Document toolboxDocument toolbox

Configuring External Load Balancer for GCP

Applies to: Kyvos Enterprise  Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace

Kyvos Azure Marketplace   Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)


Note

While configuring an external load balancer for GCP, ensure that the frontend and backend certificates are in the same format.

Creating and configuring a load balancer

Creating instance group

  1. Create an instance group.
    To do this, search Instance Group in the Search box and click the Create Instance Group option.

  2. Click the New unmanaged instance group.


  3. On the page, provide the following details:

    1. Type a Name to your instance group. For example, kyvos-instancegroup.

    2. From the Network and Instances list, select the Networks shared with me option.

    3. From the shared subnetwork list, select the required option.

    4. From the VM Instances list, select the VMs on which you want to use this backend service.
      You must select the VMs used for the Kyvos Webserver node.

    5. In the Port Mapping area, enter Port name 1 as HTTPS and Port number 1 as 8443.

  4. Click Create.

Creating a load balancer

  1. Select the preferred project.

  2. On the navigation pane, in the Networking section, select Network services.

  3. In the Network Services list, select the Load balancing option.


  4. On the Load balancing page, click Create Load Balancer.  

  5. In the Create a load balancer section, click the HTTP(S) Load Balancing option. 

  6. Click the Start Configuration link provided at the bottom of the page.

  7. In the Internet facing or internal only section, select the From internet to my VMs or serverless services option.

  8. In the Global or Regional section, select the Global HTTP(S) Load Balancer (classic) option.

  9. Click Continue.


Configuring frontend services

  1. Click Frontend Configuration.

  2. On the page, enter details as:

    1. Provide a name to the frontend configuration, such as frontendwebserverhttps.

    2. In the Protocol list, select the HTTPS option.

    3. From the Certificate list, select the appropriate option.

    4. Click Done.


Configuring backend services

  1. Switch to the Backend tab. The Backend configuration section is displayed. 

  2. Click Create a Backend Service.

  3. Provide a Name to create a backend service—for example, backendservicehttps.

  4. In the Protocol list, select the HTTPS option.

  5. In the Named port box, type https.

  6. In the Timeout box, the default time is displayed. You can modify the time as needed.  

  7. In the New backend section, select the instance group you created in the previous step.

  8. In the Health check section, click the Create a Health Check option.


  9. In the Health Check section, provide a Name, such as kyvoshealthcheck.


  10. Enter details as:

    1. In the Protocol list,  select HTTPS.

    2. In the Port list, select port 8443. 

    3. In the Request path list, enter /kyvos/

    4. Click the Save button.

  11. Scroll down and expand the Advanced Configurations section. 

  12. In the Bypass cache on the request header section, select the Client IP option from the Session Affinity list and click Create

  13. Provide a Name, such as httpskyvoswebserver.

  14. Click Create.

    The load balancer is created with requisite configurations.

Copyright Kyvos, Inc. All rights reserved.