External Load Balancers

While Blossom provides built-in load balancing through Caddy (see Load Balancers), you can also use external load balancers from cloud providers. This is particularly useful when you want to leverage cloud-native features or have specific compliance requirements.

Example Cloud Providers

  • Amazon Web Services (AWS) Application Load Balancer (ALB)
  • DigitalOcean Load Balancer
  • Hetzner Load Balancer

Configuration Steps

  1. Create your load balancer in your cloud provider’s console
  2. Point your load balancer to your Blossom web servers
  3. Update your DNS records to point to the load balancer’s address instead of your server

SSL/TLS Configuration

The simplest way to use an external load balancer is to create a “Custom Domain” that uses HTTP only. When using external load balancers, the Load Balancer manages the HTTPS cert and SSL termination.

  • It’s simplest to configure Blossom custom domains in HTTP-only mode
  • Set the load balancer to redirect HTTP to HTTPS

The overall flow:

Provider LB http -> Redirects to https -> Provider LB https (cert managed by Provider) -> plain http (allowed by you adding a custom domain)
  • Note: Some providers allow you to upload your SSL certificate. Some support self-signed certs. It depends on what they’ve implemented.

In this section: