By David Dymko, Technical Lead, Cloud Native Development
Vultr Load Balancers are a fully-managed solution to increase your application's reliability in seconds, without extra bandwidth charges. When you need to enable horizontal scaling with health monitoring and failover, deploy a Vultr Load Balancer through our customer portal or the Vultr API.
We've seen tremendous adoption of Load Balancers since our original launch, and we didn't stop development. We've listened to your feedback and continue to engage with our customer community to learn what features are most important to you.
Today we are excited to announce some new Load Balancer features that make them even more flexible, convenient, and powerful. These updates are available to all customers now, and we've automatically upgraded all your existing Load Balancers with these new capabilities.
The first significant upgrade is support for private networks. You can place your entire infrastructure on a private network and provide public ingress through the Load Balancer. Private Networking has been extremely useful for many customers. Adding private network support for Load Balancers enables many new service configurations you've requested.
FIGURE: Diagram of Private Network & Load Balancer
While private network support is helpful on its own, you can also combine it with our new firewall features to create many networking scenarios. Keep reading to see more examples.
Every application needs strong security protections. One best practice is to use firewall rules which restrict network traffic to selected IP addresses and ports. That's why we've added support for Vultr Firewalls to our Load Balancers in two different areas.
We've added an integrated firewall to the Vultr Load Balancer to simplify configuration. Now you can manage your forwarding rules and protect the backend instances with a firewall from a single control panel. And, just like the Vultr Firewall, the Load Balancer's firewall features a Cloudflare IP source so that you can target all Cloudflare IPs with a single firewall rule. The integrated firewall sits in front of the load balancer, protecting it and the instances behind it.
FIGURE: Diagram of Vultr Load Balancer With Integrated Firewall
If your situation requires a firewall behind the load balancer, we've made that easy too. We've added Load Balancers as a named source for Vultr Firewall rules. You can ensure that all connections to your instances originate from the Load Balancer and prevent direct connections from the internet.
FIGURE: Diagram of Vultr Firewall Load Balancer Aware
It's easy to place a Load Balancer in front of your compute instances. When you create a Vultr Firewall Rule, define one of your Load Balancers as the source. Any instance using this Vultr Firewall will accept traffic from the Load Balancer.
With these new Load Balancer features, you can create robust configurations for high availability. You can combine these features to configure one set of firewall rules for your Load Balancers on the private network and a different set of public firewall rules for the instances behind them.
For example, you may want to isolate web traffic to a private network and ensure it originates from Cloudflare while still allowing management access via SSH from a few select IPs on the public network.
FIGURE: Complete Diagram of Robust Configuration With Vultr Load Balancer For High Availability
You'll find these new features today in your customer portal. We've also updated our open source tools such as our Terraform provider and the Vultr API to support these new features. As part of this upgrade, we also refactored some code to preserve the great performance and reliability you expect from Vultr.
Vultr Load Balancers now give you greater control, flexibility, and security. With these upgrades, Load Balancers support custom health checks, multiple load balancing algorithms, sticky sessions, proxy protocol, SSL certificates, firewalls, and private networks. They continue to support all our server products, including Bare Metal, Cloud Compute, High Frequency Compute, and Dedicated Cloud.