Create and manage target group

Creating and managing target groups, including creation, listing, updating information, and connecting listeners, are described below.

Create target group

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Click the [Create target group] button in the upper right corner.

3. In the Step 1: Configure target group screen, enter the settings and click the [Next] button.

   Step 1. Create target group

   Category	Item	Description
   Load balancer	Availability Zone (AZ)	Select from the available AZs in the project
   	Load balancer	Provides a list of all Load Balancers in the selected availability zone
   	Listener	Provides a list of all Listeners for the selected load balancer and the option 'No Listener'
   Basic information	Target group name	The target group name
   	Protocol	Selectable target group protocol based on listener protocol - TCP Listener: HTTP, TCP - UDP Listener: UDP
   	Algorithm	- Round Robin: Distributes traffic sequentially among targets in the target group - Least connections: Distributes traffic preferentially to targets with fewer connections - Source IP Hash: Ensures that traffic from the same client IP header always goes to the same target
   	Sticky session	Can be set to use or not use only in the following Listener x target group combinations (TLS Listener is not supported) - TCP x TCP, UDP x UDP - Otherwise: 'Not Used' (Disabled)
   	Sticky session type	Selectable types based on Listener x target group combinations - TCP x TCP: Source IP - UDP x UDP: Source IP
   	Stickiness duration	Activated only when using Sticky Sessions (HTTP Cookie, App Cookie) - Integer between 1 and 604800 (Default: 3600 seconds for HTTP Cookie, 360 seconds for others)
   	Cookie name	Activated only when using Sticky Sessions (App Cookie) - The name of the App cookie used by the user's application must be entered - Allowed characters: Alphabets, numbers, and some special characters (! # $ % ^ & _ * + ~ -) - Allowed length: 1-255 characters
   	Sticky IP-netmask	Activated only when using Sticky Sessions (Source IP) - Entered in IPv4 address format only (Default: 255.255.255.255)
   Health check	Health check	Enable or disable health check
   	Type	Selectable types based on target group protocol - HTTP target group: HTTP, PING - TCP target group: PING, TCP - UDP target group: TCP, HTTP
   	HTTP method	- Set only if the health check type is HTTP - Choose from CONNECT, DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT, TRACE
   	HTTP version	- Set only if the health check type is HTTP - Choose from 1 or 1.1
   	HTTP status code	- Set only if the health check type is HTTP - Enter a single code, comma-separated multiple codes, or a range of codes specified by hyphens (-)
   	Check path	Enter in URL format
   	Check interval	Integer between 1 and 3600 (Default: 30 seconds) - Must be greater than the timeout
   	Timeout	Integer between 1 and 900 (Default: 5 seconds) - Must be less than the check interval
   	Transition criteria (success)	Integer between 1 and 10 (Default: 5)
   	Transition criteria (failure)	Integer between 1 and 10 (Default: 2)

   info

   If the algorithm is Source IP Hash, traffic from a single source will always be directed to the same target, so there is no need for Sticky Session configuration. Sticky session settings are required for specifying the duration of the session; thus, using Source IP Hash is recommended if you want to maintain the session consistently.

4. In the Step 2: Add targets screen, you can add resources as targets that are in the same AZ and Virtual Private Cloud (VPC) as the selected Load Balancer.

5. Select the instances to add as targets and enter the port number.

6. Click the [Add target] button.

   caution

   DSRNLB requires that the port number of the connected Listener matches the port number of the target group's targets. target groups already connected to another Listener cannot be connected to a different Listener. Additionally, all targets in a target group must have the same port number configured.

7. After adding targets, click the [Next] button.

8. In the Step 3: Review screen, review the settings and click the [Create] button.

info

• After creating a target group, you need to set the target's security group. Go to Target Group > Target tab and check the Health check IP address and add the IP address to the security group inbound policy of the target.
• The IP address is used as a service port, so even if you do not use health check, you must open it through the inbound policy settings.

Manage target group

You can modify or delete existing target groups, or add new targets from the target group details screen.

View list of target groups

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Review the list of target groups.

   Category	Description
   Target group name	Displays the name and ID assigned at creation
   Provisioning status	Information on whether the target group has been created successfully or if modification or deletion is in progress
   Operating status	Information on whether the created target group is in an operational state
   Protocol	The protocol used for routing traffic to targets
   Load balancer	The name and ID of the load balancer connected to the target group
   VPC	The name and ID of the VPC containing the load balancer
   [More] icon	Provides options for renaming, listener connection settings, algorithm settings, etc

View target group details

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Select a target group to.

3. In the details screen, you can check detailed information, targets, health check, and attributes.

   Target group details

   Category	Description
   Details	View detailed information of the target group
   Targets	View the list of added targets and detailed information of each target
   Health check	View health check settings
   Attributes	View attributes of the target group

Rename target group

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Click the [More] icon > Rename target group.

3. In the popup, enter the new name and click the [Rename] button.

Delete target group

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Click the [More] icon > select Delete target group.

3. In the popup, enter the confirmation text and click the [Delete] button.

Configure listener connection

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Click the [More] icon and select Configure listener connection.

3. In the popup, change the connection settings and click the [Apply] button.

   Target group - Listener connection

caution

A target group in DSRNLB can only be connected to a single listener created on one DSRNLB.

Set algorithm

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..
2. Click the [More] icon > select Set algorithm.
3. In the popup, change the algorithm and click the [Apply] button.

Configure target

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Click the target group where you want to change the target settings.

3. In the details screen, click the Target tab, then click the [Configure target] button.

4. In the popup, review the registered targets and delete or add targets as needed, then click the [Apply] button.

   caution

   • All targets in a single target group must be set to the same port number.
   • When using DSRNLB, the load balancer and target Instances must exist within the same Subnet.

Set traffic weight

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Select the target group to change the traffic weight settings.

3. In the details screen, click the Target tab, then click the [Set traffic weight] button.

4. In the popup, change the weights and click the [Set] button.

   • Traffic weight can be entered as integers between 0 and 256.
   • Weights are converted to a weight conversion value using the following formula:
     • Weight Conversion: (Weight/256)*100 (rounded up to the nearest tenth)
     • Ratio: Weight Conversion / Sum of Weight Conversions

Set health check

info

To perform a successful health check with DSRNLB, additional settings for target Instances are required. Refer to Configure target instance for more details.

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Select the target group to change the health check settings.

3. In the details screen, click the Health check tab, then click the [Configure health check] button.

4. In the popup, change the health check status or settings.

   Configure health check

   Category	Description
   Target group	The name of the current target group
   Protocol	Types selectable based on the target group's protocol - HTTP target group: HTTP, PING - TCP target group: PING, TCP - UDP target group: TCP, HTTP
   Health check Status	Type: Type of health check - PING: Sends packets to the target and checks the response (ICMP Ping) - HTTP: Sends packets to the configured path and checks the response - HTTPS: Checks the response for targets using certificates in the same way as HTTP - TCP: Checks the target's state using TCP Protocol ports
   	Interval: Target health check interval (seconds) - 1~3600 seconds
   	Timeout: Maximum waiting time for a delayed response from the target (seconds) - If the specified time is exceeded, the communication with the target is considered failed - Set to a value less than the interval - 1~900 seconds
   	Transition criteria (success): Number of consecutive successful health checks required to consider a target healthy
   	Transition criteria (failure): Number of consecutive failed health checks required to consider a target unhealthy and exclude it from traffic distribution

5. If the health check type is HTTP or HTTPS, additional attributes can be set.

   Category	Description
   HTTP method	Choose from GET, HEAD, OPTIONS, POST, PUT, TRACE, PATCH, DELETE, CONNECT
   HTTP version	Choose from 1.0 or 1.1
   HTTP status code	Set the expected HTTP status codes for responses from the target - If the target responds with the user-configured HTTP status code, the health check is considered successful - Example of single status code: 200, 201 - Example of multiple status codes: 201, 202, 401, 402 - Example of range: 200-500
   Check path	Enter the path for the health check in URL format

6. Click the [Apply] button.

caution

If the target of the target group uses SELinux options provided by newer CentOS distributions like CentOS 8 Stream, SELinux will block shell_exec_t calls. Therefore, PING type health checks will not function.

Set sticky session

Sticky Sessions can be configured for some target groups depending on the Listener and target group protocol.

Sticky session options by listener and target group protocol

Target group\Listener	HTTP	HTTPS	TCP	UDP
HTTP	HTTP Cookie, App Cookie	X	X	X
HTTPS	X	X	X	X
TCP	X	X	Source IP	X
UDP	X	X	X	Source IP
PROXY	X	X	X	X

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Select the target group to change the sticky session settings.

3. In the detail screen, click the Attributes tab and then click the [Configure sticky session] button.

4. In the popup, change the settings and click the [Apply] button.

Configure target instance

To use DSRNLB correctly, additional settings are required for the target instances based on their operating system. Create the instances to be used as targets beforehand, then perform the following tasks. Failure to do so will result in unsuccessful health checks.

Disable source/destination check

1. Go to KakaoCloud Console > Virtual Machine > Instance menu.

2. Click the [More] icon and select Change source/destination check.

3. In the popup, select Disable source/destination check and click the [Complete] button.

   caution

   • Instances set to disable source/destination checks will receive all packets that do not have themselves as the destination. To minimize security risks, configure the security group policies in detail.
     
   • To use DSRNLB, the security group of the target instance must allow inbound traffic from DSRNLB's private IP and Listener port number.

Configure network on target instance

Using DSRNLB requires additional network configuration on the target instance based on its operating system, including Address Resolution Protocol (ARP) settings and Loopback address settings.

Linux Operating Systems

1. Connect to the target instance via SSH.

2. Enter the following commands. <private_ip_of_dsrnlb> is the private IP address of the DSRNLB associated with this target group (e.g., 10.0.3.49).

   caution

   The following commands must be executed with root privileges. Switch to root using the sudo -i command before running these commands.

   Network Configuration

   sysctl -w net.ipv4.conf.all.arp_ignore=1
   sysctl -w net.ipv4.conf.all.arp_announce=2
   ip a del 127.0.0.1 dev lo
   ip a add <private_ip_of_dsrnlb>/32 dev lo
   ip link set dev lo up
   How to maintain settings after reboot

   For the above configuration, you will need to reapply the settings every time the instance is rebooted. To ensure the settings are maintained after a reboot, additional steps are required. For detailed instructions, please refer to Set up crontab to automatically run scripts at boot.

Set up crontab to automatically run scripts at boot

For Linux operating systems, the settings you previously configured will be reset and need to be reapplied when the instance is rebooted. To ensure the settings are applied after a reboot, you can save the configuration steps as a script file and use the crontab command to execute this script at boot.

1. Open the crontab file with the following command:

   Open Crontab File

   crontab -e

2. Add a line to the file using the @reboot expression to automatically execute the code at reboot.

   Add Code to Run at Reboot

   @reboot sh /<file_directory>/<file_name>

   Parameter	Description
   <file_directory>	Path where the executable file is located
   <file_name>	Name of the shell script file to be executed at boot - Example: @reboot sh /home/setup_dsr.sh

3. Write the shell script that will be executed. This example script performs the tasks described in Configure network on target instance and Bind process running on target instance to DSRNLB's private IPP.

   setup_dsr.sh

   #!/bin/sh
   sysctl -w net.ipv4.conf.all.arp_ignore=1
   sysctl -w net.ipv4.conf.all.arp_announce=2
   
   ip a del 127.0.0.1 dev lo
   
   # The private IP address of the DSRNLB that this target instance will be associated with in the target group
   ip a add 172.30.4.237/32 dev lo
   
   ip link set dev lo up
   
   # When using a UDP Listener, bind the Process running on the target instance to the DSRNLB's private IP (UDP Server execution)
   
      # When using a UDP Listener, bind the Process running on the target instance to the DSRNLB's private IP (UDP Server execution)
   
   python3 /home/sample_python_udp_server.py

4. Adjust the permissions of the script and Python files to ensure they can be executed. Enter the path to each file or navigate to the directory where the files are located and execute the following commands:

   Grant Execute Permissions

   chmod +x setup_dsr.sh
   chmod +x sample_python_udp_server.py

5. Verify that the settings persist after rebooting.

   Verify Settings

   # Check ARP settings
   sysctl -a | grep net.ipv4.conf.all.arp_ignore
   sysctl -a | grep net.ipv4.conf.all.arp_announce
   
   # Check Loopback IP address
   ip a
   
   # Verify that the UDP Server is running properly (check the port number specified in the Python script)
   netstat -tuln | grep 12345

Windows Operating Systems

Step 1. Install Microsoft KM-TEST loopback adapter

1. Search for Run in the search box at the bottom left corner of the Windows desktop and select it.

2. In the Run window, type hdwwiz and click [OK].

3. The Add Hardware Wizard will appear. Click [Next].

4. Select Install the hardware that I manually select from a list (Advanced).

5. Choose Network Adapters and click [Next].

6. In Manufacturer, select Microsoft, then choose Microsoft KM-TEST Loopback Adapter in Model. Click [Next].

7. Click [Next] to proceed with the installation.

8. Click [Finish] when the installation is complete.

Step 2. Configure IP settings for the adapter

1. Search for Network Status in the search box at the bottom left corner of the Windows desktop and select it.

2. In the Network Status window, click Change adapter options.

3. In the Network Connections window, locate the Ethernet labeled as Unidentified Network. Right-click this Ethernet and select [Properties].

4. In the Ethernet Properties window, select Internet Protocol Version 4 (TCP/IPv4) and click [Properties].

5. In the Internet Protocol Version 4 (TCP/IPv4) Properties window, select the [General] tab and choose Use the following IP address. Enter the following information:

   • IP Address (I): Private IP address of DSRNLB
   • Subnet Mask (U): 255.255.255.255

Step 3. Ignore ARP requests and configure weak host model

1. Search for Command Prompt in the search box at the bottom left corner of the Windows desktop and select it.

2. Enter the following command to set the adapter to ignore ARP requests. <loopback_adapter_name> refers to the name of the newly added adapter from Step 1. Install Microsoft KM-TEST Loopback Adapter.

   Ignore ARP Requests

   netsh interface ipv4 set interface <loopback_adapter_name> metric=254

3. Enter the following commands to configure the Weak Host Model. <default_network_adapter_name> refers to the name of the default adapter, not the newly added one (e.g., tap6d769000e-0a).

   Weak Host Model 설정

   netsh interface ipv4 set interface <default_network_adapter_name> weakhostreceive=enabled
   netsh interface ipv4 set interface <loopback_adapter_name> weakhostreceive=enabled
   netsh interface ipv4 set interface <loopback_adapter_name> weakhostsend=enabled

Additional configuration for target instance when using UDP listener

When using the UDP Listener for DSRNLB, the target instance must run a Linux-based operating system. Additionally, one of the following three configurations must be applied. Even if the configuration is correctly completed, packet loss may occur due to the nature of UDP communication, leading to occasional failures.

• Bind process running on target instance to DSRNLB's private IP
• Use iptables provided by the Linux Kernel for stateful NAT configuration
• Use nftables provided by the Linux Kernel for stateless NAT configuration

Bind process running on target instance to DSRNLB's private IP

1. On the target instance, create the following example code. This example is written in Python, but you may use an appropriate programming language as needed.

   sample_python_udp_server.py

   import socket
   
   localIP     = "172.30.4.237"    # DSRNLB's Private IP
   localPort   = 12345             # Port number used by the UDP Server created and run by this source code
   bufferSize  = 1024
   
   msgFromServer = "Hello UDP Client, this is Simple UDP Server."
   bytesToSend = str.encode(msgFromServer)
   
   # Create a datagram socket
   UDPServerSocket = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)
   
   # Bind to address and ip
   UDPServerSocket.bind((localIP, localPort))
   
   print("UDP server up and listening")
   # Listen for incoming datagrams
   while(True):
       bytesAddressPair = UDPServerSocket.recvfrom(bufferSize)
       message = bytesAddressPair[0]
       address = bytesAddressPair[1]
       clientMsg = "Message from Client:{}".format(message)
       clientIP  = "Client IP Address:{}".format(address)
       print(clientMsg)
       print(clientIP)
   
       # Sending a reply to client
       UDPServerSocket.sendto(bytesToSend, address)
   
   

2. Run the example code.

Use iptables provided by the Linux Kernel for stateful NAT configuration

caution

NAT operations use additional CPU resources, and since DNAT is 'Stateful,' memory consumption can also be high.

1. On the target instance, create the following example code. This example is written in Python, but you can substitute it with an appropriate programming language as needed.

   • This example code is the same as above, but the localIP address is changed to 0.0.0.0.
   sample_python_udp_server.py

   import socket
   
   localIP     = "0.0.0.0"
   localPort   = 12345             # Port number used by the UDP Server created and run by this source code
   bufferSize  = 1024
   
   msgFromServer = "Hello UDP Client, this is Simple UDP Server."
   bytesToSend = str.encode(msgFromServer)
   
   # Create a datagram socket
   UDPServerSocket = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)
   
   # Bind to address and ip
   UDPServerSocket.bind((localIP, localPort))
   
   print("UDP server up and listening")
   # Listen for incoming datagrams
   while(True):
       bytesAddressPair = UDPServerSocket.recvfrom(bufferSize)
       message = bytesAddressPair[0]
       address = bytesAddressPair[1]
       clientMsg = "Message from Client:{}".format(message)
       clientIP  = "Client IP Address:{}".format(address)
       print(clientMsg)
       print(clientIP)
   
       # Sending a reply to client
       UDPServerSocket.sendto(bytesToSend, address)

2. Run the example code.

3. Add iptables DNAT rules by entering the following commands:

Add DNAT rules

iptables -p udp -t nat -A POSTROUTING -j RETURN -d <private_ip_of_target> --dport <udp_server_port>
iptables -p udp -t nat -A PREROUTING -j DNAT --dport <udp_server_port> --to-destination <private_ip_of_target> -d <private_ip_of_dsrnlb>

Item	Description
<private_ip_of_target>	Private IP address of the target instance
<udp_server_port>	Port number set in the example code (localPort value)
<private_ip_of_dsrnlb>	Private IP address of the DSRNLB associated with the target group to which the target instance is added

Use nftables provided by the Linux Kernel for stateless NAT configuration

info

To use nftables, your Linux kernel version must be 4.10 or higher.

1. Write the example code from step 1 in Use iptables provided by the Linux Kernel for stateful NAT configuration.

2. Execute the example code.

3. Enter the following command:

   Modify Source Address in IP Header of Transmitted Packet

   nft add table raw
   nft add chain raw postrouting {type filter hook postrouting priority 300 \; }
   nft add rule raw postrouting ip saddr <private_ip_of_target> udp sport <udp_server_port> ip saddr set <private_ip_of_dsrnlb>

   Category	Description
   <private_ip_of_target>	Private IP address of target instance
   <udp_server_port>	Port number set in the example code above (localPort value)
   <private_ip_of_dsrnlb>	Private IP address of DSRNLB connected to target group where target instance will be set

Manage target

You can view, modify, and delete targets added to the target group.

caution

Two health check IPs are generated per subnet where the target is located. For health checks, communication must be allowed through these IPs. Please refer to View health check IP and Allow communication with health check IP to add an inbound policy to the security group.

View health check IP

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Select a target group.

3. In the detail screen, select the Target tab.

4. Click the Health check IP per subnet to view the list of health check IPs.

Allow communication with health check IP

There are two methods to allow communication with health check IPs in the security group. Choose one of the following methods for convenience.

Method 1. Register an inbound policy allowing the IP in the existing security group of the target instance

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. View the health check IP and select the target group to allow communication.

3. Select the Target tab.

4. Click on Health check IP by subnet to view the health check IP list. Keep the health check IP query screen open or copy the list.

5. In the Target list at the bottom of the tab detail view, check the instance to allow communication with the health check IP and select the security group name of the instance.

   • If there are multiple connected security groups, select any one to register.
   • If the same policy has already been added to one or more of the connected security groups, it means that communication is already allowed.

6. Click the [Manage inbound rules] button in the Inbound rules tab.

7. In the popup, click the [Add] button at the bottom of the Inbound Policy tab to add a new policy input field.

8. Based on the detailed information from Step 5 in the Target Group > Target Tab, enter the policy information and click the [Apply] button on the right.

   Inbound policy configuration

   Field	Description
   Protocol	Protocol for communication (TCP, UDP, ICMP, ALL), select based on the health check type of the target group - If the health check type is PING: ICMP - If the health check type is HTTP, HTTPS, TCP: TCP
   Packet source	Source IP to allow access - Enter the health check IP identified in the target details - Register each of the two health check IPs generated in the Subnet that includes the target
   Port	Port for communication - Enter the monitoring port of the target
   Policy description (Optional)	Description of the policy

9. Click the [Close] button.

Method 2. Create a new security group for health check and attach it to the target instance

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. View the health check IP and select the target group to allow communication.

3. Select the Target tab in the detail view.

4. Click on Health check IP per subnet. Keep the health check IP query screen open or copy the list.

5. Refer to Create security group to go to the new security group creation screen.

6. In the popup, enter the security group name and description, and add the inbound policy.

7. Based on the detailed information from Step 3 in the Target Group > Target tab , enter all policy information.

   • Register all health check IPs in one security group and connect the entire target instance to this security group.
     Or, create security groups by subnet and register only the health check IP generated in that Subnet, then connect only the target Instances in the same Subnet.

   Inbound policy configuration

   Field	Description
   Protocol	Protocol for communication (TCP, UDP, ICMP, ALL), select based on the health check type of the target group - If the health check type is PING: ICMP - If the health check type is HTTP, HTTPS, TCP: TCP
   Packet source	Source IP to allow access - Enter the health check IP identified in the target details - Register each of the two health check IPs generated in the Subnet that includes the target - If managing with a single security group, register each of the entire health check IPs
   Port	Port for communication - Enter the monitoring port of the target - Can be entered as a single port or a range
   Policy description (Optional)	Description of the policy

8. Click the [Create] button to complete the creation of the security group.

9. In the Security group list, click the [More] icon > [Modify association] button to connect the target instance.

Set monitoring port

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Select the target group to modify.

3. Select the Target tab in the detail view.

4. Check the list of targets added to the target group.

5. Select the [More] icon > [Set monitoring port].

6. In the popup, change the information.

   • Set to the same port as the target port: The traffic port and monitoring port are the same
   • Set to different port from the target port: The traffic port and monitoring port are different, so enter the monitoring port

7. Click the [Apply] button.

View target

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Select a target group.

3. Select the Target tab in the detail view.

4. Check the list of targets added to the target group.

   Field	Description
   IP	Target IP
   Port	Target port
   Provisioning status	Information on whether the target was added successfully or if it is in the process of modification or deletion
   Operating status	Information on whether the added target is available
   Instance	Name and ID of the target instance
   Subnet	Name of the subnet containing the target
   Security group	security group connected to the target instance
   Monitoring port	Port where health check is performed
   Weight	Weight ratio calculated based on the input weight
   [More] icon	Provides functions for setting the monitoring port and disconnecting the target

Modify target

info

The port of the added target cannot be modified. If you want to change the port, delete the target and perform the target configuration again.

Detach target

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Target Group..

2. Select the target group to disconnect the target.

3. Select the Target tab in the detail view.

4. Check the list of targets added to the target group.

5. Select the [More] icon amd [Detach target].

6. In the popup, click the [Detach] button.

info

Detaching the target will not delete the instance. To reconnect, please add it again.