Backend Set Management

Learn how to use backend sets to create logical entities consisting of a load balancing policy, health check policy, and a list of backend servers for a Load Balancer resource.

A backend set is a logical entity defined by a load balancing policy, a health check policy, and a list of backend servers. To create a backend set, you must specify a load balancing policy and health check script, and then add a list of backend servers (compute instances). SSL and session persistence configuration is optional. A backend set must be associated with one or more listeners for the load balancer to work.

Changing the load balancing policy of a backend set temporarily interrupts traffic and can drop active connections.

Click Backend Sets under Resources in the Load Balancer Details page to display the Backend Sets page. This page contains a button for creating new backend sets.

Note

You can set up backend servers as compute instance pools. See Creating Instance Pools for more information.

Creating Backend Sets

Create a backend set for a Load Balancer resource.

Use one of the following methods to create a backend set for a selected load balancer.

To create a backend set using the Console

Use the OCI Console to create a backend set for a Load Balancer resource.

  1. Open the navigation menu, click Networking, and then click Load Balancers.

  2. Select the Compartment from the list.

    All load balancers and network load balancers in that compartment are listed in tabular form.

  3. (optional) Select a State from the list to limit the load balancers displayed to that state.

  4. (optional) Uncheck Load Balancer under Type to only display network load balancers.

  5. Click the load balancer whose backend set you want to edit.

    The Load Balancer Details dialog box appears.

  6. Click Backend Sets under the Resources menu, then click Create Backend Set.

    The Create Backend Set dialog box appears.

  7. Enter the following:

    • Name: Required. Specify a friendly name for the backend set. It must be unique within the load balancer, and it cannot be changed.

      Valid backend set names include only alphanumeric characters, dashes, and underscores. Backend set names cannot contain spaces. Avoid entering confidential information.

    • Traffic Distribution Policy: Required. Choose the load balancer policy for the backend set. The available options are:

      • IP Hash

      • Least Connections

      • Weighted Round Robin

      For more information on these policies, see Load Balancing Policies.

      Tip

      You cannot add a backend server marked as Backup to a backend set that uses the IP Hash policy.

    • Use SSL: Optional. Check this box to associate an SSL certificate bundle with the backend set.

      If no certificate bundles attached to the load balancer exist, this option is disabled.

      Note

      If you check Use SSL, the SSL Policies fields appear at the bottom of the page.

      • Certificate Name: Required. Select the certificate bundle to use. You can choose any certificate bundle that is attached to the current load balancer. See SSL Certificate Management for more information.

      • Verify Peer Certificate: Optional. Select this option to enable peer certificate verification.

      • Verify Depth: Optional. Specify the maximum depth for certificate chain verification.

    • Session Persistence: Optional. Specify how the load balancer manages session persistence.

      Important

      See Session Persistence for important information on configuring these settings.

      • Disable Session Persistence: Choose this option to disable cookie-based session persistence.

      • Enable Application Cookie Persistence: Choose this option to enable persistent sessions from a single logical client when the response from a backend application server includes a Set-cookie header with the cookie name you specify.

        • Cookie Name: The cookie name used to enable session persistence. Specify * to match any cookie name. Avoid entering confidential information.

        • Disable Fallback: Check this box to disable fallback when the original server is unavailable.

      • Enable Load Balancer Cookie Persistence: Choose this option to enable persistent sessions based on a cookie inserted by the load balancer.

        • Cookie Name: Specify the name of the cookie used to enable session persistence. If blank, the default cookie name is X-Oracle-BMC-LBS-Route.

          Ensure that any cookie names used at the backend application servers are different from the cookie name used at the load balancer. Avoid entering confidential information.

        • Disable Fallback: Check this box to disable fallback when the original server is unavailable.

        • Domain Name: Optional. Specify the domain in which the cookie is valid.

          This attribute has no default value. If you do not specify a value, the load balancer does not insert the domain attribute into the Set-cookie header.

        • Path: Optional. Specify the path in which the cookie is valid. The default value is /.

        • Expiration Period in Seconds: Optional. Specify the amount of time the cookie remains valid. If blank, the cookie expires at the end of the client session.

        • Attributes

          • Secure: Specify whether the Set-cookie header contains the Secure attribute. If selected, the client sends the cookie only using a secure protocol.

            If you enable this setting, you cannot associate the corresponding backend set with an HTTP listener.

          • HTTP Only: Specify whether the Set-cookie header contains the HttpOnly attribute. If selected, the cookie is limited to HTTP requests. The client omits the cookie when providing access to cookies through non-HTTP APIs such as JavaScript channels.

    • Health Check: Required. Specify the test parameters to confirm the health of backend servers.

      • Protocol: Required. Specify the protocol to use, either HTTP or TCP.

        Important

        Configure your health check protocol to match your application or service. See Health Check Management for more information.

      • Port: Optional. Specify the backend server port against which to run the health check.

        Tip

        You can enter the value '0' to have the health check use the backend server's traffic port.

      • URL Path (URI): (HTTP only) Required. Specify a URL endpoint against which to run the health check.

      • Interval in ms: Optional. Specify how frequently to run the health check, in milliseconds. The default is 10000 (10 seconds).

      • Timeout in ms: Optional. Specify the maximum time in milliseconds to wait for a reply to a health check. A health check is successful only if a reply returns within this timeout period. The default is 3000 (3 seconds).

      • Number of retries: Optional. Specify the number of retries to attempt before a backend server is considered "unhealthy." This number also applies when recovering a server to the "healthy" state. The default is '3.'

      • Status Code: (HTTP only) Optional. Specify the status code a healthy backend server must return.

      • Response Body Regex: (HTTP only) Optional. Provide a regular expression for parsing the response body from the backend server.

    • SSL Policy: Optional. Specify the type of cipher suite to use:

      Note

      Check Use SSL for the SSL Policy features to be displayed.

      • TLS Version: Optional. Specify the Transport Layer Security (TLS) version(s):

        • 1.0

        • 1.1

        • 1.2 (recommended)

        You can select any combination of versions. Choose the ones you want from the list. If you do not specify the TLS versions, the default TLS is version 1.2 only.

        • Select Cipher Suite - Select a set of cipher suites from the list. (default).

          All choices present in the list have at least one cipher associated with each TLS version you selected.

      • Click Show Cipher Suite Details to display the individual ciphers the selected cipher suite contains.

  8. Click Create.

After your backend set is provisioned, you must specify backend servers for the set. See Backend Server Management for more information.

To create a backend set using the CLI

Use the command line interface (CLI) to create a backend set for a Load Balancer resource.

Enter the following command:

oci lb backend-set create --name name --load-balancer-id load_balancer_id --health-checker-protocol [HTTP|TCP] [OPTIONS]

See the CLI online help for a list of options:

oci lb backend-set create --help

See oci lb backend-set create for a complete description of the command.

To create a backend set using the API

Listing Backend Sets

List the backend sets for a Load Balancer resource.

Use one of the following methods to display a list of backend sets for a selected load balancer.

To list the backend sets using the Console

Use the OCI Console to list the backend sets for a Load Balancer resource.

  1. Open the navigation menu, click Networking, and then click Load Balancers.

  2. Select the Compartment from the list.

    All load balancers and network load balancers in that compartment are listed in tabular form.

  3. (optional) Select a State from the list to limit the load balancers displayed to that state.

  4. (optional) Uncheck Network Load Balancer under Type to only display load balancers.

  5. Click Backend Sets under Resources.

    The Backend Sets list appears. All backend sets are listed in tabular form.

To list the backend sets using the CLI

Use the command line interface (CLI) to list the backend sets for a Load Balancer resource.

Enter the following command:

oci lb backend-set list --load-balancer-id load_balancer_id [OPTIONS]

See the CLI online help for a list of options:

oci lb backend-sets list --help

See oci lb backend-set list for a complete description of the command.

To list the backend sets using the API

Use the API to list the backend sets for a Load Balancer resource.

Run the ListBackendSets method to display a list of backend sets for a load balancer. See ListBackendSets for a complete description.

Getting Backend Set Details

Get the details of a backend set for a Load Balancer resource.

Use one of the following methods to display the details of a backend set for a selected load balancer.

To get the details of a backend set using the Console

Use the OCI Console to get the details of a backend set for a Load Balancer resource.

  1. Open the navigation menu, click Networking, and then click Load Balancers.

  2. Select the Compartment from the list.

    All load balancers and network load balancers in that compartment are listed in tabular form.

  3. (optional) Select a State from the list to limit the load balancers displayed to that state.

  4. (optional) Uncheck Network Load Balancer under Type to only display load balancers.

  5. Click the load balancer for whose backend set you want to get details.

    The Load Balancer Details page appears.

  6. Click Backend Sets under Resources.

    The Backend Sets list appears. All backend sets are listed in tabular form.

  7. Click the backend set whose details you want to get.

    The Backend Set Details dialog box appears.

    The Details page contains information about the backend set, both general information and links to its resources. Some items in the page are read-only, while other items allow you to edit and update the backend set's configuration. See Editing Backend Sets.

To get the details of a backend set using the CLI

Use the command line interface (CLI) to get the details of a backend set for a Load Balancer resource.

Enter the following command:

oci lb backend-set get --backend-set-name backend_set_name --load-balancer-id load_balancer_id [OPTIONS]

See the CLI online help for a list of options:

oci lb backend-set get --help

See oci lb backend-set get for a complete description of the command.

To get the details of a backend set using the API

Use the API to get the details of a backend set for a Load Balancer resource.

Run the GetBackendSet method to display a list of backend sets for a load balancer. See GetBackendSet for a complete description.

Editing Backend Sets

Update a backend set for a Load Balancer resource.

When you edit a backed set, you can choose a new load balancing policy and modify the SSL configuration.

To modify the backend set's health check policy, see Health Check Management for more information.

To add or remove backend servers from the backend set, see Backend Server Management for more information.

Note

Changing the load balancing policy of a backend set temporarily interrupts traffic and can drop active connections.

Use one of the following methods to edit and update the settings of a backend set for a selected load balancer.

To edit a backend set using the Console

Use the OCI Console to update a backend set for a Load Balancer resource.

  1. Open the navigation menu, click Networking, and then click Load Balancers.

  2. Select the Compartment from the list.

    All load balancers and network load balancers in that compartment are listed in tabular form.

  3. (optional) Select a State from the list to limit the load balancers displayed to that state.

  4. (optional) Uncheck Network Load Balancer under Type to only display load balancers.

  5. Click the load balancer whose backend set you want to edit.

    The Load Balancer Details page appears.

  6. Click Backend Sets under Resources.

    The Backend Sets list appears. All backend sets are listed in tabular form.

  7. Click the backend set you want to edit.

    The Backend Set Details dialog box appears.

  8. Click Edit Backend Set.

    Alternatively, click the Actions icon (Actions icon) associated with the backend set you want to edit and click Edit.

    The Edit Backend Set dialog box appears.

  9. Edit any of the following:

    • Traffic Distribution Policy

    • Session Persistence

    See Creating Backend Sets for more information.

  10. Click Update Backend Set.

To edit a backend set using the CLI

Use the command line interface (CLI) to update a backend set for a Load Balancer resource.

Enter the following command:

oci lb backend-set update --backend-set-name backend_set_name --backends backends --load-balancer-id load-balancer_id --health-checker-protocol health_checker_protocol --policy policy [OPTIONS]

See the CLI online help for a list of options:

oci lb backend-set update --help

See oci lb backend-set update for a complete description of the command.

To edit a backend set using the API

Use the API to update a backend set for a Load Balancer resource.

Run the UpdateBackendSet method to edit a backend set for a load balancer. See UpdateBackendSet for a complete description.

Deleting Backend Sets

Delete a backend set from a Load Balancer resource.

Use one of the following methods to delete a backend set from a selected load balancer.

Note

You cannot delete a backend set used by an active listener.

To delete a backend set using the Console

Use the OCI Console to delete a backend set from a Load Balancer resource.

  1. Open the navigation menu, click Networking, and then click Load Balancers.

  2. Select the Compartment from the list.

    All load balancers and network load balancers in that compartment are listed in tabular form.

  3. (optional) Select a State from the list to limit the load balancers displayed to that state.

  4. (optional) Uncheck Network Load Balancer under Type to only display load balancers.

  5. Click the load balancer whose backend set you want to delete.

    The Load Balancer Details page appears.

  6. Click Backend Sets under Resources.

    The Backend Sets list appears. All backend sets are listed in tabular form.

  7. Click the backend set you want to delete.

    The Backend Set Details page appears.

  8. Click Delete.

    Alternatively, click the Actions icon (Actions icon) associated with the backend set you want to delete and click Delete.

  9. Confirm the deletion when prompted.

To delete a backend set using the CLI

Use the command line interface (CLI) to delete a backend set from a Load Balancer resource.

Enter the following command:

oci lb backend-set delete --backend-set-name backend_set_name --load-balancer-id load_balancer-id [OPTIONS]

See the CLI online help for a list of options:

oci lb backend-set delete --help

See oci lb backend-set delete for a complete description of the command.

To delete a backend set using the API

Use the API to delete a backend set from a Load Balancer resource.

Run the DeleteBackendSet method to delete a backend set from a load balancer. See DeleteBackendSet for a complete description.

Getting Backend Set Health Details

Get the health details of a backend set for a Load Balancer resource.

The following table lists the health levels and their descriptions.

Level

Color

Description

Critical

Red

Fewer than half of the backend set's backend servers return a status of OK.

Warning

Yellow

Both of the following conditions are true:

  • Half or more of the backend set's backend servers return a status of OK.

  • At least one backend server returns a status of Warning, Critical, Pending, or Incomplete.

Incomplete

Yellow

The backend set does not have any backends attached.

Pending

Yellow

At least one of the following conditions is true:

  • More than half of the backend set's backend servers return a status of Pending.

  • The system could not retrieve metrics for any reason.

OK

Green

All backend servers in the backend set return a status of OK.

Use one of the following methods to display the health details of a backend set for a selected load balancer.

Getting Backend Set Health Details using the Console

Use the OCI Console to get the health details of a backend set for a Load Balancer resource.

  1. Open the navigation menu, click Networking, and then click Load Balancers.

  2. Select the Compartment from the list.

    All load balancers and network load balancers in that compartment are listed in tabular form.

  3. (optional) Select a State from the list to limit the load balancers displayed to that state.

  4. (optional) Uncheck Network Load Balancer under Type to only display load balancers.

  5. Click the load balancer whose backend set you want to edit.

    The Load Balancer Details page appears.

  6. Click Backend Sets under Resources.

    The Backend Sets list appears. All backend sets are listed in tabular form.

  7. Click the backend set you want to edit.

    The Backend Set Details dialog box appears.

  8. View the Overall and Backend Health details.

    See Getting Backend Set Health Details for descriptions of the backend set health indicators.

Getting Backend Set Health Details using the CLI

Use the command line interface (CLI) to get the health details of a backend set for a Load Balancer resource.

Enter the following command:

oci lb backend-set-health get --backend-set-name backend_set_name --load-balancer-id load-balancer_id [OPTIONS]

See the CLI online help for a list of options:

oci lb backend-set-health get --help

See oci lb backend-set-health get for a complete description of the command.

See Getting Backend Set Health Details for descriptions of the backend set health indicators.

Getting Backend Set Health Details using the API

Use the API to get the health details of a backend set for a Load Balancer resource.

Run the GetBackendSetHealth method to get the health details a backend set for a load balancer. See GetBackendSetHealth for a complete description.

See Getting Backend Set Health Details for descriptions of the backend set health indicators.