Create Application Load Balancer (ALB)
Go to the "Networking > Load Balancers" tab.
Click on "Create Load Balancer > Application Load Balancer".
Fill in the following fields:
Load Balancer Name - a display name for your LB
Description
Region - select the region where you want to deploy your LB
VPC, Subnet - select the VPC and Subnet within which you want to place your LB
Security Group - Choose a security group for your LB. You can create a new security group with custom inbound/outbound rules for your LB, from the "Networking > Security Groups" tab. Learn how to create a security group.
Select a performance tier. We provide the following performance tiers:
Standard - 4 vCPUs, 8 GB RAM
Pro (coming soon) - 8 vCPUs, 16 GB RAM
A Standard ALB can support upto 10,000 simultaneous connections and 40,000 requests per second (RPS).
High Availability - Each load balancer is provisioned with High Availability (HA) by default. The load balancer is provisioned with 2 nodes (1 primary, 1 backup) for enhanced reliability and fault tolerance.
Add Listeners - You can add multiple listeners, each of which maps to 1 target group.
Fill in a display name, the protocol, and port number on which it listens for traffic.
Policies & Rules - An ALB can route requests according to their content, hence we have the option of adding a policy for each listener, and rules within the policy. A policy defines the action to take when all associated rules evaluate to true. Rules define the specific conditions (e.g., URL path, headers) to match client requests.
Fill in a display name for your policy.
Select the action to take when all rules evaluate to true:
Redirect to URL - Redirect all matching requests to a specified URL
Reject - Reject all matching requests.
Redirect to Pool - Forward all matching requests to the target group.
Add Rules - You can add multiple rules inside a listener's policy, of the following types:
Cookie
Routes requests based on specific cookie values. Useful for session-based routing or user personalisation (e.g., send users with a certain cookie to a specific backend).
File Type
Routes requests depending on the file extension in the URL (e.g., .jpg, .css, .mp4). Useful for separating static and dynamic content.
Header
Routes traffic based on HTTP header values. Ideal for routing based on user-agent, content-type, or custom headers set by the client.
Host Name
Routes requests based on the domain name in the request (e.g., api.example.com, app.example.com). Perfect for hosting multiple domains on one load balancer.
Path
Routes traffic according to the URL path (e.g., /api/*, /images/*). Commonly used to direct requests for different parts of an app to specific target groups.
SSL Connection (Has Certificate)
Checks whether the incoming SSL/TLS connection includes a valid certificate. Useful for enforcing secure client connections (mutual TLS).
SSL (Verify Result)
Routes based on the result of SSL certificate verification (valid/invalid). Allows you to handle unverified or expired certificates separately.
SSL Distinguished Name (DN) Field
Routes based on details within the SSL certificate’s Distinguished Name (e.g., Common Name or Organization). Useful in enterprise setups for identifying specific clients.
Select an appropriate comparator and fill in the value to compare against.
Pool Configuration -
Add a display name and protocol for your pool.
Select a load balancer algorithm appropriate for your needs.
Select a target group containing at least 1 active VM, for your pool.
Round Robin
Distributes requests evenly across all healthy targets — simple and effective for most workloads.
Least Connections
Sends new requests to the target with the fewest active connections — best for apps where requests vary in duration.
Source IP
Routes traffic based on the client’s IP address — ensures requests from the same client always go to the same target (session consistency).
Last updated
Was this helpful?