The page has been translated by Gen AI.

How-to guides

The user can enter required Load Balancer information and select detailed options through the Samsung Cloud Platform Console to create a service.

Load Balancer Create

You can create and use the Load Balancer service from the Samsung Cloud Platform Console.

To create a Load Balancer, follow the steps below.

All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of Load Balancer.
Click the Load Balancer Create button on the Service Home page. You will be taken to the Load Balancer Create page.
Load Balancer creation on the page, enter the information required to create the service and select detailed options.
- Service Information Input Enter or select the required information in the area.

Category	Required	Detailed description
Load Balancer name	Required	Load Balancer resource name Enter 3 to 63 characters using English letters (uppercase and lowercase), numbers, and special characters (`-_`)
Service Category	Required	Load Balancer Service Type Select L4 or L7
VPC	Required	VPC where the Load Balancer will be created Select from VPC list
Service Subnet	Required	VPC Subnet where the Load Balancer will be created Select from the list of Subnets created in the selected VPC
Service IP	Select	Load Balancer service IP Enter one IP from the Service Subnet range in IP address format If not entered, automatically assign from the IP allocation range of the selected Subnet
Source NAT IP	Select	IP to be used for member communication in the Load Balancer Enter one IP from the Service Subnet range in IP address format If not entered, automatically assign from the IP allocation range of the selected Subnet If a Load Balancer already exists in the selected Subnet, display the previously assigned IP information IP cannot be modified after Load Balancer creation
Health Check IP	Select	IP to use for health check in Load Balancer Enter two IPs from the Service Subnet range in IP address format each If not entered, automatically assign from the IP allocation range of the selected Subnet (if only one IP is entered, the remaining IP is automatically assigned) If a Load Balancer already exists in the selected Subnet, display the previously assigned IP information IP cannot be modified after Load Balancer creation
Use Firewall	Select	Whether to use Firewall Select whether to enable Firewall for Load Balancer access control Use when checked creates Firewall resource in active state If not checked creates Firewall resource in inactive state If there is already a Firewall in use on the selected Subnet, display Firewall resource information
Firewall log storage	Select	Select whether to save Firewall logs Use When checked, save Firewall logs to the bucket set in the log storage For more details, see Using Firewall log storage

Table. Load Balancer Service Information Input Items

Additional Information Input Enter or select the required information in the area.
Category
Required
Detailed description
Description Select Enter resource description
Tag Select Add Tag
Up to 50 tags can be added per resource
Table. Load Balancer Additional Information Input Items

Check the created service information and the estimated billing amount, and click the Complete button.

When creation is complete, check the created resources on the Load Balancer List page.

Guide

Load Balancer service does not provide access control functionality for Service IP and service ports.

Load Balancer when creating use Firewall to manage communication between client and Load Balancer, and between Load Balancer and members with Firewall rules, and use Firewall log storage to store access logs is recommended.

Caution

If you use the firewall, you must add rules required for Load Balancer communication. Register the rules, paying attention to the direction for each purpose.

If you do not add the rule, the Load Balancer service will not operate correctly.

Purpose	Source IP	Destination IP	Protocol	Destination Port/Type	Direction
Client → LB connection	Client IP	LB Service IP	Listener protocol	Listener service port	Outbound
LB → Member Connection	LB Source NAT IP	LB Server Group Member IP	LB Server Group Protocol	Member Port	Inbound
LB → Member Health Check	LB Health Check IP	LB Server Group Member IP	Health Check Protocol	Health Check Port If the health check port and member port are different, register the member port	Inbound

Figures and Tables. Add Load Balancer Firewall Rule

Load Balancer Check Detailed Information

The Load Balancer service can view and edit the resource list and detailed information in the Load Balancer menu. Load Balancer Details page consists of Details, Connected Resources, Tags, Activity Log tabs.

To view detailed information of the Load Balancer service, follow the steps below.

All Services > Networking > Load Balancer Click the menu. Go to the Service Home page of the Load Balancer.
Click the Load Balancer menu on the Service Home page. Navigate to the Load Balancer List page.

Click the resource to view detailed information on the Load Balancer List page. You will be taken to the Load Balancer Details page.

Load Balancer Detail page displays status information and additional feature information, and consists of Detail Information, Connected Resources, Tags, Operation History tabs.

Category	Detailed description
Status	Load Balancer resource status Active: The service is properly activated Deleting: Processing service termination request Creating: Processing service creation request Error: Cannot determine current status due to internal error Editing: Processing service modification request
Service termination	Load Balancer resource deletion

Detailed Information

Detailed Information tab allows you to view detailed information of the selected resource from the Load Balancer list, and modify necessary information.

Category	Detailed description
Service	Service Name
Resource Type	Resource Type
SRN	Resource unique ID in Samsung Cloud Platform
Resource Name	Resource Name
Resource ID	Unique resource ID in the service
Creation Date/Time	Service Creation Date/Time
Modification Date/Time	Service Modification Date/Time
Creator	Service creation request user
Editor	Service modification request user
Load Balancer name	Load Balancer name
Service IP	Load Balancer’s Service IP (used for communication between client and Load Balancer) Uses one IP from the Service Subnet
Service Category	Load Balancer Service Type
Source NAT IP	Load Balancer’s Source NAT IP (used for communication between Load Balancer and server) Use one IP from Service Subnet
VPC	VPC resource name where Load Balancer is created
Service Subnet	Subnet resource name where Load Balancer is created
Public NAT IP	Load Balancer’s Public NAT IP (used when configuring internet service) Click the Edit icon to modify the settings
Health Check IP	Load Balancer Health Check IP (used when checking health of LB server group members) Use 2 IPs from Service Subnet
Description	Additional information or description about the Load Balancer
Firewall name	Firewall resource name connected to Load Balancer

Table. Load Balancer detailed information items

Connected Resources

In the Connected Resources tab, you can view the list of Listeners attached to the Load Balancer, and create or delete Listeners.

connected resource tab, when you select the Listener item, you go to the Listener details page where you can view detailed information and edit or delete it.
Listener Details page items, clicking the Edit icon allows you to edit the information.

Category	Detailed description
Listener creation	Listener creation button
Listener name	Listener resource name
Routing Rules	Routing rules connected to Listener Routing Action: Traffic routing method Setting Value: Setting value for routing action
Protocol	Protocol that the Listener receives
Port	Port that the Listener receives
Creation Time	Listener Creation Time
Delete	Listener Delete Button

Table. Load Balancer Connected Resource List Items

Category	Detailed description
Tag List	Tag List You can view the Key, Value information of tags Up to 50 tags can be added per resource When entering tags, search and select from the previously created Key and Value list

Work History

Work History tab allows you to view the work history of the selected resource.

Category	Detailed description
Work Details	Work Execution Content
Work date/time	Work execution date/time
Resource Type	Resource Type
Resource Name	Load Balancer Name
Work Result	Task execution result (success/failure)
Operator Information	Information of the user who performed the task

Table. Load Balancer operation history list items

Load Balancer Resource Management

You can manage resources such as creating and deleting Load Balancer listeners.

Creating a Listener

Create a Listener on the Load Balancer to receive client requests and handle traffic according to the Listener settings.

Notice

The protocol that receives client requests varies depending on the Load Balancer service type.

L4 Load Balancer case: TLS, TCP, UDP protocol
L7 Load Balancer in case: HTTP, HTTPS protocol

Creating a Listener in L4 Load Balancer

To create a Listener in L4 Load Balancer, follow the steps below.

All Services > Networking > Load Balancer Click the menu. Navigate to the Load Balancer’s Service Home page.
Click the Load Balancer menu on the Service Home page. Go to the Load Balancer List page.
Load Balancer List page, click the Load Balancer resource to create a Listener. Go to the Load Balancer Details page.
Click the Connected Resources tab on the Load Balancer Details page. It navigates to the Connected Resources tab page.
Connected Resources tab page, click the Create Listener button in the upper right.
Service Information Input Enter or select the required information in the area.
- Protocol determines which information can be entered.

Category	Required	Detailed description
Load Balancer	Required	Name of the Load Balancer resource where the Listener will be created
Listener name	Required	Listener resource name
Protocol	Required	Select Listener receiving protocol TCP, UDP, or TLS
Service Port	Required	Enter Listener receiving port Enter a value between 1 and 65,534
Routing Rule	Required	Routing Rule Settings Routing Action: L4 Load Balancer is fixed to LB Server Group Forward LB Server Group: Select an LB Server Group to handle client requests Can select from LB Server Groups created in the same Service Subnet as the Load Balancer LB Server Groups in use by other Load Balancers cannot be selected For more details, refer to Create LB Server Group
Session Keep Time	Required	Set client session keep time Default 120 seconds When using TCP, TLS protocols, input can be in 60‑second increments between 60 and 3,600 seconds When using UDP protocol, input can be in 60‑second increments between 60 and 180 seconds
Insert Client IP	Select	Set whether to insert client IP information (set when using TCP protocol) Insert the client IP address into the TCP proxy protocol header and forward it to the server (supports Proxy Protocol v1)
SSL Certificate	Select	Select encrypted certificate and security level (set when using TLS protocol) Select certificate to use for client and SSL/TLS Handshake Default Certificate (required): Select certificate to use for client connection SSL Security Level (required): Select security level when encrypting client connection (SSL Security Level Support Items see) High: Supports Cipher Suite of TLS 1.3 version Normal: Supports Cipher Suite including TLS 1.2 version Low (not recommended): Supports Cipher Suite including TLS 1.1 version
Server SSL security level	Required	Select security level when configuring End-to-End SSL (set when using TLS protocol) Select Do not use if you do not encrypt the server connection
Persistence	Required	Select session persistence (Sticky Session) method (set when using TCP, TLS protocols) Source IP: Fix the connection server based on the client IP address

Table. Enter Listener Service Information - When Using L4 Load Balancer

Enter Additional Information In the area, enter or select the required information.

Category	Required or not	Detailed description
Description	Select	Enter Resource Description
Tag	Select	Add Tag Up to 50 tags can be added per resource

Table. Listener additional information input items

Check the created service information and click the Complete button.
- When creation is complete, check the created resources in the Load Balancer Details page’s Connected Resources tab.

Creating a Listener in L7 Load Balancer

To create a Listener in L7 Load Balancer, follow the steps below.

Click the All Services > Networking > Load Balancer menu. Go to the Load Balancer’s Service Home page.
On the Service Home page, click the Load Balancer menu. You will be taken to the Load Balancer List page.
Load Balancer List on the page, click the Load Balancer resource to create a Listener. Navigate to the Load Balancer Details page.
Click the Connected Resources tab on the Load Balancer Details page. You will be taken to the Connected Resources tab page.
Connected Resources tab page, click the Create Listener button at the top right.
Service Information Input area, enter or select the required information.
- The information that can be entered varies according to the Protocol.

Category	Required	Detailed description
Load Balancer	Required	Name of the Load Balancer resource where the Listener is created
Listener name	Required	Listener resource name
Protocol	Required	Select Listener receiving protocol Choose between HTTP, HTTPS
Service Port	Required	Enter Listener receiving port Enter a value between 1 and 65,534
Routing Rule	Required	Configure Routing Rule Routing Action: Select routing processing method LB Server Group Forwarding: Forward traffic to LB server group URL Redirection: Redirection response from Load Balancer Routing Condition: When Routing Action is LB Server Group Forwarding, set LB server group per routing condition URL Path: Set LB server group per URL path Host Header: Set LB server group based on Host value Redirection Target: When Routing Action is URL Redirection, configure redirection response Modified URL Path: Enter URL path to redirect Modified Host: Enter Host value to redirect Protocol/Port: Set protocol and port for redirection (HTTP protocol when used) For detailed explanation of adding routing rules, refer to Edit Routing Rule
Persistence	Select	Select session persistence (Sticky Session) method (set when routing action is LB server group forwarding) Source IP: Fix the connection server based on the client IP address Cookie: Fix the connection server based on the cookie initially inserted by the Load Balancer
Session Keep Time	Optional	Set HTTP connection keep-alive time When enabled, input can be between 1 and 120 seconds Since switching from enabled to disabled cannot be edited, it is recommended to use it selectively for required services
Response Timeout	Select	Set HTTP response timeout When enabled, input possible between 1 ~ 120 seconds Use → Not use; cannot modify, recommend using it restrictively for required services
X-Forwarded-For	Option	Set whether to insert client IP information When enabled, add the client IP address to the X-Forwarded-For header
X-Forwarded-Proto	Select	Set whether to insert client request protocol information When enabled, add client request protocol to X-Forwarded-Proto header
X-Forwarded-Port	Optional	Set whether to insert client request port information When enabled, add the client request port to the X-Forwarded-Port header
HTTP 2.0	Select	Set whether to use HTTP/2 when connecting client and server
SSL Certificate	Select	Select encryption certificate and security level (set when using HTTPS protocol) Select certificate to use for client and SSL/TLS Handshake Default Certificate (required): Select certificate to use for client connection SSL Security Level (required): Select security level when encrypting client connection (SSL Security Level Support Items see) High: Supports Cipher Suites of TLS 1.3 version Medium: Supports Cipher Suites including TLS 1.2 version Low (not recommended): Supports Cipher Suites including TLS 1.1 version If it is a multi-domain service, add certificate registration to SNI Certificate after creating Listener
Server SSL security level	Required	Select security level when configuring End-to-End SSL (HTTPSS protocol setting) Select Do not use if you do not encrypt the server connection

Table. Listener Service Information Input - When Using L7 Load Balancer

Additional Information Input Please input or select the required information in the area.

Category	Required	Detailed description
Description	Select	Enter resource description
Tag	Select	Add Tag Up to 50 tags can be added per resource

Table. Listener additional information input items

Check the created service information and click the Complete button.
- When creation is complete, check the created resource in the Connected Resources tab of the Load Balancer Details page.

SSL Security Level Support Items

The list of TLS versions and Cipher Suites supported by the Listener for each SSL security level is as follows.

Security Level	TLS Version	Cipher Suite (Encryption Algorithm)
High	TLS 1.3	TLS13_AES_128_GCM_SHA256 TLS13_AES_256_GCM_SHA384 TLS13_CHACHA20_POLY1305_SHA256
Normal/Low	Normal: TLS 1.3, 1.2 Low: TLS 1.3, 1.2, 1.1	TLS13_AES_128_GCM_SHA256 TLS13_AES_256_GCM_SHA384 TLS13_CHACHA20_POLY1305_SHA256 RC4-MD5 RC4-SHA DES-CBC3-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-CHACHA20-PLY1305 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-CHACHA20-POLY135 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305

Table. SSL security level support items

Listener Check Detailed Information

Load Balancer Details page’s Connected Resources tab by selecting a Listener you can view and edit the detailed information.

To view the detailed information of the Listener, follow the steps below.

All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of Load Balancer.
On the Service Home page, click the Load Balancer menu. You will be taken to the Load Balancer List page.
Load Balancer List Click the resource to view detailed information on the page. Go to the Load Balancer Details page.
Click the Connected Resources tab on the Load Balancer Details page.
Click the Listener to view detailed information from the list of connected resources. It moves to the Listener Details page.
- Listener Details page displays status information and additional feature information, and consists of Details, Tags, Activity History tabs.

Category	Detailed description
Status	Listener Status Active: Service is normally activated Deleting: Service termination request is being processed Creating: Service creation request is being processed Error: Unable to determine current status due to internal error Editing: Service modification request is being processed
Listener delete	Listener delete

Detailed Information

Detailed Information tab allows you to view the listener’s detailed information and edit necessary information. Detailed information varies depending on the Load Balancer in use.

L4 Load Balancer Detailed Information

Category	Detailed description
Service	Service Name
Resource Type	Resource Type
SRN	Resource unique ID in Samsung Cloud Platform
Resource Name	Resource Name
Resource ID	Unique resource ID in the service
Creator	Listener creation request user
Creation Time	Listener Creation Time
Editor	Listener modification request user
Edit Timestamp	Listener Edit Timestamp
Listener name	Listener name
Protocol	Listener usage protocol
Port	Listener used port
Session retention time	Client session retention time Edit icon can be clicked to edit
Insert Client IP	Client IP information insertion status Edit icon can be clicked to edit
Persistence	Whether to use session fixation (Sticky Session) Click the Edit icon to modify
Routing Rules	Routing Action and LB Server Group Information Click the Edit icon to modify the LB Server Group
SSL Certificate	Basic certificate and SSL security level information Edit icon can be clicked to edit If a registered SNI certificate exists, the basic certificate cannot be edited (need to delete the SNI certificate before editing)
SNI certificate	SNI certificate information Edit icon click to add/register the SNI information and certificate to reference
Server SSL security level	Server connection encryption status Click the Edit icon to edit
Description	Additional information about Listener

Table. Listener detailed information tab - When using L4 Load Balancer

L7 Load Balancer Detailed Information

Category	Detailed description
Service	Service Name
Resource Type	Resource Type
SRN	Resource unique ID in Samsung Cloud Platform
Resource Name	Resource Name
Resource ID	Unique resource ID in the service
Creator	Listener creation request user
Creation Time	Listener Creation Time
Editor	Listener modification request user
Edit Timestamp	Listener Edit Timestamp
Listener name	Listener name
Protocol	Listener usage protocol
Port	Listener used port
Session retention time	HTTP connection keep-alive time Edit icon to click to change from unused → used and modify input value possible
Response time out	HTTP response timeout Edit icon click to change from unused → used and modify input values
X-Forwarded-For	Insert client IP information Edit icon can be clicked to edit
X-Forwarded-Proto	Insert client request protocol information Edit icon can be clicked to edit
X-Forwarded-Port	Whether to insert client request port information Click the Edit icon to edit
HTTP 2.0	Whether to use HTTP/2 when connecting client and server Click the Edit icon to modify
Persistence	Whether to use session fixation (Sticky Session) Click the Edit icon to modify
Routing Rules	Routing action and routing condition/redirect target information Click the Edit icon to modify routing condition or redirect target
SSL Certificate	Basic certificate and SSL security level information Edit Click the icon to edit If a registered SNI certificate exists, the basic certificate cannot be edited (need to delete the SNI certificate before editing)
SNI certificate	SNI certificate information Edit icon click to add/register the SNI information and certificate to reference
Server SSL security level	Whether server connection is encrypted Click the Edit icon to modify
Description	Additional information about Listener

Table. Listener detailed information tab - when using L7 Load Balancer

Category	Detailed description
Tag List	Tag List You can view the Key, Value information of tags Up to 50 tags can be added per resource When entering tags, search and select from the previously created Key and Value list

Work History

You can view the Listener’s operation history.

Category	Detailed description
Work Details	Work Execution Content
Work Date	Task Execution Date
Resource Type	Resource Type
Resource Name	Listener Name
Task Result	Task Execution Result (Success/Failure)
Worker Information	Information of the user who performed the task

Table. Listener Task History Tab Items

Edit routing rules

On the Connected Resources tab of the Load Balancer Details page, you can modify the Listener’s routing rules.

To modify the Listener’s routing rules, follow the steps below.

All Services > Networking > Load Balancer Click the menu. Navigate to Load Balancer’s Service Home page.
Click the Load Balancer menu on the Service Home page. Navigate to the Load Balancer List page.
Load Balancer List page, click the resource to view detailed information. It navigates to the Load Balancer Details page.
Click the Connected Resources tab on the Load Balancer Details page.
Click the Listener to add a lighting condition from the list of connected resources. Listener Details page.
Click the Edit icon of the Routing Rule item on the Listener Details page. The Edit Routing Rule popup opens.

After modifying the routing rules according to the routing action, click the Confirm button.

Category	Required or not	Detailed description
Routing Action	-	Current routing method (cannot be modified)
Routing Condition	Required	Routing condition can be modified when routing action is LB server group delivery URL Path: modify request URL path and LB server group (up to 20 additions possible) Host Header: modify request host and LB server group (up to 20 additions possible)
Redirect target	Required	If the routing action is URL redirect, the redirect target can be edited Path: Can modify the changed URL path Host: Can modify the changed host Protocol/Port: Cannot modify (only HTTP → HTTPS redirect is possible)

Listener Delete

To delete an unused Listener, follow the steps below.

All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of the Load Balancer.
Click the Load Balancer menu on the Service Home page. Move to the Load Balancer List page.
Click the Load Balancer resource to delete the Listener on the Load Balancer List page. It navigates to the Load Balancer Detail page.
Load Balancer Details 페이지에서 Connected Resources 탭을 클릭하세요. Connected Resources 탭 페이지로 이동합니다.
On the Connected Resources tab page, click the Listener you want to delete. It navigates to the Listener Details page.
Click the Delete Listener button on the Listener Details page.

Load Balancer Cancel

You can cancel unused Load Balancers to reduce costs. However, since it may affect the application service, request cancellation after sufficient prior review.

Caution

In the following cases, the Load Balancer cannot be terminated.

If there is a Listener attached to the Load Balancer: Load Balancer Details page’s Connected Resources tab, delete the attached Listener.
If using a Public NAT IP on the Load Balancer: Load Balancer Details page’s Details tab, deselect the Public NAT IP in use.
If there are rules registered in the Firewall: Load Balancer Details page’s Details tab, delete the rules of the Firewall in use.
If connected to a PrivateLink Service: Check the connected Load Balancer on the PrivateLink Service Details page.

To cancel the Load Balancer, follow the steps below.

All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of the Load Balancer.
Click the Load Balancer menu on the Service Home page. You will be taken to the Load Balancer List page.
On the Load Balancer List page, click the resource to be terminated. It navigates to the Load Balancer Details page.
Click the Cancel Service button on the Load Balancer Details page.
Once termination is complete, check the resource termination status in the Load Balancer list.

Overview

LB Server Group