# Load Balancers

Load balancers allow internal web services to be proxied through the Pritunl Cloud web server. Nodes that have the *Load Balancer* option enabled will provide access to the load balancer services. The IP address of the internal backend must be accessible to the node, this is typically the instance host IPv4 address or instance public IP address. The instance private IP address will not be accessible by the node.

### Configure Load Balancer

First the load balancer must be enabled on the node. This will require configuring DNS names for the admin web console. Once the node load balancer option is enabled it will need to be able to route requests based on the domain of the incoming request. For this example the `/etc/hosts` file will be used to quickly test the feature. Create a domain for the Pritunl Cloud admin web console and one for the load balancer web service.

```
sudo nano /etc/hosts
142.250.217.110 cloud.pritunl.com
142.250.217.110 web.pritunl.com
```

After DNS domains are configured enable the \*Load Balancer\* option in the node settings. Then set \*Admin Domain\* and optionally \*WebAuth Domain\* to the domain from the previous step.

<figure><img src="/files/RxAwSOctoUJnk439QT1G" alt="" width="338"><figcaption></figcaption></figure>

After saving this the web console must be accessed from the admin domain. Open this domain and log in again. If the web console has become inaccessible run the command `sudo pritunl-cloud reset-node-web`. Next the instance firewall must be updated to allow the node to access the web server. The load balancer allows accessing instances by the public IP or host IP. For this example the instance host IP address will be used. This is a host level network that provides networking between the host and all instances running on that same host. This network is always `198.18.84.0/22` and the host is always `198.18.84.1`. For this example a firewall rule in the pod spec will be used to allow `198.18.84.1/32` to access TCP port 80 on the pod deployments.

<figure><img src="/files/HMskOch1DQ408P5WwmRm" alt="" width="563"><figcaption></figcaption></figure>

Next get the host IP for each instance that will be added to the load balancer. This can be done by click *Hover to Expand* under *Networking* in the instance settings.

<figure><img src="/files/jyqAKUca84zxP6ayqPVk" alt="" width="377"><figcaption></figcaption></figure>

Next in the *Load Balancers* tab click *Create* and enable *Active*. Then set the *Datacenter* and set *External Domains* to the web domain from the earlier step. Then add each instance host IP to the *Internal Backends* and select an *Organization*. Then set *Health Check Path* to `/` then click *Create*.

<figure><img src="/files/xC8xaE9lX7VCvClJZGks" alt="" width="563"><figcaption></figcaption></figure>

After a few seconds the instances should show up with an online status under the *Backends* status.

<figure><img src="/files/MgCoku82FTCCA6Ka9Iol" alt="" width="563"><figcaption></figcaption></figure>

The web service should then be available on the external domain. Without any web certificates configured it will show a certificate error. This can be corrected by creating a certificate and adding it to the load balancer.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.pritunl.com/kb/cloud/components/balancers.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.