Function Overview
-
Global Accelerator
-
Global Accelerator allows users around the world to access cloud applications faster through public IP addresses and highly reliable, low-latency, and secure networking services.
As shown in Figure 1, a multinational enterprise has branches all over the world. The Singapore branch has deployed an application on two servers in the CN South-Guangzhou region, and the Hong Kong branch has deployed an application on two servers in the CN-Hong Kong region.
With Global Accelerator, each branch can access their application faster from the nearest access point.
Displayed on the management console.
-
-
Acceleration Area
-
An acceleration area is where a global accelerator is used for faster application access. Global Accelerator deploys access points both inside and outside the Chinese mainland.
Table lists the access points supported by Global Accelerator.
Applicability
Geographic Region
Access Point
Chinese mainland
Chinese mainland
Guangzhou, Beijing, and Shanghai
Outside the Chinese mainland
Asia Pacific
Hong Kong (China), Singapore, Bangkok (Thailand), Jakarta (Indonesia), Manila (Philippines), Tokyo (Japan), and Ho Chi Minh (Vietnam)
Latin America
Bogota (Colombia), Mexico City (Mexico), and Sao Paulo (Brazil)
Middle East
Istanbul (Türkiye), Dubai (United Arab Emirates), and Riyadh (Saudi Arabia)
Africa
Johannesburg (South Africa) and Cairo (Egypt)
Europe
Europe
Paris (France) and Frankfurt (Germany)
-
-
Listener
-
Each global accelerator has at least one listener for listening to requests and distributing the requests to endpoints using the load balancing algorithm.
Protocols Supported by Listeners
Table 1 Protocols supported by listeners OSI Layer
Protocol
Description
Scenarios
Layer 4
TCP
- Source IP address-based sticky sessions
- Fast data transfer
- File transfer, email sending and receiving, remote login, and other scenarios that require high reliability and high data accuracy
- Web applications that need to be robust and require high performance to process a large number of concurrent requests
Layer 4
UDP
- Relatively low reliability
- Fast data transfer
Video chats, gaming, real-time financial quotations, and other scenarios that require quick response
Listening Ports
Table 2 Listening ports Protocol
Port Range
Description
TCP
1–65535
Ports 22 is used by the system and are not recommended.
Multiple ports or port ranges are separated by commas (,).
UDP
1–65535
Ports 4789 is used by the system and are not recommended.
Multiple ports or port ranges are separated by commas (,).
Displayed on the management console.
-
-
Endpoint Group
-
An endpoint group includes one or more endpoints in a given region. The global accelerator routes traffic to the endpoints in an endpoint group based on the load balancing algorithm.
You need to associate an endpoint group with each listener, which will route traffic to the endpoints in the associated endpoint group.
Displayed on the management console.
-
-
Endpoint
-
An endpoint is a destination to which requests are routed. Currently, only EIPs can be used as endpoints, and up to 10 endpoints can be added to each endpoint group.
If there are multiple endpoints in an endpoint group, you can set a weight for each endpoint to specify the proportion of requests to distribute to each endpoint. The global accelerator adds up the weights of all endpoints in the endpoint group and routes requests to each endpoint based on the ratio of its weight to the total weights.
Displayed on the management console.
-
-
Health Check
-
Global Accelerator provides health check to ensure service reliability and availability.
After you enable health check, the global accelerator periodically sends requests to endpoints to check their status. If any endpoints become unavailable, the global accelerator stops sending requests to these endpoints. After the endpoints recover from failure, the global accelerator starts routing requests to them again.
Currently, only TCP can be used for health check.
TCP Health Check
TCP health check is performed on the network layer through three-way handshakes.
Figure 1 shows the TCP health check process.
The TCP health check process is as follows:
- The global accelerator sends a TCP SYN packet to the endpoint.
- The endpoint returns an SYN-ACK packet.
- If the global accelerator does not receive the SYN-ACK packet within the timeout duration, it declares that the endpoint is unhealthy and sends an RST packet to the endpoint to terminate the TCP connection.
- If the global accelerator receives the SYN-ACK packet from the endpoint within the timeout duration, it declares that the endpoint is healthy and sends an ACK packet and an RST packet to the endpoint to terminate the TCP connection.
Health Check Time Window
Health check helps ensure service availability. To avoid frequent health checks on endpoints, you can disable health check after several consecutive health checks that declare endpoints healthy or unhealthy.
The time required for declaring endpoints healthy or unhealthy is determined by the following factors:
- Interval: how often health checks are performed.
- Timeout: how long the load balancer waits for the response from the endpoint.
- Maximum Retries: indicates the maximum number of consecutive health checks after which an endpoint is declared healthy.
Endpoints can be declared unhealthy after three consecutive health checks that detect the endpoints are unhealthy, regardless of the value set for Maximum Retries.
The following is a formula for you to calculate the time required for declaring endpoints healthy or unhealthy:
- Time required for declaring endpoints healthy = Timeout x Maximum retries + Interval x (Maximum retries – 1)
- Time required for declaring endpoints unhealthy = Timeout x 3 + Interval x (3 – 1)
For example:
The interval is set to 4s, and the timeout is set to 2s.
Time required for declaring endpoints unhealthy = 2 x 3 + 4 x (3 – 1) = 14s
Displayed on the management console.
-
-
IP Address Group
-
An IP address group is a collection of IP addresses. You can use IP address groups to manage IP addresses with the same security requirements or whose security requirements change frequently.
You can configure a whitelist or blacklist to allow or deny accesses from IP addresses in an IP address group to listeners.
You can add IPv4 or IPv6 CIDR blocks to an IP address group and associate the IP address group with a maximum of 10 listeners.
Displayed on the management console.
-
-
Cross-Border Permits
-
In accordance with the laws and administrative regulations of the Ministry of Industry and Information Technology (MIIT) of the People's Republic of China, only three major operators in the Chinese mainland are allowed for cross-border network communications, and a cross-border permit is required if you carry out business activities outside the Chinese mainland.
To comply with laws and regulations on cross-border network communications, you need to apply for a cross-border permit.
Cross-border communications are required in the following two scenarios:
- The acceleration areas are inside the Chinese mainland, but the endpoints are running outside the Chinese mainland.
- The acceleration areas are outside the Chinese mainland, but the endpoints are running inside the Chinese mainland.
Displayed on the management console.
-
-
Monitoring
-
Monitoring is key to ensuring the performance, reliability, and availability of Global Accelerator. You can use Cloud Eye to monitor the Global Accelerator status and resource usage on a single pane of glass. You can also configure Cloud Eye to alert you of any potential issues in Global Accelerator in real time.
Displayed on the management console.
-
-
Cloud Trace Service
-
With Cloud Trace Service (CTS), you can record operations associated with Global Accelerator for later query, audit, and backtracking.
After CTS is enabled, CTS starts recording operations on cloud resources. The CTS management console stores the last seven days of operation records.Displayed on the management console.
-
-
Permissions Management
-
If you need to assign different permissions to employees in your enterprise to access your Global Accelerator resources, IAM is a good choice for fine-grained permissions management. IAM provides identity authentication, permissions management, and access control, helping you secure access to your cloud resources.
With IAM, you can use your Huawei Cloud account to create IAM users, and assign permissions to the users to control their access to specific resources. For example, some software developers in your enterprise need to use Global Accelerator resources but should not delete them or perform any other high-risk operations. In this scenario, you can create IAM users for the software developers and grant them only the required permissions.
Displayed on the management console.
-
-
API
-
Global Accelerator provides extended REST APIs.
These APIs allow you to perform operations on all the resources of Global Accelerator, including global accelerators, listeners, endpoint groups, endpoints, health checks, and regions.
Displayed on the management console.
-
-
SDK
-
With the GA SDKs, you can easily invoke Global Accelerator APIs, SDKs support Java, Python, Go, NodeJs, and PHP languages. You can use APIs or any other well-known SDKs.
Displayed on the management console.
-
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot