External Load Balancers
While Blossom provides built-in load balancing through Caddy (see Load Balancers), you can also use external load balancers from cloud providers. This is particularly useful when you want to leverage cloud-native features or have specific compliance requirements.
Example Cloud Providers
- Amazon Web Services (AWS) Application Load Balancer (ALB)
- DigitalOcean Load Balancer
- Hetzner Load Balancer
Configuration Steps
- Create your load balancer in your cloud provider’s console
- Point your load balancer to your Blossom web servers
- Update your DNS records to point to the load balancer’s address instead of your server
SSL/TLS Configuration
The simplest way to use an external load balancer is to create a “Custom Domain” that uses HTTP only. When using external load balancers, the Load Balancer manages the HTTPS cert and SSL termination.
- It’s simplest to configure Blossom custom domains in HTTP-only mode
- Set the load balancer to redirect HTTP to HTTPS
The overall flow:
Provider LB http -> Redirects to https -> Provider LB https (cert managed by Provider) -> plain http (allowed by you adding a custom domain)
- Note: Some providers allow you to upload your SSL certificate. Some support self-signed certs. It depends on what they’ve implemented.