Dedicated Load Balancer Configuration
A MuleSoft Government Cloud dedicated load balancer enables you to route external HTTP and HTTPS traffic to multiple Mule applications deployed into MuleSoft Government Cloud workers inside a Virtual Private Cloud (VPC). Each MuleSoft Government Cloud dedicated load balancer is assigned to an Anypoint VPC, and that Anypoint VPC runs within a particular service region. The dedicated load balancer routes both external and VPC-internal traffic to MuleSoft Government Cloud workers deployed into that Anypoint VPC.
The MuleSoft Government Cloud load balancer redirects requests, where
myApp is the name of the Mule application deployment to MuleSoft Government Cloud:
HTTP requests to
HTTPS traffic to
The load balancer listens for outside requests over HTTPS and, by default, communicates internally with your worker over HTTP. If you configured your Mule application within the Anypoint VPC to listen on HTTPS, make sure
HTTPS when creating the mapping list using the
load-balancer mappings add command.
A MuleSoft Government Cloud dedicated load balancer provides an alternative domain name to route HTTP requests to Mule applications listening on port 8091 and HTTPS requests to Mule applications listening on port 8092. You can also use mapping rules to rename requests to the MuleSoft Government Cloud dedicated load balancer to a different Mule application domain name.
The MuleSoft Government Cloud dedicated load balancer exposes an external domain name that resolves to two public IP
addresses that are accessible from outside your MuleSoft Government Cloud Anypoint VPC network.
lb-name is the name you
gave the load balancer when you created it:
You can create a mapping rule to rename the Mule application, so it can be accessed through a different domain name.
For example, suppose you deploy a Mule application named myApp-myCompany-prod.cloudhub.io. MuleSoft Government Cloud domain names must be globally unique among every other MuleSoft Government Cloud customer and Mule application. A dedicated load balancer helps you hide this naming complexity within your corporate DNS domain name.
You can set a mapping rule in your dedicated load balancer so external clients can access the Mule application
In addition, you can set a CNAME record in your corporate DNS nameserver to map the
domain to your company’s "vanity" domain.
For example, suppose your company owns the DNS domain
example.com. You can create a CNAME record to route requests
myApp.lb-name.lb-gprod-rt.anypointdns.net. This hides the complexity of the MuleSoft Government Cloud domain name in the
The Government Cloud dedicated load balancer has an internal domain name that is used by applications and clients within Anypoint VPC.
The internal domain uses the following naming convention, in which
lb-name is the name you gave the load balancer
when you created it:
Each Dedicated Load Balancer has a DNS A record
lb-name.lb-gprod-rt.anypointdns.net that resolves to the two public
IP addresses of the two instances. Through your DNS provider, you can add a CNAME record pointing to this A record
and use your domain names to access it.
If you want your load balancer to manage all connections to your application but do not want your default domain name for your application publicly exposed, then each application must listen on HTTP port 8091 or 8092. Alternatively, you can create a custom mapping policy to redirect outside requests from your load balancer to your specific application.
The following graphic shows how a load balancer interacts between a VPC and Anypoint Platform.
Your load balancer listens for outside requests over HTTPS and, by default, communicates internally with your worker
over HTTP. If you configured your Mule application within Anypoint VPC to listen on HTTPS, you must
upstreamProtocol to HTTPS when creating the mapping list using the
load-balancer mappings add command.
The internal HTTP mode enables you to configure how HTTP requests are managed. They are silently ignored, mapped to HTTPS on the default SSL endpoint, or the URL is mapped directly to the corresponding HTTPS URL.
You can configure the Dedicated Load Balancer to pass request URIs unchanged or decoded:
If you select Keep URL encoding, the DLB passes only the %20 and %23 characters as is.
If you deselect Keep URL encoding, the DLB decodes the encoded part of the request URI before passing it to the MuleSoft Government Cloud worker.