Professional Documents
Culture Documents
Geek Flare
* SSL offloading
(https://www.facebook.com/dialog/send?
app_id=1515102335420273&link=https://geekflare.com/cloud-
load-balancer/&redirect_uri=https://facebook.com)
Traditional LB hardware cost around $5,000 so most of the
Share:
https://geekare.com/cloud-load-balancer/ 1/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
Share:
37 medium, start up or low-budget project doesnt think of
getting one.
But not anymore, you can use cloud load balancer for as low
as $20 per month with all the great features you get in
traditional LB.
1. AWS ELB
Amazon Web Services (AWS) Elastic Load Balancer
(https://aws.amazon.com/elasticloadbalancing/) (ELB) is no
doubt, one of the best load balancing solution available in the
cloud.
https://geekare.com/cloud-load-balancer/ 2/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
(HTTP/HTTPS)
2. Classic load balancer preferred for transport layer (TCP)
Average latency
Requests Summary
New/active connection count
https://geekare.com/cloud-load-balancer/ 3/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
Processed bytes
And much more
https://geekare.com/cloud-load-balancer/ 4/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
online/).
Affinity
One-click Google CDN (https://geekflare.com/google-
cloud-cdn-test/) integration
SSL termination
Health checks
You can create content-based balancing
Global forwarding rules
If you need Websockets support then, you got to use TCP load
balancing as application LB doesnt support it yet.
3. NodeBalancers
Are you hosting your website with Linode
(https://www.linode.com/?
r=6c14fbd23eb5a9b91bc9d30f36e448dbe3dc1093)?
NodeBalancers (https://www.linode.com/nodebalancers) by
Linode provide all the essential features of LB at only $20 per
month. Configuration is quite straightforward and comes with
https://geekare.com/cloud-load-balancer/ 5/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
https://geekare.com/cloud-load-balancer/ 6/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
TCP
SMTP/IMAP
HTTP/HTPS
LDAP/LDPAS
MySQL
FTP/SFTP
UDP
You get logs for all traffic in Apache-style access logs for better
log management (https://geekflare.com/cloud-based-log-
analyzer/).
https://geekare.com/cloud-load-balancer/ 7/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
https://geekare.com/cloud-load-balancer/ 8/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
https://geekare.com/cloud-load-balancer/ 9/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
https://geekare.com/cloud-load-balancer/ 10/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
https://geekare.com/cloud-load-balancer/ 11/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
https://geekare.com/cloud-load-balancer/ 12/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
Comments
(https://www.facebook.com/geekfla
re)
https://geekare.com/cloud-load-balancer/ 13/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
https://geekare.com/cloud-load-balancer/ 14/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
advantages.
Note: if are not willing to invest your time into it then you can
choose Cloudways (https://www.cloudways.com/en/?
id=61196) who manage AWS, Google Cloud, Digital Ocean,
Linode (https://www.linode.com/?
r=6c14fbd23eb5a9b91bc9d30f36e448dbe3dc1093), Vultr &
Kyup VM.
https://geekare.com/cloud-load-balancer/ 15/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
6. Regular Update
7. Dont leave opened ports
They may not be able to get into the server if you have secured
with a complex password. However, they can launch brute
force attacks to disturb the server operation.
vi /etc/ssh/sshd_config
Look for line which has Port 22 (usually at the beginning of the
file)
https://geekare.com/cloud-load-balancer/ 16/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
Port 5000
SSH Guard
SSHGuard (https://www.sshguard.net/) monitors the
running services from the system log files and blocks repeated
https://geekare.com/cloud-load-balancer/ 17/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
running services from the system log files and blocks repeated
bad login attempts.
Ubuntu:
CentOS:
wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home:/h
rpm -ivh sshguard-1.5-7.1.x86_64.rpm
Fail2Ban
Fail2Ban is another popular program to protect SSH. Fail2Ban
automatically update the iptables rule if failed login attempt
reaches the defined threshold.
https://geekare.com/cloud-load-balancer/ 18/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
CSF (https://configserver.com/cp/csf.html)
(ConfigServer Security & Firewall)
DenyHosts (https://en.wikipedia.org/wiki/DenyHosts)
3. Disable Password-based
Authentication
If you log in to your server from one or two computers, then
you can use SSH key
(https://www.digitalocean.com/community/tutorials/how-
to-set-up-ssh-keys--2) based authentication.
Note: this assumes you have already setup SSH key exchange.
PasswordAuthentication no
https://geekare.com/cloud-load-balancer/ 19/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
https://geekare.com/cloud-load-balancer/ 20/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
Cloud Flare
MaxCDN
(http://tracking.maxcdn.com/c/245992/3982/378)
Incapsula
SUCURI
(http://sucuri.7eer.net/c/245992/212721/3713)
KeyCDN
https://geekare.com/cloud-load-balancer/ 21/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
There are many, but one of the most popular one is UFW
(Uncomplicated Firewall) for Ubuntu
(https://www.digitalocean.com/community/tutorials/how-
to-set-up-a-firewall-with-ufw-on-ubuntu-14-04) and
FirewallD for CentOS
(https://www.digitalocean.com/community/tutorials/how-
to-set-up-a-firewall-using-firewalld-on-centos-7).
5. Regular Backup
Backup is your friend! When nothing works then the backup
will rescue you.
Things can go wrong, but what if you dont have the necessary
backup to restore? Most of the cloud or VPS provider offer
backup at a little extra charge and one should always
https://geekare.com/cloud-load-balancer/ 22/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
consider.
Having backup will quickly allow you to restore the entire VM,
so you are back in business. Or with the help of snapshot, you
can clone the VM (https://geekflare.com/clone-google-cloud-
vm/).
6. Regular Update
Keeping your VM OS up-to-date is one of the essential tasks to
ensure your server is not exposed to any latest security
vulnerabilities.
https://geekare.com/cloud-load-balancer/ 23/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
If you are on AWS, then you can create the security group to
allow only the required ports and associate with the VM.
And if you are using VPS then apply basic iptables ruleset as
explained in Linode guide
(https://www.linode.com/docs/security/firewalls/control-
network-traffic-with-iptables#basic-iptables-rulesets-for-ipv4-
and-ipv6).
https://geekare.com/cloud-load-balancer/ 24/25
2017-6-13 7 High Performance Cloud Load Balancer for Application HA
(https://www.facebook.com/geekfla
re)
(https://geekflare.com/cloud-load-balancer/)
https://geekare.com/cloud-load-balancer/ 25/25