a static page

Modifying a Load Balancing and Route Configuration

Log in to CAE.
Choose Component Configurations.
Select the target component from the drop-down list in the upper part of the page.
Click Edit in the Access Mode module.
In the Access Component from Another Environment area, click Load Balancing and Route Configuration.
Find the target configuration item and click Edit in the Operation column.

Figure 3 Modifying a load balancing and route configuration
Modify parameter by referring to Table 2, Table 3 Configuring a listener, and Table 4.
Click OK.
Click OK.
Make the configurations take effect.
- If the component has been deployed, click Activate Settings in the upper part of the page. In the dialog box displayed on the right, confirm the configurations and click OK for the configurations to take effect.
- If the component has not been deployed, click Set and Deploy Component in the upper part of the page. In the dialog box displayed on the right, click OK. After the deployment is complete, the configurations take effect.

Deleting a load balancing and route configuration

Log in to CAE.
Choose Component Configurations.
Select the target component from the drop-down list in the upper part of the page.
Click Edit in the Access Mode module.
In the Access Component from Another Environment area, click Load Balancing and Route Configuration.
Find the target configuration item and click Delete in the Operation column.
In the displayed dialog box, click Yes.

Figure 4 Deleting a load balancing and route configuration
Click OK.
Make the configurations take effect.
- If the component has been deployed, click Activate Settings in the upper part of the page. In the dialog box displayed on the right, confirm the configurations and click OK for the configurations to take effect.
- If the component has not been deployed, click Set and Deploy Component in the upper part of the page. In the dialog box displayed on the right, click OK. After the deployment is complete, the configurations take effect.