Digital Ocean Load Balancer is a fully managed, fully network load balancing service. Load balancers distribute traffic to a group of Droplets, which decouples the overall health of the backend service from the health of a single server to ensure your services are online.
| Load balancer size | Cost | Maximum simultaneous connections | Maximum new SSL connections per second | It is recommended to use |
|---|---|---|---|---|
| Small | Call | 10000 | 250 | Stable websites and blogs with low to medium traffic |
| Medium | Call | 20000 | 500 | Transaction-oriented sites or services with medium traffic |
| Big | Call | 40000 | 1000 | Busy sites, services, or endpoints where high performance is essential |
There are no bandwidth charges for Digital Ocean load balancers because they are bandwidth neutral. In other words, the load balancer itself does not change the amount of data transferred by the Droplets. Bandwidth charges are based on the data transfer of the Droplets in the load balancer backend, subject to their own transfer limits.
Load balancers and Let’s Encrypt certificates are supported in every region. Droplets in a load balancer battery pool must be located in the same load balancer region.
Adding a load balancer to your infrastructure has many benefits.
Using a load balancer as a gateway allows you to change your backend infrastructure without impacting the availability of your services, enabling seamless horizontal scaling, rolling deployments, large architectural redesigns, and more.
Sharing the processing workload across a group of servers instead of relying on a single server prevents each device from being overwhelmed by requests.
Load balancing services like Digital Ocean Load Balancer give you the benefits of load balancing without the burden of managing operational complexities.
All Digital Ocean load balancers automatically monitor their backend pools and only forward requests to drops that pass health checks. You can define health check endpoints and set parameters for what constitutes a healthy response. The load balancer automatically removes drops that fail health checks from rotation and re-adds them when they pass health checks.
In addition, Digital Ocean load balancers are configured with auto-failover capability to maintain availability even in the event of a failure in the balancing layer.
There are two different ways to define internal drops for a load balancer:
By name, which allows you to add individual drops to the load balancer using the control panel or API.
With a tag, which the load balancer evaluates at runtime.
Tags are custom labels that you can apply to droplets.
You can select up to 10 internal drops by name. However, we recommend using tags as a more scalable automated solution. If you need to add more than 10 drops to the load balancer, you can use tags. You can apply the tag to the required number of drops and then add them to the load balancer. There is no limit to the number of Droplets you can use a label on. Adding or removing labels from Droplets automatically updates your load balancer by using the label.
You can use one label per load balancer.
The load balancer automatically connects to Droplets in your VPC network. If the Droplet’s private network interface is disabled, the load balancer connects to the Droplet using its public IP address when it is added to the load balancer. All Droplets created after October 1, 2020 are added to a VPC network by default.
Load balancers support two balancing algorithms: round-robin and least-connections.
Load balancers send traffic to Droplets using dynamic insert IP addresses separate from the public IP addresses displayed in the control panel. Insert IP addresses may change at any time and should not be used to configure firewalls.
A DigitalOcean Load Balancer can be configured to handle multiple protocols and ports. You can control traffic routing with configurable rules that control the ports and protocols that the load balancer should listen on, as well as how requests are selected and forwarded to backend servers.
SinceDigitalOcean Load Balancers are network load balancers, not application load balancers, they do not support directing traffic to specific backends based on URLs, cookies, HTTP headers, etc.
HTTP
Standard HTTP load balancers route requests based on standard HTTP mechanisms. The load balancer sets the X-Forwarded-For, X-Forwarded-Proto, and X-Forwarded-Port headers to provide information about the original request to the backend servers.
If the user sessions depend on the client always connecting to the same backend, a cookie can be sent to the client to enable the session to persist.
HTTPS and HTTP/2
You can balance secure traffic using HTTPS or HTTP/2. Both protocols can be used with:
SSL termination, which performs SSL decryption on the load balancer after adding the SSL certificate and private key. Your load balancer can also act as a gateway between HTTP/2 client traffic and HTTP/1.0 or HTTP/1.1 backend applications.
SSL passthrough, which sends encrypted traffic to your backend droplets. This is good for end-to-end encryption and distributing SSL decryption overhead, but you will need to manage SSL certificates yourself.
You can configure load balancers to redirect HTTP traffic on port 80 to HTTPS or HTTP/2 on port 443. That way, the load balancer can listen for traffic on both ports but forward unencrypted traffic for better security.
TCP BALANCING
TCP balancing is available for applications that don’t talk HTTP. For example, installing a load balancer in front of a database cluster like Galera allows you to distribute requests across all available machines.
DigitalOcean Load Balancer Let’s Encrypt certificates are fully managed and automatically renew on your behalf every 60 days. You can use SSL certificates with HTTPS and HTTP/2.
The PROXY protocol is a way to send client connection information (such as source IP addresses and port numbers) to the backend server instead of throwing it away at the load balancer. This information can be useful for use cases such as analyzing traffic logs or modifying application performance based on geographic IP.
Digital Ocean load balancers support version 1.1 of the PROXY protocol. Make sure to configure your backend services after enabling the PROXY protocol servers.
Let’s Encrypt Rate Limits:
۲۰ certificates per registered domain per week
۱۰۰ names per certificate
۵ duplicate domain certificates per week
If your certificate is not issued on the first attempt, we will automatically retry at 20-minute intervals for up to 3 times. After that, we will send an email to your account address to notify you that the certificate creation failed.
Let’s Encrypt SSL keys are limited to 2048 bits.
ITPIRANWith more than a decade of experience and with the aim of providing virtual servers, cloud servers, dedicated servers, web hosting, domain registration, SSL security certificates, Tepa Group officially began its activities in 2014. Tepa’s goal is to provide world-class quality services from reputable data centers in Iran, Asia, Oceania, Africa, Europe and America, and cloud and automated infrastructures, all of which are provided in accordance with national and international laws and e-commerce.
Phone: +98 2148682842
Phone: +1 (423) 463 0806
Support Ticket: Register Ticket
Email: info[at]itpiran.net
©۲۰۲۵ ITPIRAN. All rights reserved.
