edit diagrams

Author: ranbel

src/content/docs/cloudflare-one/connections/connect-networks/configure-tunnels/tunnel-availability/index.mdx

@@ -39,59 +39,7 @@ By design, replicas do not offer any level of traffic steering (random, hash, or
 
 - To provide additional points of availability for a single tunnel.
 - To allocate failover nodes within your network.
-- To update the configuration of a tunnel without downtime.
-
-### Deploy `cloudflared` replicas
-
-To deploy multiple instances of `cloudflared`, you can create and configure one tunnel and run it on multiple hosts. If your tunnel runs as a service, only one `cloudflared` instance is allowed per host.
-
-<Details header="Remotely-managed tunnels" open = {true} >
-
-1. To create a remotely-managed tunnel, follow the [dashboard setup guide](/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/).
-2. On the **Tunnels** page, select your newly created tunnel. The **Connectors** section shows all of the `cloudflared` instances for that tunnel.
-3. Select **Configure**.
-4. Select the operating system of the host where you want to deploy a replica.
-5. Copy the installation command and run it on the host.
-
-The new replica will appear on the **Connectors** list for the tunnel.
-
-</Details>
-
-<Details header="Locally-managed tunnels">
-
-1. To create a locally-managed tunnel, complete Steps 1 through 5 in the [CLI setup guide](/cloudflare-one/connections/connect-networks/do-more-with-tunnels/local-management/create-local-tunnel/).
-
-2. Run your newly created tunnel.
-
-   ```sh
-   cloudflared tunnel run <NAME>
-   ```
-
-   This will start a `cloudflared` instance and generate a unique `connector_id`.
-
-3. In a separate window or on another host, run the same command again:
-
-   ```sh
-   cloudflared tunnel run <NAME>
-   ```
-
-   This will initialize another `cloudflared` instance and generate another `connector_id`.
-
-4. Run `tunnel info` to show each `cloudflared` instance running your tunnel:
-
-   ```sh
-   cloudflared tunnel info <NAME>
-   ```
-
-This will output your tunnel UUID as well as two Connector IDs, one for each `cloudflared` process running your tunnel. With this command, you can also see that your tunnel is now being served by eight connections.
-
-</Details>
-
-You can run the same tunnel across various `cloudflared` processes for up to 100 connections (25 replicas) per tunnel. Cloudflare Load Balancers and DNS records can still point to the tunnel and its UUID. Traffic will be sent to all `cloudflared` processes associated with the tunnel.
-
-:::note[Deploy replicas in Kubernetes]
-For information about running `cloudflared` in a Kubernetes deployment, refer to the [Kubernetes guide](/cloudflare-one/connections/connect-networks/deployment-guides/kubernetes/).
-:::
+- To update the configuration of a tunnel [without downtime](/cloudflare-one/connections/connect-networks/downloads/update-cloudflared/#update-with-multiple-cloudflared-instances).
 
 ## Cloudflare Load Balancers
 
@@ -110,22 +58,19 @@ graph LR
     C -- Tunnel 2 --> cf2
 		subgraph F[Data center 2]
 				cf2[cloudflared <br> server]
-				subgraph pool2[Pool 2]
-       		S3[App server]
-        	S4[App server]
-				end
+       	S3[App server]
+        S4[App server]
 				cf2-->S3
 				cf2-->S4
     end
 		subgraph E[Data center 1]
 				cf1[cloudflared <br> server]
-				subgraph pool1[Pool 1]
-        	S1[App server]
-        	S2[App server]
-				end
+        S1[App server]
+        S2[App server]
 				cf1-->S1
 				cf1-->S2
     end
+
 ```
 
 ### When to use load balancers
@@ -135,12 +80,112 @@ graph LR
 - To get alerted when a tunnel reaches an inactive state.
 - To distribute traffic more evenly across your Cloudflare Tunnel-accessible origins or endpoints.
 
-### Public load balancer
-The DNS record (`UUID.cfargotunnel.com`) for each Cloudflare Tunnel can be used at the origin within the load balancer. You can then define traffic steering policies to determine how traffic should be routed to each tunnel.
 
+## Public load balancer
+
+Public load balancers steer traffic from the public Internet to your [published applications](/cloudflare-one/connections/connect-networks/routing-to-tunnel/).
 
 
-### Private load balancer
+e.g.
+I have a web application (HTTPS) that lives in my private network and I want to securely connect it to Cloudflare's network so that my users can use their browser to access the web application from anywhere in the world
+
+The DNS record (`UUID.cfargotunnel.com`) for each Cloudflare Tunnel can be used at the origin within the load balancer.
+
+### Scenario 1: One tunnel per app server
+```mermaid
+graph LR
+		subgraph LB["Public load balancer <br> app.example.com "]
+			subgraph P1[Pool 1]
+				E1(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app1.example.com"])
+			end
+			subgraph P2[Pool 2]
+				E2(["**Endpoint:** &lt;UUID_2&gt;.cfargotunnel.com<br> **Host header**: app2.example.com"])
+			end
+		end
+		R@{ shape: text, label: "app.example.com" }
+		R--> LB
+    P1 -- Tunnel 1 --> cf1
+    P2 -- Tunnel 2 --> cf2
+		subgraph D2[Private network]
+			cf1[cloudflared <br> **Route:** app1.example.com]
+			S1(["App1<br> 10.0.0.1:80"])
+			cf1-->S1
+			cf2[cloudflared <br> **Route:** app2.example.com]
+			S3(["App2 <br> 10.0.0.2:80"])
+			cf2-->S3
+		end
+```
+
+Only valid for active-standby setups, since each pool has only one endpoint.
+
+
+### Scenario 2: Two tunnels, each tunnel connects to both apps
+
+```mermaid
+graph LR
+		subgraph LB["Public load balancer <br> app.example.com "]
+			subgraph P1[Pool 1]
+				E1(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app1.example.com"])
+				E2(["**Endpoint:** &lt;UUID_2&gt;.cfargotunnel.com<br> **Host header**: app2.example.com"])
+			end
+			subgraph P2[Pool 2]
+				E3(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app1.example.com"])
+				E4(["**Endpoint:** &lt;UUID_2&gt;.cfargotunnel.com<br> **Host header**: app2.example.com"])
+			end
+		end
+		R@{ shape: text, label: "app.example.com" }
+		R--> LB
+    E1 -- Tunnel 1 -->cf1
+		E3 -- Tunnel 1 --> cf1
+		E2 -- Tunnel 2 --> cf2
+		E4 -- Tunnel 2 --> cf2
+
+		subgraph N[Private network]
+			cf2[cloudflared <br> **Route:** app1.example.com <br> **Route:** app2.example.com]
+			S3(["App1 <br> 10.0.0.1:80"])
+			cf2-->S3
+			cf2-->S1
+			cf1[cloudflared <br> **Route:** app1.example.com <br> **Route:** app2.example.com]
+			S1(["App2 <br> 10.0.0.2:80"])
+			cf1-->S1
+			cf1-->S3
+		end
+```
+
+good for an [Active-active](/load-balancing/load-balancers/common-configurations/#active---active-failover) setup which distributes traffic to endpoints in the same pool
+
+### Scenario 3: One tunnel for both apps
+
+```mermaid
+graph LR
+		subgraph LB["Public load balancer <br> app.example.com "]
+			subgraph P1[Pool 1]
+				E1(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app1.example.com"])
+			end
+			subgraph P2[Pool 2]
+				E2(["**Endpoint:** &lt;UUID_1&gt;.cfargotunnel.com<br> **Host header**: app2.example.com"])
+			end
+		end
+		R@{ shape: text, label: "app.example.com" }
+		R--> LB
+    P1 -- Tunnel 1 --> cf1
+		P2 -- Tunnel 1 --> cf1
+		subgraph D2[Private network]
+		  cf1@{ shape: processes, label: "cloudflared <br> **Route:** app1.example.com <br> **Route:** app2.example.com" }
+			S3(["App1 <br> 10.0.0.1:80"])
+			S1(["App2 <br> 10.0.0.2:80"])
+			cf1-->S1
+			cf1-->S3
+		end
+```
+
+Only valid for active-standby setups, since each pool has only one endpoint.
+
+Note: A single origin pool in LB can't have the same Tunnel GUID referenced twice
+
+Deploy replicas for redundancy
+
+## Private load balancer
 
 You can use Cloudflare Private Network Load Balancing to distribute traffic across private endpoints connected via Cloudflare Tunnel. Common use cases include:
 
@@ -176,4 +221,7 @@ graph LR
 			cf1-->S1
 			cf1-->S2
 		end
+
+		style E stroke-width:2px,stroke-dasharray: 5 5
+		style F stroke-width:2px,stroke-dasharray: 5 5
 ```