Creating L7 load balancer

To create an L7 load balancer:

Management console

CLI

Terraform

API

In the management console, select the folder to create a load balancer in.
In the list of services, select Application Load Balancer.
Click Create L7 load balancer and select Manual.
Enter the load balancer name.
Under Network settings, select the network whose subnets will host the load balancer nodes, as well as the appropriate security groups. If there is no appropriate field, all incoming and outgoing traffic will be allowed for the load balancer.
(Optional) Under Autoscaling settings, set a limit on the number of resource units.

The number of units will change automatically depending on the actual load on the load balancer and the limits you specified. The number of units affects the load balancer pricing.
(Optional) Under Log settings:
1. Enable Write logs.
2. Select the Cloud Logging log group to write load balancer logs to.
3. Click Add discard rule and set up its parameters:
  - HTTP codes: Add HTTP status codes.
  - HTTP code classes: Add classes of HTTP status codes.
  - gRPC codes: Add gRPC codes.
  - Share of discarded logs: Set the percentage of logs to discard.
  You can set multiple rules.
Under Allocation, select three subnets for the load balancer nodes and enable traffic to these subnets.
Under Listeners, click Add listener. Set the listener settings:
1. Enter the listener name.
2. (Optional) Enable Public IP address. Set the Port to 80 and the Type to:
  - Automatically.
  - List: Select an address from the drop-down list of the field that appears on the right.
3. (Optional) Enable Internal IP address. Specify Port and select Subnet from the drop-down list.
4. Under Receiving and processing traffic, select the listener type: HTTP or Stream.
  
  For HTTP, select:
  - Protocol: HTTP, HTTPS, or Redirect to HTTPS.
  - HTTP router from the drop-down list.
  For Stream, select a protocol:
  - Plain-text: Select Backend groups from the drop-down list.
  - Encrypted: Under Main listener, select Certificates and Backend groups from the drop-down lists.
Add more listeners if needed.
Click Create.

If you don't have the Nebius Israel command line interface yet, install and initialize it.

The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

View a description of the CLI command to create an L7 load balancer:
```
yc alb load-balancer create --help
```

Run the following command, specifying the network and subnets that will host the load balancer's nodes and the appropriate security groups:

yc alb load-balancer create <load_balancer_name> \
  --network-name <network_name> \
  --security-group-id <security_group_ID>
  --location subnet-name=<subnet_name>,zone=<availability_zone>

You can use the --location option multiple times to specify different availability zones and subnets.

Result:

done (1m40s)
id: a5d88ep483cm********
name: test-balancer2
folder_id: aoe197919j8e********
status: ACTIVE
region_id: il1
network_id: c64l1c06d151********
allocation_policy:
  locations:
  - zone_id: il1-a
    subnet_id: buc4gsmpj8hv********
created_at: "2022-06-02T12:12:13.624832586Z"

(Optional) Set a limit on the number of resource units:

View the description of the CLI command to set up limits:
```
yc alb load-balancer autoscale --help
```

Set limits by running the command below:

yc alb load-balancer autoscale <load_balancer_name_or_ID> \
  --min-zone-size <minimum_number_of_resource_units_per_zone> \
  --max-size <maximum_total_number_of_resource_units>

Where:

--min-zone-size: Minimum number of resource units in each availability zone. The default minimum is 2. You cannot set the minimum value that is less than 2.
--max-size: Maximum total number of resource units. By default, this number is unlimited. Make sure the value is not less than the number of load balancer availability zones multiplied by the minimum number of resource units per zone.

You can set one or both parameters in the command.

For example:

yc alb load-balancer autoscale test-balancer2 \
  --min-zone-size 3 \
  --max-size 10

Result:

id: a5d88ep483cm********
name: test-balancer2
folder_id: aoe197919j8e********
status: ACTIVE
region_id: il1
network_id: c64l1c06d151********
allocation_policy:
  locations:
    - zone_id: il1-a
      subnet_id: buc4gsmpj8hv********
created_at: "2022-06-02T12:12:13.624832586Z"
auto_scale_policy:
  min_zone_size: 3
  max_size: 10

(Optional) Set parameters for writing logs to Cloud Logging:

View a description of the CLI command for enabling load balancer logging:
```
yc alb load-balancer logging --help
```

Link a log group to the load balancer and set up a rule for discarding logs:

yc alb load-balancer logging <load_balancer_name> \
  --log-group-id <log_group_ID> \
  --enable \
  --discard codes=[<HTTP_code>,<HTTP_code_class>,<gRPC_code>],percent=<perentage_of_logs_to_discard>

Where:

--log-group-id: ID of the log group.
--discard: Rule for discarding logs. Rule parameters:
- codes: HTTP status codes, classes of HTTP status codes, or gRPC codes.
- percent: Percentage of logs to be discarded.
You can set multiple rules.

Result:

done (42s)
id: ds76g83js9gf********
name: test-load-balancer
folder_id: b1gu33ev7lh6********
...
log_options:
  log_group_id: e23p9bfjvsgr********
  discard_rules:
    - http_codes:
        - "200"
      http_code_intervals:
        - HTTP_3XX
      grpc_codes:
        - OK
      discard_percent: "90"

Add a listener for an L7 load balancer:

HTTP listener:

View a description of the CLI command for adding an HTTP listener for an L7 load balancer:
```
yc alb load-balancer add-listener --help
```

Add a listener by running the command:

yc alb load-balancer add-listener <load_balancer_name> \
  --listener-name <listener_name> \
  --http-router-id <HTTP_router_ID> \
  --external-ipv4-endpoint port=<listener_port>

Stream listener:

View a description of the CLI command for adding a Stream listener for an L7 load balancer:
```
yc alb load-balancer add-stream-listener --help
```

Add a listener by running the command:

yc alb load-balancer add-stream-listener <load_balancer_name> \
  --listener-name=<listener_name> \
  --backend-group-id=<backend_group_ID> \
  --external-ipv4-endpoint port=<listener_port>

The result of adding two listeners is:

done (42s)
id: ds76g8b2op3f********
name: test-load-balancer
folder_id: b1gu6g9ielh6********
status: ACTIVE
network_id: enp0uulja5s3********
listeners:
- name: tslistener
  endpoints:
  - addresses:
    - external_ipv4_address:
        address: 51.250.64.197
    ports:
    - "80"
  http:
    handler:
      http_router_id: ds7d7b14b3fs********
- name: teststreamlistener
  endpoints:
  - addresses:
    - external_ipv4_address:
        address: 51.250.64.197
    ports:
    - "443"
  stream:
    handler:
      backend_group_id: ds77tero4f5h********
allocation_policy:
  locations:
  - zone_id: il1-a
    subnet_id: e9bs1hp7lgdl********
  - zone_id: il1-b
    subnet_id: e2le8i7hqa21********
  - zone_id: il1-c
    subnet_id: b0cgk1au6fn2********
log_group_id: ckgs4u5km3u8********
security_group_ids:
- enp49ot04g63********
created_at: "2022-04-04T02:12:40.160629110Z"
log_options:
  log_group_id: e23p9bfjvsgr********
  discard_rules:
    - http_codes:
        - "200"
      http_code_intervals:
        - HTTP_3XX
      grpc_codes:
        - OK
      discard_percent: "90"

With Terraform, you can quickly create a cloud infrastructure in Nebius Israel and manage it using configuration files. They store the infrastructure description in HashiCorp Configuration Language (HCL). Terraform and its providers are distributed under the Business Source License.

For more information about the provider resources, see the documentation on the Terraform website.

If you change the configuration files, Terraform automatically determines which part of your configuration is already deployed and what should be added or removed.

If you do not have Terraform yet, install it and configure the Nebius Israel provider.

In the configuration file, describe the parameters of the resources you want to create:
```
resource "yandex_alb_load_balancer" "test-balancer" {
  name        = "<name_of_L7_load_balancer>"
  network_id  = "<network_ID>"
  security_group_ids = ["<security_group_ID>"]

  allocation_policy {
    location {
      zone_id   = "<availability_zone>"
      subnet_id = "<subnet_ID>"
    }
  }

  listener {
    name = "<listener_name>"
    endpoint {
      address {
        external_ipv4_address {
        }
      }
      ports = [ 9000 ]
    }
    http {
      handler {
        http_router_id = "<HTTP_router_ID>"
      }
    }
  }

  log_options {
    log_group_id = "<log_group_ID>"
    discard_rule {
      http_codes          = ["<HTTP_code>"]
      http_code_intervals = ["<HTTP_code_class>"]
      grpc_codes          = ["<gRPC_code>"]
      discard_percent     = <percentage_of_logs_to_discard>
    }
  }
}
```
Where:
- name: Name of the L7 load balancer. The name format is as follows:
  - The length can be from 3 to 63 characters.
  - It may contain lowercase Latin letters, numbers, and hyphens.
  - The first character must be a letter. The last character can't be a hyphen.
- network_id: Network ID.
- allocation_policy: Description of the L7 load balancer's node location. Specify the availability zone and subnet IDs.
- listener: Description of the L7 load balancer's listener parameters:
  - name: Name of the listener. The name format is as follows:
    - The length can be from 3 to 63 characters.
    - It may contain lowercase Latin letters, numbers, and hyphens.
    - The first character must be a letter. The last character can't be a hyphen.
  - endpoint: Description of the listener's addresses and ports. Set the external IPv4 address and port for receiving traffic. If the external_ipv4_address parameter is not set, a public IP address is assigned automatically.
  - http: Description of the listener's HTTP endpoint. Specify the HTTP router ID.
  - log_options: (Optional) Parameters for writing logs to Cloud Logging:
    - log_group_id: ID of the log group.
    - discard_rule: Rule for discarding logs:
      - http_codes: HTTP status codes.
      - http_code_intervals: Classes of HTTP status codes.
      - grpc_codes: gRPC codes.
      - discard_percent: Percentage of logs to discard.
      You can set multiple rules.
For more information about the yandex_alb_load_balancer resource in Terraform, see the provider documentation.
Make sure the configuration files are valid.
1. In the command line, go to the directory where you created the configuration file.
2. Run the check using this command:
```
terraform plan
```
If the configuration is described correctly, the terminal will display a list of created resources and their parameters. If the configuration contains any errors, Terraform will point them out.
Deploy cloud resources.
1. If the configuration does not contain any errors, run this command:
```
terraform apply
```
2. Confirm creating the resources: type yes in the terminal and press Enter.
  
  All the resources you need will then be created in the specified folder. You can check the new resources and their configuration using the management console or this CLI command:
```
yc alb load-balancer list
```

Use the create REST API method for the LoadBalancer resource or the LoadBalancer/Create gRPC API call.