Functions

Global Accelerator

Global Accelerator allows users around the world to access cloud applications faster through anycast IP addresses and highly reliable, low-latency, and secure networking services.

As shown in the figure below, a multinational enterprise has branches all over the world. The Singapore branch has deployed an application on two servers in the CN South-Guangzhou region, and the Hong Kong branch has deployed an application on two servers in the CN-Hong Kong region.

With Global Accelerator, each branch can access their application faster from the nearest access point.

For details, see Global Accelerators.

Listeners

You need to configure a listener for your global accelerator. A listener checks for connection requests and distributes traffic to endpoints based on specific policies.

• Protocols supported by listeners

  OSI Layer	Protocol	Description	Where to Use
  Layer 4	TCP	Source IP address-based sticky sessions Fast data transfer	File transfer, email sending and receiving, remote login, and other scenarios that require high reliability and high data accuracy Web applications that need to be robust and require high performance to process a large number of concurrent requests
  Layer 4	UDP	Relatively low reliability Fast data transfer	Video chats, gaming, real-time financial quotations, and other scenarios that require quick response

• Listening ports

  Protocol	Port Range	Description
  TCP	1-65535	Port 22 is already used by the system and is not recommended. Multiple ports or port ranges are separated by commas (,).
  UDP	1-65535	Port 4789 is already used by the system and is not recommended. Multiple ports or port ranges are separated by commas (,).

For details, see Listeners.

Endpoint Groups

An endpoint group includes one or more endpoints in a given region. You can set a weight for each endpoint group, and Global Accelerator will route requests based on the weights you specified.

You need to associate an endpoint group with each listener, which will route traffic to the endpoints in the associated endpoint group.

For details, see Endpoint Groups.

Endpoints

An endpoint is a destination to which requests are routed, and up to 10 endpoints can be added to each endpoint group.

If there are multiple endpoints in an endpoint group, you can set a weight for each endpoint to specify the proportion of requests to distribute to each endpoint. The global accelerator adds up the weights of all endpoints in the endpoint group and routes requests to each endpoint based on the ratio of its weight to the total weights.

For details, see Endpoint Groups.

Health Checks

Global Accelerator provides health check to monitor the health of endpoints to help improve service reliability and availability.

You can enable health check for an endpoint group. After you enable health check, the global accelerator periodically sends requests to endpoints to check their status. If any endpoints become unavailable, the global accelerator stops sending requests to these endpoints. After the endpoints recover from failure, the global accelerator continue to route requests to them.

TCP and UDP can be used for health checks.

TCP health check is performed on the network layer through three-way handshakes.

• TCP health check process

  

  The TCP health check process is as follows:

  1. The global accelerator sends a TCP SYN packet to the endpoint.
  2. The endpoint returns an SYN-ACK packet.
     • If the global accelerator does not receive the SYN-ACK packet within the timeout duration, it declares that the endpoint is unhealthy and sends an RST packet to the endpoint to terminate the TCP connection.
     • If the global accelerator receives the SYN-ACK packet from the endpoint within the timeout duration, it declares that the endpoint is healthy and sends an ACK packet and an RST packet to the endpoint to terminate the TCP connection.
• Health check tme window

  Health check helps ensure service availability. To avoid frequent health checks on endpoints, you can disable health check after several consecutive health checks that declare endpoints healthy or unhealthy.

  The time required for declaring endpoints healthy or unhealthy is determined by the following factors:

  • Interval: how often health checks are performed.
  • Timeout: how long the global accelerator waits for the response from the endpoint.
  • Maximum Retries: the maximum number of consecutive health checks after which an endpoint is declared healthy.

  Endpoints can be declared unhealthy after three consecutive health checks that detect the endpoints are unhealthy, regardless of the value set for Maximum Retries.

  The following is a formula for you to calculate the time:

  • Time required for declaring endpoints healthy = Timeout x Maximum retries + Interval x (Maximum retries – 1)
  • Time required for declaring endpoints unhealthy = Timeout x 3 + Interval x (3 – 1)

  For example, if the interval is set to 4s and the timeout is set to 2s, the time required for declaring endpoints unhealthy is 2 x 3 + 4 x (3 – 1) = 14s

For details, see Health Checks.

IP Address Groups

An IP address group is a collection of IP addresses. You can use IP address groups to manage IP addresses with the same security requirements or whose security requirements change frequently.

You can configure a whitelist or blacklist to allow or deny accesses from IP addresses in an IP address group to listeners.

You can add IPv4 or IPv6 CIDR blocks to an IP address group and associate the IP address group with a maximum of 10 listeners.

For details, see IP Address Groups.

Cross-Border Permits

In accordance with the laws and administrative regulations of the Ministry of Industry and Information Technology (MIIT) of the People's Republic of China, only China Mobile, China Telecom, and China Unicom are allowed for cross-border network communications, and a cross-border permit is required if you carry out business activities outside the Chinese mainland.

To comply with laws and regulations on cross-border network communications, you need to apply for a cross-border permit.

For details, see Cross-Border Permits.

Monitoring

Monitoring is key to ensuring the performance, reliability, and availability of Global Accelerator. You can use Cloud Eye to monitor the Global Accelerator status and resource usage on a single pane of glass. You can also configure Cloud Eye to alert you of any potential issues in Global Accelerator in real time.

For details, see Cloud Eye Monitoring.

Interconnecting with CTS

With Cloud Trace Service (CTS), you can record operations associated with Global Accelerator for later query, audit, and backtracking.

After CTS is enabled, CTS starts recording operations on cloud resources. The CTS management console stores the last seven days of operation records.

For details, see Using CTS to Collect Global Accelerator Key Operations.

Permissions

If you need to assign different permissions to employees in your enterprise to access your Global Accelerator resources, IAM is a good choice for fine-grained permissions management. IAM provides identity authentication, permissions management, and access control, helping you secure access to your cloud resources.

With IAM, you can use your HUAWEI ID to create IAM users, and assign permissions to the users to control their access to specific resources. For example, some software developers in your enterprise need to use Global Accelerator resources but should not delete them or perform any other high-risk operations. In this scenario, you can create IAM users for the software developers and grant them only the required permissions.

For details, see Permissions.

APIs

Global Accelerator provides extended REST APIs.

These APIs allow you to perform operations on all the resources of Global Accelerator, including global accelerators, listeners, endpoint groups, endpoints, health checks, and regions.

For details, see API Overview.

SDKs

Global Accelerator also provides SDKs for you to easily call Global Accelerator APIs. Currently, there are Java, Python, Go, NodeJs, and PHP SDKs. You can use APIs or any of the SDKs you are familiar with.

For details, see SDK Overview.