diff --git a/content/rancher/v2.x/en/installation/ha-server-install-external-lb/_index.md b/content/rancher/v2.x/en/installation/ha-server-install-external-lb/_index.md
index 68d71d48875..7d07a1bf8b9 100644
--- a/content/rancher/v2.x/en/installation/ha-server-install-external-lb/_index.md
+++ b/content/rancher/v2.x/en/installation/ha-server-install-external-lb/_index.md
@@ -1,5 +1,5 @@
---
-title: High Availability Installation with External Load Balancer
+title: High Availability Installation with External Load Balancer (HTTPS/Layer 7)
weight: 276
---
This set of instructions creates a new Kubernetes cluster that's dedicated to running Rancher in a high-availability (HA) configuration. This procedure walks you through setting up a 3-node cluster using the Rancher Kubernetes Engine (RKE). The cluster's sole purpose is running pods for Rancher. The setup is based on:
diff --git a/content/rancher/v2.x/en/installation/ha-server-install/_index.md b/content/rancher/v2.x/en/installation/ha-server-install/_index.md
index 31186b87a71..a0c82210974 100644
--- a/content/rancher/v2.x/en/installation/ha-server-install/_index.md
+++ b/content/rancher/v2.x/en/installation/ha-server-install/_index.md
@@ -1,11 +1,11 @@
---
-title: High Availability Installation
+title: High Availability Installation with External Load Balancer (TCP/Layer 4)
weight: 275
---
This set of instructions creates a new Kubernetes cluster that's dedicated to running Rancher in a high-availability (HA) configuration. This procedure walks you through setting up a 3-node cluster using the Rancher Kubernetes Engine (RKE). The cluster's sole purpose is running pods for Rancher. The setup is based on:
- Layer 4 load balancer (TCP)
-- Nginx ingress controller with SSL termination (HTTPS)
+- NGINX ingress controller with SSL termination (HTTPS)
@@ -93,28 +93,28 @@ The following diagram depicts the basic port requirements for Rancher. For a com
## 2. Configure Load Balancer
-We will be using Nginx as our Layer 4 Load Balancer (TCP). Nginx will forward all connections to one of your Rancher nodes.
+We will be using NGINX as our Layer 4 Load Balancer (TCP). NGINX will forward all connections to one of your Rancher nodes. If you want to use Amazon NLB, you can skip this step and use [Amazon NLB configuration]({{< baseurl >}}/rancher/v2.x/en/installation/ha-server-install/nlb/)
>**Note:**
-> In this configuration, the load balancer is positioned in front of your Linux hosts. The load balancer can be any host that you have available that's capable of running Nginx.
+> In this configuration, the load balancer is positioned in front of your Linux hosts. The load balancer can be any host that you have available that's capable of running NGINX.
>
>One caveat: do not use one of your Rancher nodes as the load balancer.
-### A. Install Nginx
+### A. Install NGINX
-Start by installing Nginx on your load balancer host. Nginx has packages available for all known operating systems.
+Start by installing NGINX on your load balancer host. NGINX has packages available for all known operating systems.
-For help installing Nginx, refer to their [install documentation](https://www.nginx.com/resources/wiki/start/topics/tutorials/install/).
+For help installing NGINX, refer to their [install documentation](https://www.nginx.com/resources/wiki/start/topics/tutorials/install/).
-### B. Create Nginx Configuration
+### B. Create NGINX Configuration
-After installing Nginx, you need to update the Nginx config file, `nginx.conf`, with the IP addresses for your nodes.
+After installing NGINX, you need to update the NGINX config file, `nginx.conf`, with the IP addresses for your nodes.
1. Copy and paste the code sample below into your favorite text editor. Save it as `nginx.conf`.
2. From `nginx.conf`, replace `IP_NODE_1`, `IP_NODE_2`, and `IP_NODE_3` with the IPs of your [Linux hosts](#1-provision-linux-hosts).
- **Example Nginx config:**
+ **Example NGINX config:**
```
worker_processes 4;
worker_rlimit_nofile 40000;
@@ -146,15 +146,15 @@ After installing Nginx, you need to update the Nginx config file, `nginx.conf`,
3. Save `nginx.conf` to your load balancer at the following path: `/etc/nginx/nginx.conf`.
-4. Load the updates to your Nginx configuration by running the following command:
+4. Load the updates to your NGINX configuration by running the following command:
```
# nginx -s reload
```
-### Option—Run Nginx as Docker container
+### Option - Run NGINX as Docker container
-Instead of installing Nginx as a package on the operating system, you can rather run it as a Docker container. Save the edited **Example Nginx config** as `/etc/nginx.conf` and run the following command to launch the Nginx container:
+Instead of installing NGINX as a package on the operating system, you can rather run it as a Docker container. Save the edited **Example NGINX config** as `/etc/nginx.conf` and run the following command to launch the NGINX container:
```
docker run -d --restart=unless-stopped \
diff --git a/content/rancher/v2.x/en/installation/ha-server-install/nlb/_index.md b/content/rancher/v2.x/en/installation/ha-server-install/nlb/_index.md
new file mode 100644
index 00000000000..bbdb1813d81
--- /dev/null
+++ b/content/rancher/v2.x/en/installation/ha-server-install/nlb/_index.md
@@ -0,0 +1,172 @@
+---
+title: Amazon NLB configuration
+weight: 277
+---
+## Objectives
+
+Configuring an Amazon NLB is a multistage process. We've broken it down into multiple tasks so that it's easy to follow.
+
+1. [Create Target Groups](#create-target-groups)
+
+ Begin by creating two target groups for the **TCP** protocol, one regarding TCP port 443 and one regarding TCP port 80 (providing redirect to TCP port 443). You'll add your Linux nodes to these groups.
+
+2. [Register Targets](#register-targets)
+
+ Add your Linux nodes to the target groups.
+
+3. [Create Your NLB](#create-your-nlb)
+
+ Use Amazon's Wizard to create an Network Load Balancer. As part of this process, you'll add the target groups you created in **1. Create Target Groups**.
+
+
+## Create Target Groups
+
+Your first NLB configuration step is to create two target groups. Technically, only port 443 is needed to access Rancher, but its convenient to add a listener for port 80 which will be redirected to port 443 automatically. The NGINX controller on the nodes will make sure that port 80 gets redirected to port 443.
+
+Log into the [Amazon AWS Console](https://console.aws.amazon.com/ec2/) to get started, make sure to select the **Region** where your EC2 instances (Linux nodes) are created.
+
+The Target Groups configuration resides in the **Load Balancing** section of the **EC2** service. Select **Services** and choose **EC2**, find the section **Load Balancing** and open **Target Groups**.
+
+
+
+Click **Create target group** to create the first target group, regarding TCP port 443.
+
+### Target Group (TCP port 443)
+
+Configure the first target group according to the table below. Screenshots of the configuration are shown just below the table.
+
+Option | Setting
+--------------------------------------|------------------------------------
+Target Group Name | `rancher-tcp-443`
+Protocol | `TCP`
+Port | `443`
+Target type | `instance`
+VPC | Choose your VPC
+Protocol
(Health Check) | `HTTP`
+Path
(Health Check) | `/healthz`
+Port (Advanced health check) | `override`,`80`
+Healthy threshold (Advanced health) | `3`
+Unhealthy threshold (Advanced) | `3`
+Timeout (Advanced) | `6 seconds`
+Interval (Advanced) | `10 second`
+Success codes | `200-399`
+
+
+**Screenshot Target group TCP port 443 settings**
+
+
+
+**Screenshot Target group TCP port 443 Advanced settings**
+
+
+
+
+Click **Create target group** to create the second target group, regarding TCP port 80.
+
+### Target Group (TCP port 80)
+
+Configure the second target group according to the table below. Screenshots of the configuration are shown just below the table.
+
+Option | Setting
+--------------------------------------|------------------------------------
+Target Group Name | `rancher-tcp-80`
+Protocol | `TCP`
+Port | `80`
+Target type | `instance`
+VPC | Choose your VPC
+Protocol
(Health Check) | `HTTP`
+Path
(Health Check) | `/healthz`
+Port (Advanced health check) | `traffic port`
+Healthy threshold (Advanced health) | `3`
+Unhealthy threshold (Advanced) | `3`
+Timeout (Advanced) | `6 seconds`
+Interval (Advanced) | `10 second`
+Success codes | `200-399`
+
+
+**Screenshot Target group TCP port 80 settings**
+
+
+
+**Screenshot Target group TCP port 80 Advanced settings**
+
+
+
+
+## Register Targets
+
+Next, add your Linux nodes to both target groups.
+
+Select the target group named **rancher-tcp-443**, click the tab **Targets** and choose **Edit**.
+
+
+
+Select the instances (Linux nodes) you want to add, and click **Add to registered**.
+
+
+**Screenshot Add targets to target group TCP port 443**
+
+
+
+
+**Screenshot Added targets to target group TCP port 443**
+
+
+
+When the instances are added, click **Save** on the bottom right of the screen.
+
+Repeat those steps, replacing **rancher-tcp-443** with **rancher-tcp-80**. The same instances need to be added as targets to this target group.
+
+## Create Your NLB
+
+Use Amazon's Wizard to create an Network Load Balancer. As part of this process, you'll add the target groups you created in [Create Target Groups](#create-target-groups).
+
+1. From your web browser, navigate to the [Amazon EC2 Console](https://console.aws.amazon.com/ec2/).
+
+2. From the navigation pane, choose **LOAD BALANCING** > **Load Balancers**.
+
+3. Click **Create Load Balancer**.
+
+4. Choose **Network Load Balancer** and click **Create**.
+
+5. Complete the **Step 1: Configure Load Balancer** form.
+ - **Basic Configuration**
+
+ - Name: `rancher`
+ - Scheme: `internet-facing`
+ - **Listeners**
+
+ Add the **Load Balancer Protocols** and **Load Balancer Ports** below.
+ - `TCP`: `443`
+
+ - **Availability Zones**
+
+ - Select Your **VPC** and **Availability Zones**.
+
+6. Complete the **Step 2: Configure Routing** form.
+
+ - From the **Target Group** drop-down, choose **Existing target group**.
+
+ - From the **Name** drop-down, choose `rancher-tcp-443`.
+
+ - Open **Advanced health check settings**, and configure **Interval** to `10 seconds`.
+
+7. Complete **Step 3: Register Targets**. Since you registered your targets earlier, all you have to do is click **Next: Review**.
+
+8. Complete **Step 4: Review**. Look over the load balancer details and click **Create** when you're satisfied.
+
+9. After AWS creates the NLB, click **Close**.
+
+## Add listener to NLB for TCP port 80
+
+1. Select your newly created NLB and select the **Listeners** tab.
+
+2. Click **Add listener**.
+
+3. Use `TCP`:`80` as **Protocol** : **Port**
+
+4. Click **Add action** and choose **Forward to...**
+
+5. From the **Forward to** drop-down, choose `rancher-tcp-80`.
+
+6. Click **Save** in the top right of the screen.
diff --git a/src/img/rancher/ha/nlb/add-targets-targetgroup-443.png b/src/img/rancher/ha/nlb/add-targets-targetgroup-443.png
new file mode 100644
index 00000000000..b9ab8276a2a
Binary files /dev/null and b/src/img/rancher/ha/nlb/add-targets-targetgroup-443.png differ
diff --git a/src/img/rancher/ha/nlb/added-targets-targetgroup-443.png b/src/img/rancher/ha/nlb/added-targets-targetgroup-443.png
new file mode 100644
index 00000000000..5912ecf0fa0
Binary files /dev/null and b/src/img/rancher/ha/nlb/added-targets-targetgroup-443.png differ
diff --git a/src/img/rancher/ha/nlb/create-targetgroup-443-advanced.png b/src/img/rancher/ha/nlb/create-targetgroup-443-advanced.png
new file mode 100644
index 00000000000..792ffb1e304
Binary files /dev/null and b/src/img/rancher/ha/nlb/create-targetgroup-443-advanced.png differ
diff --git a/src/img/rancher/ha/nlb/create-targetgroup-443.png b/src/img/rancher/ha/nlb/create-targetgroup-443.png
new file mode 100644
index 00000000000..6dcf3d3af92
Binary files /dev/null and b/src/img/rancher/ha/nlb/create-targetgroup-443.png differ
diff --git a/src/img/rancher/ha/nlb/create-targetgroup-80-advanced.png b/src/img/rancher/ha/nlb/create-targetgroup-80-advanced.png
new file mode 100644
index 00000000000..b053bba7b24
Binary files /dev/null and b/src/img/rancher/ha/nlb/create-targetgroup-80-advanced.png differ
diff --git a/src/img/rancher/ha/nlb/create-targetgroup-80.png b/src/img/rancher/ha/nlb/create-targetgroup-80.png
new file mode 100644
index 00000000000..7c6c1d747d3
Binary files /dev/null and b/src/img/rancher/ha/nlb/create-targetgroup-80.png differ
diff --git a/src/img/rancher/ha/nlb/ec2-loadbalancing.png b/src/img/rancher/ha/nlb/ec2-loadbalancing.png
new file mode 100644
index 00000000000..c9a31345ad5
Binary files /dev/null and b/src/img/rancher/ha/nlb/ec2-loadbalancing.png differ
diff --git a/src/img/rancher/ha/nlb/edit-targetgroup-443.png b/src/img/rancher/ha/nlb/edit-targetgroup-443.png
new file mode 100644
index 00000000000..40ecf3b3c99
Binary files /dev/null and b/src/img/rancher/ha/nlb/edit-targetgroup-443.png differ