When using the HAProxy driver, load balancers are implemented in one-arm mode. In the one-arm mode, a load balancer is not in the path of normal traffic to the pool members. The load balancer has a single interface for ingress and egress traffic to and from clients and pool members.
A logical diagram of a load balancer in one-arm mode can be seen in Figure 10.1:
In Figure 10.1, a load balancer is configured in one-arm mode and resides in the same subnet as the servers that it is balancing traffic to.
As a load balancer in one-arm mode is not the gateway for the pool members that it is sending traffic to, it must rely on the use of source NAT, or SNAT, to ensure that return traffic from the members to the client is sent back through the load balancer. An example of the traffic flow can be seen in Figure 10.2:
In Figure 10.2, the load balancer receives a request from the client and forwards it to WEB1
. The load balancer then modifies...