Overview

In this hands-on lab, you'll learn the differences between a network load balancer and a HTTP load balancer, and how to set them up for your applications running on Google Compute Engine virtual machines.

There are several ways you can load balance in Google Cloud Platform. This lab takes you through the setup of the following load balancers:

• L4 Network Load Balancer
• L7 HTTP(s) Load Balancer

Students are encouraged to type the commands themselves, which helps in learning the core concepts. Many labs include a code block that contains the required commands. You can easily copy and paste the commands from the code block into the appropriate places during the lab.

What you'll do

• Setup a network load balancer.

• Setup a HTTP(s) load balancer.

• Get hands-on experience learning the differences between network load balancers and HTTP load balancers.

Prerequisites

Familiarity with standard Linux text editors such as vim, emacs, or nano is helpful.

Setup

For each lab, you get a new Google Cloud project and set of resources for a fixed time at no cost.

1. Sign in to Qwiklabs using an incognito window.

2. Note the lab's access time (for example, 1:15:00), and make sure you can finish within that time.
   There is no pause feature. You can restart if needed, but you have to start at the beginning.

3. When ready, click Start lab.

4. Note your lab credentials (Username and Password). You will use them to sign in to the Google Cloud Console.

5. Click Open Google Console.

6. Click Use another account and copy/paste credentials for this lab into the prompts.
   If you use other credentials, you'll receive errors or incur charges.

7. Accept the terms and skip the recovery resource page.

Activate Google Cloud Shell

Google Cloud Shell is a virtual machine that is loaded with development tools. It offers a persistent 5GB home directory and runs on the Google Cloud.

Google Cloud Shell provides command-line access to your Google Cloud resources.

1. In Cloud console, on the top right toolbar, click the Open Cloud Shell button.

   

2. Click Continue.

It takes a few moments to provision and connect to the environment. When you are connected, you are already authenticated, and the project is set to your PROJECT_ID. For example:

gcloud is the command-line tool for Google Cloud. It comes pre-installed on Cloud Shell and supports tab-completion.

• You can list the active account name with this command:

gcloud auth list

Output:

Credentialed accounts: - @.com (active)

Example output:

Credentialed accounts: - google1623327_student@qwiklabs.net

• You can list the project ID with this command:

gcloud config list project

Output:

[core] project =

Example output:

[core] project = qwiklabs-gcp-44776a13dea667a6 Note: Full documentation of gcloud is available in the gcloud CLI overview guide .

Task 1. Set the default region and zone for all resources

1. In Cloud Shell, set the default zone:

gcloud config set compute/zone us-central1-a

2. Set the default region:

gcloud config set compute/region us-central1 Note: Learn more about choosing zones and regions from the Regions and zones guide. Note: When you run gcloud on your own machine, the config settings persist across sessions. In Cloud Shell you need to set this for every new session or reconnection.

Task 2. Create multiple web server instances

To simulate serving from a cluster of machines, create a simple cluster of Nginx web servers to serve static content using Instance Templates and Managed Instance Groups.

Instance Templates define the look of every virtual machine in the cluster (disk, CPUs, memory, etc). Managed Instance Groups instantiate a number of virtual machine instances using the Instance Template.

To create the Nginx web server clusters, create the following:

• A startup script to be used by every virtual machine instance to set up a Nginx server upon startup.

• An instance template to use the startup script.

• A target pool.

• A managed instance group using the instance template.

1. Still in Cloud Shell, create a startup script to be used by every virtual machine instance. This script sets up the Nginx server upon startup:

cat << EOF > startup.sh #! /bin/bash apt-get update apt-get install -y nginx service nginx start sed -i -- 's/nginx/Google Cloud Platform - '"\$HOSTNAME"'/' /var/www/html/index.nginx-debian.html EOF

2. Create an instance template, which uses the startup script:

gcloud compute instance-templates create nginx-template \ --metadata-from-file startup-script=startup.sh

Output:

Created [https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-03-f120f3ff8d59/global/instanceTemplates/nginx-template]. NAME: nginx-template MACHINE_TYPE: n1-standard-1 PREEMPTIBLE: CREATION_TIMESTAMP: 2022-08-01T10:18:34.010-07:00

3. Create a target pool. A target pool allows a single access point to all the instances in a group and is necessary for load balancing in the future steps:

gcloud compute target-pools create nginx-pool

Output:

Created [https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-03-f120f3ff8d59/regions/us-central1/targetPools/nginx-pool]. NAME: nginx-pool REGION: us-central1 SESSION_AFFINITY: NONE BACKUP: HEALTH_CHECKS:

4. Create a managed instance group using the instance template:

gcloud compute instance-groups managed create nginx-group \ --base-instance-name nginx \ --size 2 \ --template nginx-template \ --target-pool nginx-pool

Output:

Created [https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-03-f120f3ff8d59/zones/us-central1-a/instanceGroupManagers/nginx-group]. NAME: nginx-group LOCATION: us-central1-a SCOPE: zone BASE_INSTANCE_NAME: nginx SIZE: 0 TARGET_SIZE: 2 INSTANCE_TEMPLATE: nginx-template AUTOSCALED: no

This creates 2 virtual machine instances with names that are prefixed with nginx-. This may take a couple of minutes.

5. List the compute engine instances and you should see all of the instances created:

gcloud compute instances list

Output:

NAME: nginx-272n ZONE: us-central1-a MACHINE_TYPE: n1-standard-1 PREEMPTIBLE: INTERNAL_IP: 10.128.0.3 EXTERNAL_IP: 34.67.102.14 STATUS: RUNNING NAME: nginx-8zbn ZONE: us-central1-a MACHINE_TYPE: n1-standard-1 PREEMPTIBLE: INTERNAL_IP: 10.128.0.2 EXTERNAL_IP: 34.134.105.200 STATUS: RUNNING

6. Now configure a firewall so that you can connect to the machines on port 80 via the EXTERNAL_IP addresses:

gcloud compute firewall-rules create www-firewall --allow tcp:80

You should be able to connect to each of the instances via their external IP addresses via http://EXTERNAL_IP/ shown as the result of running the previous command.

Check your lab progress. Click Check my progress below to verify that you've created a group of webservers.

Create a group of webservers

Task 3. Create a network load balancer

Network load balancing allows you to balance the load of your systems based on incoming IP protocol data, such as address, port, and protocol type. You also get some options that are not available, with HTTP(S) load balancing. For example, you can load balance additional TCP/UDP-based protocols such as SMTP traffic. And if your application is interested in TCP-connection-related characteristics, network load balancing allows your app to inspect the packets, where HTTP(S) load balancing does not.

Note: Learn more about setting up network load balancing from the External TCP/UDP Network Load Balancing overview guide.

1. Create an L4 network load balancer targeting your instance group:

gcloud compute forwarding-rules create nginx-lb \ --region us-central1 \ --ports=80 \ --target-pool nginx-pool

Output:

Created [https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-03-f120f3ff8d59/regions/us-central1/forwardingRules/nginx-lb].

2. List all Google Compute Engine forwarding rules in your project:

gcloud compute forwarding-rules list

Output:

NAME: nginx-lb REGION: us-central1 IP_ADDRESS: 34.122.107.81 IP_PROTOCOL: TCP TARGET: us-central1/targetPools/nginx-pool

You can then visit the load balancer from the browser http://IP_ADDRESS/ where IP_ADDRESS is the address shown as the result of running the previous command.

Check your lab progress. Click Check my progress below to verify that you've created an L4 Network Load Balancer that points to the webservers.

Create an L4 Network Load Balancer that points to the webservers

Task 4. Create a HTTP(s) load balancer

HTTP(S) load balancing provides global load balancing for HTTP(S) requests destined for your instances. You can configure URL rules that route some URLs to one set of instances and route other URLs to other instances. Requests are always routed to the instance group that is closest to the user, provided that group has enough capacity and is appropriate for the request. If the closest group does not have enough capacity, the request is sent to the closest group that does have capacity.

Note: Learn more about creating a HTTP(s) load balancer from the External HTTP(S) Load Balancing overview documentation.

1. First, create a health check. Health checks verify that the instance is responding to HTTP or HTTPS traffic.

gcloud compute http-health-checks create http-basic-check

Output:

Created [https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-03-f120f3ff8d59/global/httpHealthChecks/http-basic-check]. NAME: http-basic-check HOST: PORT: 80 REQUEST_PATH: /

2. Define an HTTP service and map a port name to the relevant port for the instance group. Now the load balancing service can forward traffic to the named port.

gcloud compute instance-groups managed \ set-named-ports nginx-group \ --named-ports http:80

Output:

Updated [https://www.googleapis.com/compute/v1/projects/...].

3. Create a backend service:

gcloud compute backend-services create nginx-backend \ --protocol HTTP --http-health-checks http-basic-check --global

Output:

Created [https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-03-f120f3ff8d59/global/backendServices/nginx-backend]. NAME: nginx-backend BACKENDS: PROTOCOL: HTTP

4. Add the instance group into the backend service:

gcloud compute backend-services add-backend nginx-backend \ --instance-group nginx-group \ --instance-group-zone us-central1-a \ --global

Output:

Updated [https://www.googleapis.com/compute/v1/projects/...].

5. Create a default URL map that directs all incoming requests to all your instances:

gcloud compute url-maps create web-map \ --default-service nginx-backend

Output:

Created [https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-03-f120f3ff8d59/global/urlMaps/web-map]. NAME: web-map DEFAULT_SERVICE: backendServices/nginx-backend Note: To direct traffic to different instances based on the URL being requested, review the Request routing to a multi-region external HTTPS load balancer guide.

6. Create a target HTTP proxy to route requests to your URL map:

gcloud compute target-http-proxies create http-lb-proxy \ --url-map web-map

Output:

Created [https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-03-f120f3ff8d59/global/targetHttpProxies/http-lb-proxy]. NAME: http-lb-proxy URL_MAP: web-map

7. Create a global forwarding rule to handle and route incoming requests. A forwarding rule sends traffic to a specific target HTTP or HTTPS proxy depending on the IP address, IP protocol, and port specified. The global forwarding rule does not support multiple ports:

gcloud compute forwarding-rules create http-content-rule \ --global \ --target-http-proxy http-lb-proxy \ --ports 80

Output:

Created [https://www.googleapis.com/compute/v1/projects/...].

8. After creating the global forwarding rule, it can take several minutes for your configuration to propagate:

gcloud compute forwarding-rules list

Output:

NAME: http-content-rule REGION: IP_ADDRESS: 34.107.225.101 IP_PROTOCOL: TCP TARGET: http-lb-proxy NAME: nginx-lb REGION: us-central1 IP_ADDRESS: 34.122.107.81 IP_PROTOCOL: TCP TARGET: us-central1/targetPools/nginx-pool

Take note of the http-content-rule IP_ADDRESS for the forwarding rule.

From the browser, you should be able to connect to http://IP_ADDRESS/. It may take three to five minutes. If you do not connect, wait a minute then reload the browser.

Check your lab progress. Click Check my progress below to verify that you've created an L7 HTTP(S) Load Balancer.

Create an L7 HTTP(S) Load Balancer

Task 5. Test your knowledge

Test your knowledge about Google cloud Platform by taking our quiz. (Please select multiple correct options if necessary.)

End your lab

When you have completed your lab, click End Lab. Google Cloud Skills Boost removes the resources you’ve used and cleans the account for you.

You will be given an opportunity to rate the lab experience. Select the applicable number of stars, type a comment, and then click Submit.

The number of stars indicates the following:

• 1 star = Very dissatisfied
• 2 stars = Dissatisfied
• 3 stars = Neutral
• 4 stars = Satisfied
• 5 stars = Very satisfied

You can close the dialog box if you don't want to provide feedback.

For feedback, suggestions, or corrections, please use the Support tab.

Copyright 2022 Google LLC All rights reserved. Google and the Google logo are trademarks of Google LLC. All other company and product names may be trademarks of the respective companies with which they are associated.