Using DigitalOcean Load Balancers
DigitalOcean load balancers provide a way to distribute requests for the same domain to multiple servers. For DigitalOcean load balancers to be useful to you, you must have the exact same app running on multiple servers.
When to Use DigitalOcean Load Balancers
DigitalOcean load balancers can be used when you have multiple backend app servers running the exact same app. Using a load balancer in this situation allows you to handle more traffic than even a single, extremely large server could handle and also provides for redundancy in case one of your app servers goes down.
Risks and Limitations of DigitalOcean Load Balancers
Using a load balancer increases the complexity of your server and app configuration as it requires using a separate database server, keeping all of your app servers running the same version of your code, configuring the load balancer, and customizing your servers to understand the load balancer's IP address is not the client address; all of this can make SSL configuration much more complicated and error-prone. If you aren't familiar with how to manage this complexity, you risk downtime and security problems by using a load balancer.
If you are not an experienced sysadmin, you should not use DigitalOcean load balancers.
Even if you are an experienced sysadmin, you should be aware of a few limitations of DigitalOcean load balancers:
- DigitalOcean load balancers are not free. The cost is $20/month per load balancer.
- AutoSSL cannot be used with load balancers as it will not work correctly when the same domain is running on multiple app servers.
- If using an HTTP/HTTPS load balancer, you must customize Nginx on your server to understand that the load balancer's address is not the originating client address of requests.
- DigitalOcean's TCP load balancers provide no way to indicate the originating client address to your server. When using DigitalOcean's TCP load balancers, all log files will show the load balancer address and your app's code will see the load balancer address as the requesting client address.
- According to DigitalOcean's documentation, using a DigitalOcean load balancer configured for SSL Termination is insecure since "traffic between the Load Balancer and backend still uses HTTP."
- DigitalOcean load balancers currently do not support IPv6.
- DigitalOcean load balancers can only load balance traffic to servers within a single data center.
Setting Up a DigitalOcean Load Balancer
When you're ready to get started with DigitalOcean load balancers, first configure your backend app servers.
Then, decide which type of DigitalOcean load balancer to use and carefully read the DigitalOcean documentation on how to create that type of load balancer:
- DigitalOcean TCP load balancers
- DigitalOcean HTTP/HTTPS load balancers with SSL passthrough
- DigitalOcean HTTP/HTTPS load balancers with SSL termination
Last updated: February 17, 2017