1. User Guide
  2. Network Load Balancers
  3. Network Load Balancer Backend Sets

Network Load Balancer Backend Sets

This section describes how to use backend sets to create logical entities consisting of a network load balancing policy, health check policy, and a list of backend servers for a Network Load Balancer resource.

Creating a Network Load Balancer Backend Set

You can create a backend set for an existing network load balancer. The backend set is a group of servers to which network traffic is load balanced. You can create backend servers after you create the backend set, or at the same time. This topic creates only the backend set.

Using the Compute Web UI

  1. Open the Navigation Menu. Under Networking, click Network Load Balancers.

  2. Click the name of the Network Load Balancer for which you want to create the network load balancer backend set.

  3. Click Backend Sets under Resources.
  4. Any existing backend sets are listed, otherwise the list says No data available. To create a backend set, click Create Backend Set.

  5. Enter the following:

    • Name: Specify a friendly name for the backend set. It must be unique within the network load balancer, and cannot be changed. Valid backend set names include only alphanumeric characters, dashes, and underscores. Backend set names cannot contain spaces. Avoid entering confidential information.

    • Load Balancing Policy: The IP Hash policy uses an incoming request's source IP address as a hashing key to route "non-sticky" traffic to the same backend server. The load balancer routes requests from the same client to the same backend server as long as that server is available. This policy honors server weight settings when establishing the initial connection. Select one of the following load balancing policies:
      • 5-Tuple hash: This policy distributes incoming traffic based on 5-Tuple (source IP and port, destination IP and port, protocol) IP Hash.
      • 3-Tuple hash: This policy ensures that requests from a particular client are always directed to the same backend server based on 3-Tuple (source IP, destination IP, protocol) IP Hash.
      • 2-Tuple hash: This policy routes incoming traffic to the same backend server based on 2-Tuple (Source/Destination) IP Hash.
    • Source Header Preservation: The default value cannot be changed.

    • IP Protocol Verion: The network load balancer listener and backend set must use the same IP protocol version. Accepted values are: IPV4.

    • Health Check: Specify the parameters to confirm the health of backend servers in the set:
      • Protocol: Enter the protocol: TCP or HTTP. HTTP is valid for NLB health checks. When using TCP as the protocol, you can optionally provide the request data and the response data.
      • Port: Specify the backend server port against which to run the health check. You can enter the value '0' to have the health check use the backend server's traffic port.
      • Internal in MS: Specify how frequently to run the health check in milliseconds. The default value is 10000 (10 seconds).
      • Timeout in MS: Specify the maximum time in milliseconds to wait for a reply to a health check. A health check is successful only if a reply returns within this timeout period. The default is 3000 (3 seconds).
      • Number of Retries: Specify the number of retries to attempt before a backend server is considered "unhealthy." This number also applies when recovering a server to the "healthy" state. The default is 3.
      • Status Code: Specify the status code a healthy backend server must return.
      • URL Path (URI): Specify a URL endpoint against which to run the health check.
      • Response Body Regex: Provide a regular expression for parsing the response body from the backend server.

  6. Click the Create Backend Set button in the dialog. To display the details of the new backend set, view the backend set.

Using the OCI CLI

  1. Gather the information you need to run the command:

    • Compartment OCID (oci iam compartment list --compartment-id-in-subtree true)

    • NLB OCID (oci nlb network-load-balancer list --compartment-id compartment_OCID)

  2. Run the backend set create command.

    Use the NLB OCID and backend set name to create the backend set for the NLB in the specified compartment.

    Note:

    For information about optional parameters, run the command with the --help option.

    Syntax (entered on a single line):

    oci nlb backend-set create --health-checker health-checker-parameters \
  --name backend-set-name --network-load-balancer-id network-load-balancer_OCID \  
   --policy network-load-balancer-policy

    Where:

    health-checker-parameters is the set of parameters associated with the health checker for this backend set.
    • Protocol: Enter the protocol: TCP. Configure your health check protocol to match your application or service. When using TCP as the protocol, you can optionally provide the request data and the response data.
    • Port: Specify the backend server port against which to run the health check. You can enter the value '0' to have the health check use the backend server's traffic port.
    • Internal in MS: Specify how frequently to run the health check in milliseconds. The default value is 10000 (10 seconds).
    • Timeout in MS: Specify the maximum time in milliseconds to wait for a reply to a health check. A health check is successful only if a reply returns within this timeout period. The default is 3000 (3 seconds).
    • Number of Retries: Specify the number of retries to attempt before a backend server is considered "unhealthy." This number also applies when recovering a server to the "healthy" state. The default is 3.
    • Status Code: Specify the status code a healthy backend server must return.
    • URL Path (URI): Specify a URL endpoint against which to run the health check.
    • Response Body Regex: Provide a regular expression for parsing the response body from the backend server.

    backend-set-name is the name specific to the backend set.

    network-load-balancer_OCID is the OCID of the NLB.

    network-load-balancer-policy is the policy associated with the load balancer.

    Example:

    oci nlb backend-set create --health-checker '{"interval-in-milliseconds":10000,"port": 22, 
"protocol": "TCP", "retries": 3, "timeoutInMillis": 3000}' --name PrivTCP_NLB1BESet 
--network-load-balancer-id ocid1.networkloadbalancer..….….uniqueID --policy "TWO_TUPLE"

{
  "opc-work-request-id": "ocid1.workrequest.....….….….uniqueID "
}

    Note:

    The command returns a work request ID. To see the backend set results, you must list backend sets associated with the specified NLB and verify that the backend set created is listed. Use the oci nlb backend-set list command to view the backend set details. 
    oci nlb backend-set list --network-load-balancer-id ocid1.networkloadbalancer..….….uniqueID  

{
  "data": {
    "items": [
    {
      "backends": [],
      "health-checker": {
        "interval-in-millis": 10000,
        "port": 22,
        "protocol": "TCP",
        "request-data": "123",
        "response-body-regex": ".*",
        "response-data": "123",
        "retries": 3,
        "return-code": 200,
        "timeout-in-millis": 3000,
        "url-path": "/"
      },
      "ip-version": "IPV4",
      "is-preserve-source": false,
      "name": "PrivTCP_NLB1BESet",
      "policy": "TWO_TUPLE"
      }
    ]
  }
}

Viewing Network Load Balancer Backend Set Details

You can view a list of the backend sets of an existing network load balancer and view their details.

Using the Compute Web UI

  1. Open the Navigation Menu. Under Networking, click Network Load Balancers.

  2. Click the name of the network load balancer (NLB) for which you want to list the existing backend set details.

  3. Click the Backend Sets under Resources to display a list of any available backend sets.

  4. If the NLB backend set exists, you can view its details by clicking on the backend set name or under the Action (three vertical dots) pull-down menu.

Using the OCI CLI

  1. Gather the information you need to run the command:

    • Compartment OCID (oci iam compartment list --compartment-id-in-subtree true)

    • NLB OCID (oci nlb network-load-balancer list --compartment-id compartment_OCID)

  2. Run the get command.

    Use the backend set name and NLB OCID to view the details for the NLB backend set in the specified compartment.

    Note:

    For information about optional parameters, run the command with the --help option.

    Syntax (entered on a single line):

    oci nlb backend-set get --backend-set-name backend_set_name \ 
  --network-load-balancer-id network-load-balancer_OCID

    Where:

    backend-set-name is the name specific to the backend set.

    network-load-balancer_OCID is the OCID of the load balancer associated with the backend set.

    Example:

    $ oci nlb backend-set get --backend-set-name PrivTCP_NLB1BESet \ 
  --network-load-balancer-id ocid1.networkloadbalancer..….….uniqueID

{
  "data": {
    "items": [
    {
      "backends": [],
      "health-checker": {
        "interval-in-millis": 10000,
        "port": 22,
        "protocol": "TCP",
        "request-data": "123",
        "response-body-regex": ".*",
        "response-data": "123",
        "retries": 3,
        "return-code": 200,
        "timeout-in-millis": 3000,
        "url-path": "/"
      },
      "ip-version": "IPV4",
      "is-preserve-source": false,
      "name": "PrivTCP_NLB1BESet",
      "policy": "TWO_TUPLE"
      }
    ]
  }
}

Editing a Network Load Balancer Backend Set

You can change network load balancer (NLB) backend set properties, such as the health checker parameters used.

Using the Compute Web UI

  1. Open the Navigation Menu. Under Networking, click Network Load Balancers.

  2. Click the name of the network load balancer (NLB) for which you want to edit the backend set information.
  3. Under Resources, click Backend Sets.

  4. Select the name of the NLB backend set that you want to edit.

  5. In the Actions list, click Edit to open the Edit Network Load Balancer Backend Set window.

  6. Make allowable changes in the pop-up window.

  7. Click Update Network Load Balancer Backend Set to update the NLB Backend Set properties.

Using the OCI CLI

  1. Gather the information you need to run the command:

    • Compartment OCID (oci iam compartment list --compartment-id-in-subtree true)

    • NLB OCID (oci nlb network-load-balancer list --compartment-id compartment_OCID)

  2. Run the update command, which returns a work request ID.

    Note:

    For information about optional parameters, run the command with the --help option.

    Syntax (entered on a single line):

    oci nlb backend-set update --health-checker health-checker-parameters \
  --name backend-set-name --network-load-balancer-id network-load-balancer_OCID \  
   --policy network-load-balancer-policy

    Where:

    health-checker-parameters is the set of parameters associated with the health checker for this backend set.
    • Protocol: Enter the protocol: TCP. Configure your health check protocol to match your application or service. When using TCP as the protocol, you can optionally provide the request data and the response data.
    • Port: Specify the backend server port against which to run the health check. You can enter the value '0' to have the health check use the backend server's traffic port.
    • Internal in MS: Specify how frequently to run the health check in milliseconds. The default value is 10000 (10 seconds).
    • Timeout in MS: Specify the maximum time in milliseconds to wait for a reply to a health check. A health check is successful only if a reply returns within this timeout period. The default is 3000 (3 seconds).
    • Number of Retries: Specify the number of retries to attempt before a backend server is considered "unhealthy." This number also applies when recovering a server to the "healthy" state. The default is 3.
    • Status Code: Specify the status code a healthy backend server must return.
    • URL Path (URI): Specify a URL endpoint against which to run the health check.
    • Response Body Regex: Provide a regular expression for parsing the response body from the backend server.

    backend-set-name is the name specific to the backend set.

    network-load-balancer_OCID is the OCID of the NLB.

    network-load-balancer-policy is the policy associated with the load balancer.

    Example (change policy to TWO_TUPLE):

    $ oci nlb backend-set update --health-checker '{"intervalInMillis":10000,"port": 22, \ 
  "protocol": "TCP", "retries":3, "timeoutInMillis": 3000}' --backend-set-name PrivTCP_BackEndSet_1 \
  --network-load-balancer-id $Priv_NLB1 --policy "TWO_TUPLE"
WARNING: Updates to backends and health-checker and ssl-configuration and session-persistence-
  configuration and lb-cookie-session-persistence-configuration will replace any existing values. 
  Are you sure you want to continue? [y/N]: y

{
  "opc-work-request-id": "ocid1.workrequest.xxx.networkloadbalancer......unique_ID"
}

    Note:

    The command returns a work request ID. To see the backend set results, you must list backend sets associated with the specified NLB and verify that the backend set parameters are changed. Use the oci nlb backend-set list command to view the backend set details. 
    oci nlb backend-set list --network-load-balancer-id ocid1.networkloadbalancer..….….uniqueID  

{
  "data": {
    "items": [
    {
      "backends": [],
      "health-checker": {
        "interval-in-millis": 10000,
        "port": 22,
        "protocol": "TCP",
        "request-data": "123",
        "response-body-regex": ".*",
        "response-data": "123",
        "retries": 3,
        "return-code": 200,
        "timeout-in-millis": 3000,
        "url-path": "/"
      },
      "ip-version": "IPV4",
      "is-preserve-source": false,
      "name": "PrivTCP_BackEndSet_1",
      "policy": "TWO_TUPLE"
      }
    ]
  }
}

Deleting a Network Load Balancer Backend Set

You can delete a network load balancer (NLB) Backend Set and remove it from service.

Using the Compute Web UI

  1. Open the Navigation Menu. Under Networking, click Network Load Balancers.

  2. Click the name of the network load balancer (NLB) for which you want to delete the backend set.
  3. Under Resources, click Backend Sets.

  4. Select the name of the NLB backend set you want to delete.

  5. Under the Actions column, click the three-dots pull-down menu, and select Delete.

  6. Confirm the operation when prompted.

Using the OCI CLI

  1. Gather the information you need to run the command:

    • Compartment OCID (oci iam compartment list --compartment-id-in-subtree true)

    • NLB OCID (oci nlb network-load-balancer list --compartment-id compartment_OCID)

  2. Run the delete command, which returns a work request ID.

    Syntax (entered on a single line):

    $ oci nlb backend-set delete --backend-set-name HTTP_BckEndSet \ 
  --network-load-balancer-id ocid1.networkloadbalancer....….….….uniqueID 
Are you sure you want to delete this resource? [y/N]: y
{
  "opc-work-request-id": "ocid1.workrequest.xxx.networkloadbalancer-...….….….uniqueID"
}

    Note:

    To delete the LB backend set without verification, run the command with the --force option.