Load Balancers
Creating a Load balancer using GCP in DuploCloud
Last updated
Was this helpful?
Creating a Load balancer using GCP in DuploCloud
Last updated
Was this helpful?
All containers run inside a private network and cannot be accessed from an external network. To make them accessible from an external network, create a Load Balancer.
To create an Ingress Load Balancer, refer to the page in the DuploCloud Kubernetes User Guide.
In the DuploCloud Portal, navigate to Kubernetes -> Services.
On the Services page, select the Service name in the Name column.
Click the Load Balancers tab.
If no Load Balancers exist, click the Configure Load Balancer link. If other Load Balancers exist, click Add in the LB listeners card. The Add Load Balancer Listener pane displays.
From the Select Type list box, select a Load Balancer Listener type based on your Load Balancer.
Complete other Load Balancer fields as required:
Container Port: Enter the port your container is listening on inside the application. Use 80 for HTTP or 443 for HTTPS. If you are using HTTPS, make sure you plan to configure SSL certificates later.
External Port: Enter the port that will be exposed to the internet. For HTTP traffic, use 80, and for secure HTTPS traffic, use 443. If you're using HTTPS, ensure that you configure SSL certificates accordingly.
Visibility: Select Public or Private
Application Mode:
Docker Mode: Choose this if your application is running inside containers (such as Docker or Kubernetes pods). This mode is optimized for containerized services.
Native App Mode: Choose this if your application is running on virtual machines (VMs) or on bare-metal infrastructure, rather than inside containers.
Health Check: This tells Kubernetes where to check the health of your application. Use /
to check the root level of your service. If you have a custom health check endpoint, specify it here (e.g., /health
).
Backend Protocol: HTTP or HTTPS Choose HTTP for unencrypted traffic or HTTPS for encrypted traffic between the Load Balancer and your containerized service. HTTPS is highly recommended. If using HTTPS, SSL certificates are required.
Certificate: Select the SSL Certificate to use. If you're using HTTPS, it's important to configure SSL certificates to ensure secure communication. Follow the instructions to .
Optionally, enable and configure additional Load Balancer settings:
Advanced Kubernetes Settings: Customize advanced Kubernetes configurations.
Set Health Check annotations for Ingress: Add annotations for Ingress.
Additional Health Check configs: specify the URL path that the Load Balancer will use to check if your service is healthy. You can use the root (/
) path for a simple health check, or for more detailed monitoring, configure paths like /health
or /status
Additional GCP Settings: Enable GCP-specific optimizations and settings.
For internal Load Balancers, you cannot use Google Managed Certificates. You can import a certificate from somewhere else or use a self-signed certificate. We recommend using the self-signed certificate option for internal Load Balancers because you control authentication at the IP level.
Here's an example Terraform code snippet to create a self-signed certificate for an internal Load Balancer in DuploCloud:
Restrict open access to your public Load Balancers by enforcing controlled access policies.
From the DuploCloud Portal, navigate to Administrator -> System Settings.
Select the System Config tab, and click Add. The Add Config pane displays.
From the Config Type list box, select Flags.
From the Key list box, select Deny Open Access To Public LB.
In the Value list box, select True.
Click Submit. Open access to public Load Balancers is restricted.