Skip to main content

New Enhancements to Linode Object Storage and NodeBalancers

Bring Your Own SSL on Linode Object Storage and Proxy Protocol on NodeBalancers

Linode released two significant feature updates to two of our most popular add-on services: Linode Object Storage and NodeBalancers. Now you can add your own SSL/TLS certificate to your Object Storage bucket and enable Proxy Protocol on NodeBalancers.

Bring Your Own SSL Certificate to Linode Object Storage

Linode Object Storage uses a default TLS certificate to encrypt data in transit, so objects can be easily shared via URL. With our recent release, you can import your own TLS/SSL certificates to customize the domain used to point to your bucket and better align object storage with your website, company, or brand.

Get started by creating an Object Storage Bucket in Cloud Manager
Create an Object Storage bucket reference screenshot.

After creating your bucket, go through the process of configuring your DNS to get the CNAME record that should point to your bucket. In the bucket settings, you’ll see the space to enter the certificate and private key.

Add a SSL/TLS reference screenshot.

Once this information is added, the SSL certificate you imported will be used instead of the default certificate.

You can also upload SSL/TLS certificates via the Linode CLI and Linode API.

New to Object Storage? Follow our introductory How to Use Object Storage guide.

In addition to adding your own certificates, you can now add bucket level access instead account-level access to your Object Storage service with Limited Access Key Pairs.

Use Proxy Protocol with NodeBalancers

Linode is excited to release an update to improve our load balancing service, NodeBalancers. NodeBalancers can be added for just $10 per month to more efficiently distribute traffic to maintain a website or application’s performance.

You can enable Proxy Protocol version 1 or version 2 on your NodeBalancers. This enables TCP client connection information to be received by your load balanced backend servers. Without this feature, your backend servers only receive connection information from the NodeBalancers themselves.

Proxy Protocol diagram illustrating how source IPs are transmitted to backend servers when ProxyProtocol is enabled for NodeBalancers.

This update is useful for workloads that rely on IP allowlists, applications that use geographic data, and any service that requires knowledge of the originating client IP address. For example, a Proxy Protocol v1 header includes the following details:

PROXY TCP4 192.168.1 203.0.113.2 56147 80

This header includes the connection protocol, client IP address, NodeBalancer IP address, client origin port, and the NodeBalancer port.

Proxy Protocol is also now supported on Linode Kubernetes Engine. Any cluster using NodeBalancers to expose their resources can make use of Proxy Protocol with the linode-loadbalancer-proxy-protocol annotation.

Follow the guide to configure Proxy Protocol for your NodeBalancers.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *