Cloudflare Load Balancing for Monitoring Origin Server Health and Automatic Failover

Sergi Isasi Product Manager

Cloudflare

Brady GentileProduct Marketing

Cloudflare

Speakers

// Agenda

• Housekeeping (1 Min.)• Cloudflare Overview (5 Min.)• Load Balancing Overview (10 Min.)• New and Upcoming Load Balancing Functionalities (5 Min.)• Dashboard Configuration Demo (10 Min.)• Load Balancing Case Study (2 Min.)• Q&A (5 Min.)• Special Announcement (1 Min.)

Housekeeping

● Stay to the end to get presentation slides and recording

● Ask questions in the “Questions” chat box in ReadyTalk

● We’ll triage all questions at the end of the presentation

● All attendees are muted

Cloudflare Differentiators

ScaleGlobal network to handle

legitimate or illegitimate traffic while delivering content closer

to visitors.

Ease-of-useUsers can easily and quickly

make fine-grained configurations to improve performance and security

posture.

Integrated Security & Performance

Improve performance through integrated traffic

acceleration and low-latency security services

// Scale of Cloudflare’s Network

119Data centers globally

Cloudflare’s Global Anycast Network

2xSpeeds up each request by

10%Internet requests

everyday

5MRequests/second

7M+ websites, apps, & APIs in 150+ countries

2.5B monthly active visitors generating 1.3 trillion page views

// Integrated Security & Performance

Security Threats

SYSTEM

DDoS AttackAttack traffic impacts availability or performance

Data Theft AttemptCompromise of sensitive customer data

BotsPrevent malicious bots from abusing site or application

Webpage

Performance Challenges

INFRASTRUCTURE

Unavailable ApplicationsOverloaded or unavailable infrastructure stop users from accessing applications

Slow Webpages, Applications, and API

Heavy pages and long distance from the origin slow down

webpages, applications, API Webpage

Mobile

Slow Mobile Sites and AppsMobile clients introduce performance and content delivery constraints that hurt user experience

Users

// Load Balancing Overview

Load Balancing Challenges

© 2017 Cloudflare Inc. All rights reserved. 12

Service Disruptions Increased Latency

No visibility into the availability of services

Traffic gets dropped

Servers are over-utilized

Traffic is routed to remote servers

Visitor

Americas

• Health checks with fast failover• Global and local load balancing

AmericanConsumers

EuropeanConsumers

Origin Pool

AsianConsumers

EuropeOrigin Pool

AsiaOrigin Pool

Configuration made simple• Easy configuration through Cloudflare’s

dashboard, or automation through a powerful API

DDoS Resilient Service• Anycast network that is 10X bigger than the

largest DDoS attack ever recorded ensures traffic continues to be routed even under stress

Global DNS Network• Health checks from each of Cloudflare’s

datacenters enables fast failover unbound by DNS propagation delays

Cloudflare Load Balancing

New Session Affinity Functionality

Persistent Sessions• Cloudflare Load Balancing with Session

Affinity directs all end-user requests of a session to a specific origin.

No Application Changes• Cloudflare handles session affinity by

setting a cookie with the initial response to the client. No changes to web applications are required.

Simple Configuration• Session affinity is enabled by checking a

box within the Load Balancing configuration panel in the Cloudflare dashboard.

Multi-Cloud with Cloudflare Load Balancing

Avoid Outages & Avoid Lock-In• Load Balancing can be used across multiple

cloud providers infrastructure to mitigate the impact of disruptions caused by a single provider or server.

Native Kubernetes Integration• The Cloudflare Warp Ingress Controller

connects Kubernetes ® and Cloudflare so that when spinning up new applications, scaling out existing applications, and shifting programs across cloud regions or cloud providers, Cloudflare remains a single pane of glass for setting security policies and monitoring traffic.

Coming Soon Load Balancing Event Logs

Review Event History• When did my Origin go down?• Was my Pool still healthy?• Why? (error codes)

Filter by Criteria• Status• Specific Pools or Origins

Reach out to Sergi@cloudflare.com for exclusive access to our beta program.

// Load Balancing Configuration Demo

Demo EnvironmentZone: lbdemo.cf

• Two Origins (Wordpress on DigitalOcean)• San Francisco: 192.241.231.141• London: 46.101.83.104

To be created:

• One LB for the entire zone• Two Pools, One Origin each• Layer 7 health checks w/ email notifications• Geo Routing for Western US and Western Europe

Challenges● International expansion brought latency issues in

delivering dynamic content from origin servers.

● New origin servers in Chicago and London

Cloudflare Solution● Failover ensures site resilience even when origin

servers go down.

● Geo-location based routing ensures that customers are routed to the closest possible origin servers for reduced latency.

● A Cloudflare Data Center delivers the vast majority of content, eliminating origin traffic and ensuring a good end user experience.

Active Solutions helps their customer, Great Rail

Journeys, extend their vacation platform globally

by using Cloudflare’s Load Balancing.

“The Failover feature of Load Balancing was important for us

because it ensures Great Rail Journeys’ customers don’t notice a difference in the case that a local

origin server goes down.”

-Nigel Hepworth, Managing Director, Active Solutions

Limited

https://www.cloudflare.com/case-studies/greatrailjourneys/

// Resources● Cloudflare Load Balancing Product Page https://www.cloudflare.com/load-balancing/

● Technical Blog Posting: Introducing Load Balancing & Intelligent Failover with Cloudflare https://blog.cloudflare.com/introducing-load-balancing-intelligent-failover-with-cloudflare/

● Great Rail Journeys Load Balancing Case Study https://www.cloudflare.com/case-studies/greatrailjourneys/

● Introducing the Cloudflare Warp Ingress Controller for Kubernetes https://blog.cloudflare.com/cloudflare-ingress-controller/

● Configure Load Balancing Walkthrough - Cloudflare Knowledge Base Article https://support.cloudflare.com/hc/en-us/articles/115000081911/

// Q&A

The FCC Wants to Kill Net Neutrality - Use Battle for the Net on Cloudflare Apps to Fight BackBecause the FCC is voting to strike down net neutrality on December 14th, the Battle for the Net app is once again live on Cloudflare Apps. Use it!

This app allows site owners to add a pop-up to their sites that will directly connect users to their respective US congresspeople so they may articulate their stance for net neutrality.