Enabling Connection Draining

You can enable connection draining on backend services to ensure minimal interruption to your users when an instance is deleted automatically by an autoscaler or manually removed from an instance group. To enable connection draining, you set a connection draining timeout on the backend service. This timeout instructs the backend service to gracefully migrate traffic away from VM instances in its backends. From the perspective of a VM, when connections are being drained, existing network sessions are preserved, up to the duration of the connection draining timeout, but the backend service does not route new connections to the VM.

After the timeout duration is reached, the instance is terminated and all remaining connections are forcibly closed. You can set a timeout duration between 1 to 3600 seconds.

Connection draining is triggered whenever an instance is removed or deleted from an instance group; specifically, in the following scenarios:

It can take up to 60 seconds after your specified timeout duration has passed for the instance to be terminated.

If you enable connection draining on multiple backend services that share the same instance groups, the largest timeout value is used. For example, if backend service A sets a connection timeout for 100 seconds and backend service B sets a connection timeout for 200 seconds, the system would wait 200 seconds before terminating instances in the shared instance group.


Enabling connection draining


  1. Go to the Load balancing page in the Google Cloud Platform Console.
    Go to the Load balancing page
  2. Click the Edit button for your load balancer or create a new load balancer.
  3. Click Backend configuration.
  4. Click Advanced configurations at the bottom of your backend service.
  5. In the Connection draining timeout field, enter a value from 0 - 3600. A setting of 0 disables connection draining.


Enable connection draining on a new or existing backend service by using the --connection-draining-timeout flag. For example, when updating a backend service, provide the flag with your request:

gcloud compute backend-services update [BACKEND_SERVICE] \
    --connection-draining-timeout [CONNECTION_TIMEOUT_SECS]


  • [BACKEND_SERVICE] is the backend service for this request.
  • [CONNECTION_TIMEOUT_SECS] is the number of seconds to wait before instances are terminated, between 0 - 3600 seconds, inclusively. A setting of 0 disables connection draining. This timeout duration applies to all instance groups that are part of the backend service.

If you update your instance using the backend-services edit subcommand, add connectionDraining as part of the resource body:

# You can edit the resource below. Lines beginning with "#" are
# ignored.
# If you introduce a syntactic error, you will be given the
# opportunity to edit the file again. You can abort by closing this
# file without saving it.
# At the bottom of this file, you will find an example resource.
# Only fields that can be modified are shown. The original resource
# with all of its fields is reproduced in the comment section at the
# bottom of this document.

description: ''
- https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/global/healthChecks/[HEALTH_CHECK]
port: 80
portName: [PORT_NAME]
protocol: [PROTOCOL]
timeoutSec: 30
  drainingTimeoutSec: [CONNECTION_TIMEOUT_SEC]


To enable connection draining in the API when creating or updating an instance, make a request to the respective API URI and include the connectionDraining field in your request body. For example, to create a new backend service, make POST request to the following URI:

For HTTP(S) or SSL proxy load balancing:

POST https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/global/backendServices

For Internal load balancing:

POST https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/region/[REGION]/backendServices

{  "healthChecks": [
   "name": "[BACKEND_SERVICE]",
   "port": 80,
   "portName": "[PORT_NAME]",
   "protocol": "[PROTOCOL]",
   "timeoutSec": 30,
   "connectionDraining": {
     "drainingTimeoutSec": [CONNECTION_TIMEOUT_SECS]


  • [PROJECT_ID] is the project ID for this request.
  • [BACKEND_SERVICE] is the backend service for this request.
  • [CONNECTION_TIMEOUT_SECS] is the number of seconds to wait before instances are removed from the instance group, between 1 to 3600 seconds, inclusively. This timeout duration applies to all instance groups that are part of the backend service.

What's next

For general information on backend services, see Backend Services.

Was this page helpful? Let us know how we did:

Send feedback about...

Load Balancing