Open in app

Sign in

Write

Sign in

CloudHub Dedicated Load Balancer Simplified

Mazhar Ansari
7 min readAug 4, 2020

In this blog we will try to learn what is Dedicated Load Balancer (DLB), its advantages and how to create DLB.

What is a Load Balancer?

  • A load balancer is a device that acts as a reverse proxy and distributes network or application traffic across a number of servers.
  • Load balancers are generally grouped into two categories: Layer 4 and Layer 7.
  • Layer 4 load balancers act upon data found in network and transport layer protocols (IP, TCP, FTP, UDP).
  • Layer 7 load balancers distribute requests based upon data found in application layer protocols such as HTTP.
  • Load Balancer term mostly used for HTTP Load Balancer.
Generic Load Balancer

Load Balancing Algorithms:

Different load balancing algorithms provide different benefits; the choice of load balancing method depends on your needs:

  • Round Robin — Requests are distributed across the group of servers sequentially.
  • Least Connections — A new request is sent to the server with the fewest current connections to clients. The relative computing capacity of each server is factored into determining which one has the least connections.
  • Least Time — Sends requests to the server selected by a formula that combines the fastest response time and fewest active connections. Exclusive to NGINX Plus.
  • Hash — Distributes requests based on a key you define, such as the client IP address or the request URL. NGINX Plus can optionally apply a consistent hash to minimize redistribution of loads if the set of upstream servers changes.
  • IP Hash — The IP address of the client is used to determine which server receives the request.
  • Random with Two Choices — Picks two servers at random and sends the request to the one that is selected by then applying the Least Connections algorithm (or for NGINX Plus the Least Time algorithm, if so configured).

Benefits of Load Balancer:

  • Reduced Downtime
  • Scalable
  • Redundancy
  • Flexibility
  • Efficiency
  • Global Server Load Balancing

What are CloudHub Load Balancers?

CloudHub provides two types of load balancers:

  • Shared Load Balancer: Provides basic load balancing functionality.
  • Dedicated Load Balancer: Enables you to deploy and configure one or more custom load balancers within an Anypoint Virtual Private Cloud (Anypoint VPC).
Comparison b/w Shared and Dedicated Load Balancer

How CloudHub Route External Requests?

When we deploy the application on CloudHub. We get a generic url to access the endpoints. Generic URL looks as below.

<application-name>.<region>.cloudhub.io

  • <application-name> is the deployed application name which is unique across all the MuleSoft clients
  • <region> is the region name in which an application is deployed

The public CloudHub (shared) load balancer already redirects these requests, where myApp is the name of the Mule application deployment to CloudHub:

HTTP requests to http://myApp.<region>.cloudhub.io redirects to http://mule-worker-myApp.<region>.cloudhub.io:8081

HTTPS traffic to https://myApp.<region>.cloudhub.io redirects to https://mule-worker-myApp.<region>.cloudhub.io:8082

Even we can directly access the deployed application using below url as well. In this case the request is not redirected by shared load balancer.

<protocol>://mule-worker-<application-name>.<region>.cloudhub.io:<port>

  • <protocol>
  • <application-name> is the deployed application name which is unique across all the MuleSoft clients
  • <region> is the region name in which an application is deployed
  • <port>

Dedicated Load Balancer Architecture:

A CloudHub dedicated load balancer enables you to route external HTTP and HTTPS traffic to multiple Mule applications deployed into CloudHub workers inside a Virtual Private Cloud (VPC).

Each CloudHub dedicated load balancer is assigned to an Anypoint VPC, and that Anypoint VPC runs within a particular service region.

The dedicated load balancer routes both external and VPC-internal traffic to CloudHub workers deployed into that Anypoint VPC.

Routing External Requests to the Dedicated Load Balancer:

  • A CloudHub dedicated load balancer provides an alternative domain name to route HTTP requests to Mule applications listening on port 8091 and HTTPS requests to Mule applications listening on port 8092.
  • You can also use mapping rules to rename requests to the CloudHub dedicated load balancer to a different Mule application domain name.
  • The CloudHub dedicated load balancer exposes an external domain name that resolves to two public IP addresses which are accessible from outside your CloudHub Anypoint VPC network.

<lb-name> is the name you gave the load balancer when you created it:

  • <lb-name>.lb.anypointdns.net
  • <lb-name>.lb-prod-eu-rt.anypointdns.net (EU control plane)
CloudHub Dedicated Load Balancer

Create an CloudHub Dedicated Load Balancer:

CloudHub Dedicated Load Balancer can be created in 3 different ways.

  1. Using Anypoint Platform
  2. Using Anypoint CLI
  3. Using Anypoint Platform API

In this blog we will explore the first method.

  • Sign into your Anypoint Platform account as a user with the Organization Administrators role.
  • From Anypoint Platform, click Runtime Manager.
  • Click load balancers, then click Create Load Balancer.
  • Enter a name for your load balancer. This must be unique across all MuleSoft customers.
  • Select a target Anypoint VPC from the drop-down list.
  • Specify the amount of time the DLB waits for a response from the Mule application in the Timeout in Seconds field.
  • The default value is 300 seconds.
  • Add any whitelisted classless inter-domain routing (CIDR) as required.
  • The IP addresses you specify here are the only IP addresses that can access the load balancer. The default value is 0.0.0.0/0.
  • Select the inbound HTTP mode for the load balancer.
  • This property specifies the behavior of the load balancer when receiving an HTTP request. Valid values are:

Off: Causes the load balancer to silently drop the request.

On: Accepts the inbound request on the default SSL endpoint using the HTTP protocol.

Redirect: Redirects the request to the same URL using the HTTPS protocol.

  • Options:

Disable Static IPs specify to use dynamic IPs, which do not persist when the DLB restarts.

Keep URL encoding specifies the DLB passes only the %20 and %23 characters as is.

If you deselect this option, the DLB decodes the encoded part of the request URI before passing it to the CloudHub worker.

Support TLS 1.0 specifies to support TLS 1.0 between the client and the DLB.

Upstream TLS 1.2 specifies to force TLS 1.2 between the DLB and the upstream CloudHub worker.

Create Dedicated Load Balancer
  • Add Certificate
  • Add URL Mapping URL (optional)
  • Click Create Load Balancer.

Dedicated Load Balancer URL Mapping Rules:

  • The CloudHub dedicated load balancer (DLB) routes requests from clients to Mule apps deployed within the VPC.
  • Mapping rules enable you to forward requests to the DLB (input URL) to a different Mule application name and domain.
  • You can either define mapping rules when you create the DLB, or you can define and add them to an existing DLB using Runtime Manager, the command-line interface (CLI), or the CloudHub API.
  • The Default Rules created automatically as shown in the below.
Default URL Mapping Rules

Sample Mapping Rules

Sample Mapping Rules
  • Rule # 1: http://<lb-name>.lb.anypointdns.net/<app-name> request will be redirected to application <app-name> which is running on 8091 port and LB name is <lb-name>.lb.anypointdns.net
  • Rule # 2: http://dev.<lb-name>.lb.anypointdns.net/<app-name> request will be redirected to application dev-<app-name> which is running on 8091 port and LB name is <lb-name>.lb.anypointdns.net
  • Rule # 3: http://<lb-name>.lb.anypointdns.net/sapi/finance/V1/<app-name> request will be redirected to application sapi-finanance-1-<app-name> which is running on 8091 port and LB name is <lb-name>.lb.anypointdns.net

Mapping rules priority is determined in the order they are listed i.e. the first rule have higher priority and the last rule have lowest priority.

Scenarios:

Suppose VPC already have predefined rules as shown below.

Sample VPC Firewall Rules

And users try to access applications with different URL’s the expected behavior will be as shown below.

Application Accessibility

Q: Is Dedicated Load Balancer deployed on existing Application Cores?

A: When client buys Dedicated Load Balancer License it comes with default 2 core. These cores are different from the application cores. Maximum of 8 cores can be used by an Dedicated Load Balancer.

Q: Can we access Dedicated Load Balancer using IP Address instead of <lb-name>.lb.anypointdns.net?

A: Yes. Each Dedicated Load Balancer deployed in 2 VCores and have a Public IP which is associated with <lb-name>.lb.anypointdns.net. Hence It can be accessed using the IP Address as well.

Q: Can we access Dedicated Load Balancer using the CNAME other than <lb-name>.lb.anypointdns.net?

A: Yes. In such cases CNAME entry should be done in the company DNS server for <lb-name>.lb.anypointdns.net or Both the IP Address Associated with it.

For more information on Dedicate load balancer please refer to here.

Mulesoft
Load Balancer
Cloudhub
Anypoint Platform

--

--

Mazhar Ansari

Written by Mazhar Ansari

68 Followers

I am seasoned Integration Architect with around 18+ yrs of exp. I have extensively worked on TIBCO and Mulesoft. Mainly in EAI, ESB, SOA, API and BPM projects.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams