A Dedicated Load Balancer is an optional component of the Anypoint Platform. Unlike the Shared Load Balancer, this one gives greater flexibility and possibility to configure. In this article, you will find the answers to three questions: Why use a DLB? How does it work? And finally, how to configure it work with our domain.
Dedicated Load Balancer
The Shared Load Balancer translates our services like orders-xapi.us-e2.cloudhub.com to mule-worker-orders-xapi.us-e2.cloudhub.com. What if we would like to hide this address, make it more readable and client-friendly? MuleSoft Dedicated Load Balancer can help.
As in the diagram below, DLB comprises of two instances – at least. You can decide to use up to eight workers, but this depends on your entitlements.
The DLB translates the incoming traffic to one of HTTP, HTTPS, or Web Socket. The mapping is different from Shared LB. The traffic is routed to mule-woker-internal-[api-name].cloudhub.io. This means that your application listest internally on http.private.port or https.private.port. That is respectively 8091 and 8092
Using MuleSoft Dedicated Load Balancer has benefits such as:
- private, non-shared with others, Load Balancer
- hide CloudHub domain with your own
- distribute the load to your MuleSoft applications
- define certificates
- enable two-way client authentication
- supports Web Socket transport – how to expose web socket you can find in my article here
- set proxy rules that route the traffic to specific applications
In this section, we will focus on creating and configuring a Dedicated Load Balancer.
Our use case is depicted in the first diagram. We want to expose our APIs under the api.patrykbandurski.com domain for production applications and api-test.patrykbandurski.com for other environments.
The Dedicated Load Balancer is associated with specific VPC. I already have two VPCs. One for a production environment that is associated with my PROD environment and the second VPC for all other environments like DEV, SIT.
On the Create Load Balancer screen above, I named the load balancer api-lb and selected prod-vpc. This configuration will result in the following address to our services:
Assigning our domain
I want to hide the address to my MuleSoft DLB – api-pb.lb.anypointdns.net. Clients should use this one api.patrykbandurski.com. We can achieve this by adding a CNAME record on my domain. Here is, how I configured it:
We need to add public and private keys for our api.patrykbandurski.com domain. You can enable two-way SSL by uploading client certificates.
For each domain, you can define different routing rules. In the URL Mapping Rules section, you can adjust the routing mechanism. In the table below, you can see what rules I would like to implement.
This is a straightforward pattern as you can see, the incoming resource is part of the name of the Mule application. The simple mapping rule, matching my expectation, looks as follows:
In the DLB screen, you can see the certificate and associated domains. You can add as many domains as you need to.
After the CNAME was propagated, I can connect to my MuleSoft service via api.patrykbandurski.com. The configuration is relatively straightforward, and you should be able to do it without any significant difficulties. I didn’t want to make this article too long. That is the reason why the best practice you will find in the next article.