Oracle Cloud Infrastructure Documentation

Network Load Balancer

A network load balancer enables you to connect to a DB system over the internet. It is a security risk to make the DB system accessible over the internet. Restrict the authorized public IP addresses to a single IP address or a small range of IP addresses, and use in-transit encryption. It is recommended to use a VPN connection.

Connecting to a DB System

Use the network load balancer to connect to the DB system over the internet.

Using the Console

Use the Console to create a network load balancer that enables you to connect to a DB system over the internet.

Do the following to connect to a DB system over the internet, that is, using a public IP address:

  1. Create a network load balancer to redirect traffic to the DB system. See Creating a Network Load Balancer.
  2. Configure the backend of the load balancer to route traffic to the DB system. See Configuring the Backend of the Network Load Balancer.

    Do not add more than one DB system in the backend of the load balancer. Writing data to multiple backends results in having inconsistent data across DB systems. If you need public access to more DB systems, create one load balancer for each DB system.

  3. Add ingress rules to the public security list of your VCN to allow traffic to the MySQL port. See Adding Ingress Rules.

    If the DB system is in a different subnet, add ingress rules to that subnet. You can view the subnet of your DB system in the DB System Details page. Also, ensure you configure Source CIDR to include the load balancer IP address and specify the correct port in Destination Port Range.

  4. Connect to your DB system using the public IP address of the network load balancer using a command-line client such as MySQL Shell: 
    mysqlsh <UserName>@<NLBPublicIPAddress>

    Optionally, you can add another listener and backend to the MySQL X Protocol port. The default port is 33060. Configure an equivalent listener, backend, and security rules for the X Protocol port.

Creating a Network Load Balancer

A network load balancer redirects traffic to the DB system.

Using the Console

Use the Console to create a network load balancer.

  1. Open the navigation menu, select Networking, and then select Load Balancers.
  2. Choose your compartment from the List Scope.
  3. Click Create Load Balancer, select Network Load Balancer, and then click Create Load Balancer.
  4. In the Create Network Load Balancer panel, on the Add Details section, provide the following details:
    • Load Balancer Name: Specify a name for the load balancer.
    • Choose Visibility Type: Select Public.
    • Assign a public IP address: Select Reserved IPv4 Address, and select one of the following:
      • Select existing reserved IP address: Select an existing reserved IP address.
      • Create new reserved IP address: Create new reserved IP address from one of your IP address pools.
    • Choose Networking:
      • Virtual Cloud Network in <Compartment>: Select the same VCN as your DB system. You can view the VCN details in the DB System Details page.
      • Subnet in <Compartment>: Select the public subnet. The subnet need not be same as the DB system. If you have used the VCN Wizard to create the VCN, the traffic routes from the public subnet to the private subnet.
  5. Click Next.
  6. Configure Listener:
    • Listener Name: Specify a listener name.
    • Specify The Type Of Traffic Your Listener Handles: Select TCP.
    • Ingress Traffic Port: Select Specify the port. The default MySQL protocol port is 3306. Optionally, you can later create an additional listener to another port such as 33060 for the MySQL X protocol. Confirm that you have equivalent listener, backend, and security rules configured to the X protocol port.
  7. Click Next.
  8. Choose Backends:
    • Backend Set Name: Specify a backend set name.
    • Select Backend Servers:
      • Add Backends: Do not add backend servers.
      • Preserve Source IP: Select the check box.
    • Specify Health Check Policy:
      • Protocol: Select TCP.
      • You do not need to change the default value of other fields.
  9. Click Next.
  10. Review your settings, and click Create Network Load Balancer.
  11. Once the network load balancer is created, ensure that the Overall Health and Backend Sets Health is OK (green).

Related Topics

Configuring the Backend of the Network Load Balancer

Configure the backend of the network load balancer to route traffic to the DB system. Do not add more than one DB system in the backend of the load balancer. Writing data to multiple backends results in having inconsistent data across DB systems. If you need public access to more DB systems, create one load balancer for each DB system.

Using the Console

Use the Console to configure the backend of the load balancer.

  1. Open the navigation menu, select Networking, and then select Load Balancers.
  2. Choose your compartment from the List Scope.
  3. From the list of load balancers, click the name of your load balancer to open the Load Balancer Details page.
  4. In the Load Balancer Details page, under Resources, click Backend Sets.
  5. Click the name of the your backend set to open the Backend Sets page.
  6. Under Resources, click Backends.
  7. Click Add Backends.
  8. In the Add Backends panel, provide the following information:
    • Backend Type: Select IP Addresses.
    • IP Address: Specify the private IP address of the DB system. You can find the private IP address of the DB system and the port details under Endpoint section of the DB System Details page.
    • Port: Specify the MySQL port. The default port is 3306.
      Note

  9. Click Add Backends.