Load Balancing

The pattern: distribute incoming requests across N healthy backends. L4 (TCP-level) is fast and protocol-agnostic. L7 (HTTP-level) is content-aware (route by host, path, header) but more expensive. Health checks remove unhealthy backends; algorithms (round-robin, least-connections, IP-hash, weighted) trade simplicity for fairness.

The trade-off: smarts vs. cost. L4 LBs can do millions of QPS at minimal CPU. L7 LBs add useful features (TLS termination, path routing, header manipulation, retry policies, rate limiting) but cost CPU. Service meshes push L7 LB to the sidecar/ambient — every service-to-service call is L7-routed.

Deepens in Year 1 Phase 7: Kubernetes + GitOps — K8s Service + Ingress + kube-proxy iptables/IPVS rules are the concrete example. Earlier framing lands in Year 1 Phase 2: Networking, and load-balancer telemetry deepens again in Year 3 Phase 14: Observability + eBPF.

Related patterns

• service-discovery — how the LB learns which backends exist.
• routing-and-addressing — the layered substrate L4/L7 LBs sit on.
• service-mesh — pushes L7 LB into a sidecar/ambient layer per call.
• fault-isolation — health checks and circuit breakers are how an LB stops propagating failure.
• defense-in-depth — TLS termination and rate limiting at the LB are one layer of the stack.