• Get application security done the right way! Detect, Protect, Monitor, Accelerate, and more…
  • Learn how you can use Cloudflare load balancer (LB) to distribute traffic between AWS (Amazon Web Services) and GCP (Google Cloud Platform).

    Most of the web application requires or does load balance between servers/services in the same data center.

    However, if you are running mission-critical applications where uptime is needed all the time across the world, then you need a cloud load balancer.

    Not just uptime but could be many other factors.

    Ex:

    • Active-passive or active-active data center requirement
    • Disaster recovery plan
    • Taking advantage of multiple data center to serve requests from the nearest location
    • Compliance

    Cloudflare offers local and global load balancing options, which help to route traffic to multiple data centers.

    Some of the Cloudflare LB features are:

    • Health checks are inbuilt so you can take down a faulty server quickly.
    • Trigger failover when health check fails
    • Reduce latency by routing traffic to the closest server
    • DNS level and support HTTP(S), TCP and UDP
    • Session stickiness to ensure request goes to the same server

    You can configure entire things either through the Cloudflare dashboard or API.

    Technically, the following instructions apply to load balance any cloud platform like Azure, DigitalOcean, Alibaba, etc. But I’ve chosen GCP and AWS for the demonstration.

    AWS & GCP Setup Details

    I’ve provisioned one sever in GCP and AWS platform with the following.

    • Installed Nginx
    • Added index.html with custom text to show page is being served from respective server
    • Started Nginx and page is accessible from both servers

    Let’s move to Cloudflare to implement LB.

    Activating Cloudflare Load Balancer

    I’ve one available domain (bloggerflare.com), which I will use for this lab.

    Note: Load balancer by Cloudflare is not FREE, and pricing starts at $5 per month.

    I assume you already have an account with Cloudflare; if not, you can create and add the domain, as I explained in my previous post.

    • Log in to Cloudflare and select the domain where you want to enable balancing
    • Go to the traffic tab and enable load balancing.

    • Configure the features based on the requirement. I am proceeding with minimal configuration.

    If you want requests to be redirected to the nearest location, then you got to enable Geo Routing.

    • Confirm the subscription and enable it.

    As you can see, you can get it started from $5 a month with two origin servers and a one-minute health check interval.

    Infrastructure is so affordable now. 5 years back, can you imagine cloud load balancer for $5?

    This indicates Cloudflare LB is activated and ready to be configured.

    Creating Cloudflare LB

    It will take a few seconds to confirm the subscription and take you back to the Traffic page.

    • Click Create Load Balancer

    • Enter the domain where you want to setup balancing.
    • Expand Session Affinity and select By Cloudflare Cookie if you need to enable session stickiness

    • Enter a pool name, and it’s the origin (server where traffic should be redirected to)

    • Next, you can configure a health check.

    A health check is essential. It will allow Cloudflare to stop sending traffic to the faulty origin when a health check fails.

    • If your origin is listening on port 80, then you can select HTTP or https for 443 port.

    Cloudflare also lets you configure advanced health check settings such as:

    • GET or HEAD method
    • Expected HTTP status code
    • Content validation in the response body
    • Number of attempts before they consider healthy or unhealthy
    • Header name validation

    And finally, save the configuration and deploy

    • LB will perform a health check, and in a few seconds, you will see the status is healthy.

    Great, this concludes Cloudflare load balancer is ready to accept traffic from the world and forward to the configured origin servers.

    Testing Load Balancer

    Let’s perform a basic test to see if it works.

    • First, try to access the domain.

    Awesome!

    LB forwarded a request to Google Cloud VM and got the response. I can see the request in Nginx.

    162.158.167.174 - - [19/Dec/2017:10:25:41 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
    • Let me shut down Nginx on GCP and access the page again.

    • And here you go. A requested page is served from AWS.

    I can see LB took GCP pool member down.

    By default, Cloudflare IP will be shown in Nginx access logs, and if you need to restore client IP, then you can check out this guide.

    Conclusion

    Implementing a Cloudflare load balancer is straightforward and can get it started in less than 15 minutes. If you are looking for high-availability between multiple data center or origin servers, then give a try to see how it works.