Challenge 2: Setup Your HTTP Load Balancer

Previous Challenge Next Challenge

Introduction

Configure the HTTP Load Balancer to send traffic to the backend instance group you created in Challenge 1.

Description

At a high level, in this challenge you will need to:

  • Create a new load balancer.
  • Configure its backend services.
  • Configure a health check.
  • Configure its frontend services.

Open the VPC Firewall

Before we start, we need to make sure that HTTP traffic can flow within our network and that we can access our backend VMs

To achieve this, we will need to open up the ghack network’s firewall to allow HTTP connections (for the load balancer’s health-check) and SSH connections (for us to ssh into VMs).

You need to create 2 inbound firewall rules:

  1. Open up HTTP for the load balancer’s health-checks
    • Source ranges must be: 130.211.0.0/22 and 35.191.0.0/16
    • Use a target tag of: allow-health-check
  2. Open up SSH for us to log into VMs
    • Source must be all of the internet
    • Use a target tag of: allow-health-check

Start the configuration

  • Create a “classic” HTTPS load balancer to send traffic from the Internet to the VMs in your instance group.

Configure the backend

Backend services direct incoming traffic to one or more attached backends. Each backend is composed of an instance group and additional serving capacity metadata.

Configure the backend making sure to:

  • Use the instance group you created in Challenge 1
  • Make it an HTTP backend

Configure the Health Check making sure to:

  • Use the same port as the backend just created
  • Enable logging

Note Health checks determine which instances receive new connections. Your HTTP health check should poll instances every 5 seconds, waits up to 5 seconds for a response and treats 2 successful or 2 failed attempts as healthy or unhealthy, respectively.

Configure the frontend

The host and path rules determine how your traffic will be directed. For example, you could direct video traffic to one backend and static traffic to another backend. However, you are not configuring the Host and path rules in this gHack.

Configure the frontend as HTTP with an Ephemeral IP.

Test the HTTP Load Balancer

Now that you created the HTTP Load Balancer for your backends, verify that traffic is forwarded to the backend service. You should see a simple webpage saying:

Page served from: { name of your VM }

Note It might take up to 15 minutes to access the HTTP Load Balancer. In the meantime, you might get a 404 or 502 error. Keep trying until you see the page load.

Success Criteria

  • Your VPC firewall allows HTTP and SSH connections
  • You’ve created an HTTP load balancer
  • Traffic is forwarded by the load balancer to the backend created in Challenge 1
  • Health-check shows healthy connection to a backend VM
  • The load balancer has a working IPv4 address

Learning Resources

Previous Challenge Next Challenge