Site icon Learning & Doing

HTTP Load Balancer with Cloud Armor

http

“HTTP Load Balancer with Cloud Armor”

Pengantar

Load balancing HTTP(S) Google Cloud diterapkan di edge jaringan Google di titik kehadiran (POP) Google di seluruh dunia. Lalu lintas pengguna yang diarahkan ke load balancer HTTP(S) memasuki POP yang paling dekat dengan pengguna dan kemudian diseimbangkan bebannya melalui jaringan global Google ke backend terdekat yang memiliki kapasitas memadai.

Daftar yang diizinkan/ditolak IP Cloud Armor memungkinkan Anda untuk membatasi atau mengizinkan akses ke load balancer HTTP(S) di tepi Google Cloud, sedekat mungkin dengan pengguna dan lalu lintas berbahaya. Hal ini mencegah pengguna atau lalu lintas jahat menggunakan sumber daya atau memasuki jaringan virtual private cloud (VPC) Anda.

Praktikum

Task 1. Configure HTTP and health check firewall rules

Create the HTTP firewall rule

Create the health check firewall rules

Task 2. Configure instance templates and create instance groups

Configure the instance templates

Now create another instance template for subnet-b by copying

Create the managed instance groups

Now repeat the same procedure for create a second instance group for europe-west1-mig in europe-west1:

Task 3. Configure the HTTP Load Balancer

Configure the HTTP Load Balancer to balance traffic between the two backends (us-east1-mig in us-east1 and europe-west1-mig in europe-west1), as illustrated in the network diagram:

Start the configuration

Configure the backend

Backend services direct incoming traffic to one or more attached backends. Each backend is composed of an instance group and additional serving capacity metadata.

This configuration means that the load balancer attempts to keep each instance of us-east1-mig at or below 50 requests per second (RPS).

This configuration means that the load balancer attempts to keep each instance of europe-west1-mig at or below 80% CPU utilization.

Configure the frontend

Review and create the HTTP Load Balancer

Task 4. Test the HTTP Load Balancer

Access the HTTP Load Balancer

To test IPv4 access to the HTTP Load Balancer, open a new tab in your browser and navigate to http://[LB_IP_v4]. Make sure to replace [LB_IP_v4] with the IPv4 address of the load balancer.

If you have a local IPv6 address, try the IPv6 address of the HTTP Load Balancer by navigating to http://[LB_IP_v6]. Make sure to replace [LB_IP_v6] with the IPv6 address of the load balancer.

Stress test the HTTP Load Balancer

sudo apt-get -y install siege
export LB_IP=[LB_IP_v4]
siege -c 150 -t120s http://$LB_IP

Task 5. Denylist the siege-vm

Create the security policy

Penutup

Sahabat Blog Learning & Doing demikianlah penjelasan mengenai HTTP Load Balancer with Cloud Armor. Semoga Bermanfaat . Sampai ketemu lagi di postingan berikut nya.

Exit mobile version