Skip to content

Commit 13c7b46

Browse files
ranbelranbel
committed
update diagrams
1 parent dfafed5 commit 13c7b46

File tree

1 file changed

+29
-50
lines changed

1 file changed

+29
-50
lines changed

src/content/docs/cloudflare-one/connections/connect-networks/routing-to-tunnel/public-load-balancers.mdx

Lines changed: 29 additions & 50 deletions
Original file line numberDiff line numberDiff line change
@@ -13,48 +13,61 @@ Unlike publicly routable IP addresses, the subdomain will only proxy traffic for
1313

1414
The DNS record (`UUID.cfargotunnel.com`) for each Cloudflare Tunnel is the load balancer endpoint address. Host header is required for tunnel endpoints.
1515

16-
### Option 1: One tunnel per app
16+
## Common architectures
17+
18+
### One tunnel per region
1719
```mermaid
1820
graph LR
1921
subgraph LB["Public load balancer <br> app.example.com "]
2022
subgraph P1[Pool 1]
21-
E1(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app1.example.com"])
23+
E1(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: server1.example.com"])
2224
end
2325
subgraph P2[Pool 2]
24-
E2(["**Endpoint:** &lt;UUID_2&gt;.cfargotunnel.com<br> **Host header**: app2.example.com"])
26+
E2(["**Endpoint:** &lt;UUID_2&gt;.cfargotunnel.com<br> **Host header**: server2.example.com"])
2527
end
2628
end
2729
R@{ shape: text, label: "app.example.com" }
2830
R--> LB
2931
P1 -- Tunnel 1 --> cf1
3032
P2 -- Tunnel 2 --> cf2
3133
subgraph D2[Private network]
32-
cf1[cloudflared <br> **Route:** app1.example.com]
33-
S1(["App1<br> 10.0.0.1:80"])
34+
subgraph r1[Region eu-west]
35+
cf1@{ shape: processes, label: "cloudflared <br> **Route:** server1.example.com" }
36+
S1(["Server 1<br> 10.0.0.1:80"])
3437
cf1-->S1
35-
cf2[cloudflared <br> **Route:** app2.example.com]
36-
S3(["App2 <br> 10.0.0.2:80"])
38+
end
39+
subgraph r2[Region us-east]
40+
cf2@{ shape: processes, label: "cloudflared <br> **Route:** server2.example.com" }
41+
S3(["Server 2 <br> 10.0.0.2:80"])
3742
cf2-->S3
43+
end
3844
end
45+
46+
style r1 stroke-dasharray: 5 5
47+
style r2 stroke-dasharray: 5 5
3948
```
4049

4150
Only valid for active-standby setups, since each pool has only one endpoint.
4251

43-
### Option 2: Two tunnels, each tunnel connects to both apps
52+
Note: A single origin pool in LB can't have the same Tunnel GUID referenced twice
53+
54+
Deploy replicas for server redundancy. replicas operate in pooled mode.
55+
56+
### Multiple apps per tunnel
4457

4558
```mermaid
4659
graph LR
47-
subgraph LB["Public load balancer <br> app.example.com "]
48-
subgraph P1[Pool 1]
60+
subgraph LB["Public load balancer <br> lb.example.com"]
61+
subgraph P1[Pool for App 1]
4962
E1(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app1.example.com"])
50-
E2(["**Endpoint:** &lt;UUID_2&gt;.cfargotunnel.com<br> **Host header**: app2.example.com"])
63+
E2(["**Endpoint:** &lt;UUID_2&gt;.cfargotunnel.com<br> **Host header**: app1.example.com"])
5164
end
52-
subgraph P2[Pool 2]
53-
E3(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app1.example.com"])
65+
subgraph P2[Pool for App 2]
66+
E3(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app2.example.com"])
5467
E4(["**Endpoint:** &lt;UUID_2&gt;.cfargotunnel.com<br> **Host header**: app2.example.com"])
5568
end
5669
end
57-
R@{ shape: text, label: "app.example.com" }
70+
R@{ shape: text, label: "app1.example.com <br> app2.example.com" }
5871
R--> LB
5972
E1 -- Tunnel 1 -->cf1
6073
E3 -- Tunnel 1 --> cf1
@@ -63,11 +76,11 @@ graph LR
6376
6477
subgraph N[Private network]
6578
cf2[cloudflared <br> **Route:** app1.example.com <br> **Route:** app2.example.com]
66-
S3(["App1 <br> 10.0.0.1:80"])
79+
S3(["App 1 <br> 10.0.0.1:80"])
6780
cf2-->S3
6881
cf2-->S1
6982
cf1[cloudflared <br> **Route:** app1.example.com <br> **Route:** app2.example.com]
70-
S1(["App2 <br> 10.0.0.2:80"])
83+
S1(["App 2 <br> 10.0.0.2:80"])
7184
cf1-->S1
7285
cf1-->S3
7386
end
@@ -76,40 +89,6 @@ graph LR
7689
good for an [Active-active](/load-balancing/load-balancers/common-configurations/#active---active-failover) setup which distributes traffic to endpoints in the same pool
7790
Active-active uses all available instances to process requests simultaneously, providing better performance and scalability by load-balancing traffic across them
7891

79-
### Option 3: One tunnel for both apps
80-
81-
```mermaid
82-
graph LR
83-
subgraph LB["Public load balancer <br> app.example.com "]
84-
subgraph P1[Pool 1]
85-
E1(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app1.example.com"])
86-
end
87-
subgraph P2[Pool 2]
88-
E2(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app2.example.com"])
89-
end
90-
end
91-
R@{ shape: text, label: "app.example.com" }
92-
R--> LB
93-
P1 -- Tunnel 1 --> cf1
94-
P2 -- Tunnel 1 --> cf1
95-
subgraph D2[Private network]
96-
cf1@{ shape: processes, label: "cloudflared <br> **Route:** app1.example.com <br> **Route:** app2.example.com" }
97-
S3(["App1 <br> 10.0.0.1:80"])
98-
S1(["App2 <br> 10.0.0.2:80"])
99-
cf1-->S1
100-
cf1-->S3
101-
end
102-
```
103-
104-
Only valid for active-standby LB setups, since each pool has only one endpoint.
105-
106-
Easier to manage if all apps are in the same physical location. Recommend Option 1 if apps are in different geographic locations.
107-
108-
Note: A single origin pool in LB can't have the same Tunnel GUID referenced twice
109-
110-
Deploy replicas for server redundancy. replicas operate in pooled mode.
111-
112-
11392

11493
## Add a tunnel to a load balancer pool
11594

0 commit comments

Comments
 (0)