47. Load Balancers and Horizontal Scaling in OCI: Configuring a 3‐Tier Architecture - Ayushi-srivastav/OCI GitHub Wiki

image

Step 1 : Create Database Subnet

Click on the Burger Menu in left side, select Networking than go to the Virtual Cloud Networking

Open Spoke VCN (Here my spoke VCN name is TEST_VCN)

click on Create subnet

image

Fill all the required details

image

image

image

and click on Create subnet (here we are creating subnet named db_subnet)

image

Now create Route table for database subnet (here we are creating Route table named db_RT)

image

image

and then create security list (here we are creating security list named db_SL)

image

image

In the ingress rule, we permit traffic flow from the application subnet to the database subnet by specifying the CIDR of the application subnet as the source and using TCP protocol on port 80.

image

In the egress rule, we permit traffic flow from the database subnet to the application subnet by specifying the CIDR of the application subnet as the destination and using all protocol.

And click on create.

image

Now update route table and security list in db_subnet

image

image

and after that, Remove default security list from db_subnet.

image

image

image

Next, we create an HTML file on both servers, Amazon1 and Amazon2, within the Application subnet.

image

image

Step 2 : Create Web Subnet

Next, we will create a subnet named Web_subnet within the spoke VCN, located in the Public subnet (here Test_VCN)

image

image

image

image

Now, we create Route table for web_subnet

image

In the Route Table (RT) for the web subnet, we permit incoming internet traffic through the Internet Gateway.

image

image

image

Now, create security list

In the ingress rule, we permit traffic flow from the Internet through Internet Gateway to the application subnet by specifying the CIDR 0.0.0.0/0 as the source and using TCP protocol on port 80.

image

In the egress rule, we permit traffic flow from the web subnet to the application subnet by specifying the CIDR of the application subnet as the destination and using TCP protocol on port 80.

image

And then update web subnet's route table and security list

image

image

and after that, Remove default security list from web_subnet.

image

image

Step 3 : create Load Balencers

Click on the Burger Menu in left side, select Networking than go to the Load Balencers

image

And click on create Load balencer

image

Fill all the details

image

image

image

image

image

image

image

image

image

Review all the details , and click on Submit.

image

image

image

image

"As shown in the screenshot below,

the load balancer has been created, but its overall health status is critical."

image

Step 4 : Fix Load Balancer's health

Next, we will create security list for Application subnet

image

In the ingress rule, we permit traffic flow from the web subnet to the application subnet by specifying the CIDR of the web subnet as the source and using TCP protocol on port 80.

image

In the egress rule, we permit traffic flow from the application subnet to the web subnet by specifying the CIDR of the application subnet as the destination and using all protocol.

image

And update SL in Application Subnet

image

image

Verify the health of the load balancer. If it remains in a critical state, proceed to check the status of the application. Run all the below commands

systemctl status httpd

If application is Dead, then run below command

systemctl start httpd

Check firewall status also

systemctl status firewalld

image

Next check and Add port in firewall

firewall-cmd --permanent --zone=public --add-port=80/tcp

systemctl restart firewalld

firewall-cmd --list-ports

image

As we can see, the load balancer's health is now OK. Therefore, we can proceed to open the application HTML file by entering the public IP from the load balancer.

image

The Application's Html file can open now

image

Apart from this, we will update the traffic flow from the application subnet to the database subnet for data collection by modifying the egress rule of the application security list.

In the egress rule, we permit traffic flow from the application subnet to the database subnet by specifying the CIDR of the database subnet as the destination and using TCP protocol on specific port. (Here we entered port 1521)

image

image

Step 5 : Horizontal Scaling

Access the Load Balancer, scroll down, and select the backend set.

image

Click on Add backends

image

Choose the server you wish to include, then click on Add

image

In the screenshot below, we can see that the added backend set is in critical health.

Let's resolve this issue.

image

Run all the below commands

systemctl status httpd

If application is Dead, then run below command

systemctl start httpd

Check firewall status also

systemctl status firewalld

Next check and Add port in firewall

firewall-cmd --permanent --zone=public --add-port=80/tcp

systemctl restart firewalld

firewall-cmd --list-ports

image

image

The load balancer's health is now OK.

image

We can also determine the amount of traffic each server in the backend set receives by adjusting the weight.

image

Here I am selecting 1:1

image

Therefore, we can proceed to open the application HTML file by entering the public IP from the load balancer.

image

The application's HTML files can now be opened one after the other.

image