Configuring Load Balancers

Overview

Configure load balancers across AWS (ALB, NLB), GCP (HTTP(S) LB, TCP/UDP LB), Nginx, and HAProxy. Generate production-ready configurations with health checks, SSL/TLS termination, path-based and host-based routing, sticky sessions, rate limiting, and traffic distribution rules for high-availability deployments.

Prerequisites

• Backend servers identified with IPs, DNS names, and ports
• Load balancer type determined: L4 (NLB, HAProxy TCP) or L7 (ALB, Nginx, HAProxy HTTP)
• SSL/TLS certificates available (ACM, Let's Encrypt, or self-signed) if using HTTPS
• Health check endpoints defined on backend services (e.g.,

  /health

  returning 200)
• Cloud provider CLI installed for managed load balancers (

  aws

  ,

  gcloud

  )

Instructions

1. Select load balancer type based on requirements: ALB for HTTP/HTTPS with path routing, NLB for TCP/UDP with static IPs, Nginx for on-prem reverse proxy, HAProxy for high-performance TCP/HTTP
2. Define the backend pool: list all backend server addresses, ports, and weights for weighted distribution
3. Configure health checks with appropriate interval (10-30s), timeout (5s), healthy threshold (3), and unhealthy threshold (2)
4. Set up SSL/TLS termination: configure certificates, redirect HTTP to HTTPS, set minimum TLS version to 1.2
5. Define routing rules: path-based routing (

   /api

   -> API pool,

   /static

   -> CDN), host-based routing (

   api.example.com

   -> API)
6. Enable session persistence (sticky sessions) using cookies or source IP affinity where needed for stateful applications
7. Add connection draining to gracefully handle backend removal during deployments
8. Configure logging and monitoring: access logs to S3/CloudWatch, request metrics, error rate dashboards
9. Test the configuration: validate syntax (

   nginx -t

   , HAProxy config check), verify traffic distribution, and confirm failover behavior

Output

• Nginx configuration files (

  nginx.conf

  , site configs) with upstream blocks and server directives
• HAProxy configuration (

  haproxy.cfg

  ) with frontend/backend sections
• Terraform HCL for AWS ALB/NLB with target groups, listeners, and rules
• GCP load balancer Terraform with backend services, URL maps, and health checks
• SSL certificate configuration and renewal automation

Error Handling

502 Bad Gateway

SSL certificate verify failed

openssl s_client

Target is unhealthy

nginx: configuration file test failed

nginx -t

Session persistence not working

Examples

• "Configure an AWS ALB with HTTPS listener, path-based routing to two target groups (/api and /web), and health checks on /health."
• "Generate an Nginx reverse proxy config with upstream servers, sticky sessions via cookie, and rate limiting at 100 req/s per IP."
• "Create a HAProxy configuration for TCP load balancing across 4 database read replicas with health checks and connection draining."

Resources

• Nginx load balancing: https://nginx.org/en/docs/http/load_balancing.html
• HAProxy configuration: https://www.haproxy.org/download/2.8/doc/configuration.txt
• AWS ALB: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/
• GCP Load Balancing: https://cloud.google.com/load-balancing/docs
• See

  ${CLAUDE_SKILL_DIR}/references/errors.md

  for additional error handling patterns