Login
      Contents x
      Load Balancer property settings examples
        • Print
        • PDF
        Contents

        Load Balancer property settings examples

          • Print
          • PDF
          Article Summary

          Available in VPC

          This is an example showing how to set the properties of a load balancer instance using various annotations introduced in Load Balancer instance connection.

          Caution

          If you configure the load balancer of NAVER Cloud Platform created in Kubernetes through the console and API rather than the Kubernetes' Service resource, problems may occur in status synchronization. Change of settings for the created load balancers must be done by editing service resource created in Kubernetes.

          General example

          This is a settings example that can be applied generally to the creation of load balancers.

          Load Balancer Class selection example

          From Kubernetes Version 1.27, you can specify LoadBalancerClass. You can use a load balancer different from the default one provided by NAVER Cloud Platform in your cluster by specifying LoadBalancerClass. If LoadBalancerClass is specified, Network Load Balancer and Network Proxy Load Balancer are not generated. After creating a service, check the assigned External-IP to confirm external accessibility. The example below describes how to use loxilb by specifying Load BalancerClass.

          apiVersion: v1
kind: Service
metadata:
  name: my-nginx
  labels:
    app: nginx
spec:
  selector:
    app: nginx
  ports:
    - port: 8765
      targetPort: 80
  type: LoadBalancer
  loadBalancerClass: "loxilb.io/loxilb"

          Example of selecting a dedicated subnet where instances are created

          When creating an instance, use the lbSubnetNo in the configmap named ncloud-config in the kube-system Namespace. If you need to create an instance in another load balancer-only subnet, then the service.beta.kubernetes.io/ncloud-load-balancer-subnet-id annotation can be used.

          The following is an example of selecting a dedicated subnet where NPLB instances will be created.

          kind: Service
apiVersion: v1
metadata:
  name: my-nginx
  annotations:
    service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nplb"
    service.beta.kubernetes.io/ncloud-load-balancer-subnet-id: "452772"
spec:
  ports:
    - port: 80
      targetPort: 80
  selector:
    run: my-nginx
  type: LoadBalancer

          Example of assigning public IP to load balancer

          You can define the public IP to be assigned to a load balancer in the spec.loadBalancerIP field when the service type is LoadBalancer. In this field, only the public IP that has not been assigned and checked from the 네이버 클라우드 플랫폼 콘솔 > VPC > Public IP menu can be described.
          By default, deleting a load balancer returns the public IP assigned to it as well. The service.beta.kubernetes.io/ncloud-load-balancer-retain-public-ip-on-termination: "true" annotation can be used to prevent the public IP from being returned.

          apiVersion: v1
kind: Service
metadata:
  name: my-nginx
  annotations:
    service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nplb"
    service.beta.kubernetes.io/ncloud-load-balancer-retain-public-ip-on-termination: "true"
spec:
  loadBalancerIP: 110.234.194.181
  ports:
    - port: 80
      targetPort: 8080
      protocol: TCP
      name: http
  selector:
    run: nginx
  type: LoadBalancer

          Example of creating private-network-type load balancer

          You can create a private-type load balancer accessible only within the VPC using the service.beta.kubernetes.io/ncloud-load-balancer-internal annotation. The default value of this annotation is false, so if not explicitly specified, a public-type load balancer is created. Private-type load balancers distribute load among internal servers using private IPs within the VPC and do not allow external access from outside the VPC.

          apiVersion: v1
kind: Service
metadata:
  name: my-nginx
  annotations:
    service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nplb"
    service.beta.kubernetes.io/ncloud-load-balancer-internal: "true"
spec:
  ports:
    - port: 80
      targetPort: 80
  selector:
    run: my-nginx
  type: LoadBalancer

          Example of setting load balancing algorithm

          You can set a load-balancing algorithm for your load balancer using the service.beta.kubernetes.io/ncloud-load-balancer-algorithm-type-code annotation. For Network Proxy LoadBalancer, you can choose among Round Robin (RR), Source Ip Hash (SIPHS), and Least Connection (LC). For Network LoadBalancer, you can select between Hash (MH) and Round Robin (RR).

          Below is an example of creating a Network Proxy LoadBalancer and selecting Source Ip Hash(SIPHS) as a load-balancing algorithm.

          apiVersion: v1
kind: Service
metadata:
  name: my-nginx
  annotations:
    service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nplb"
    service.beta.kubernetes.io/ncloud-load-balancer-algorithm-type-code: "SIPHS"
spec:
  ports:
    - port: 80
      targetPort: 80
  selector:
    run: my-nginx
  type: LoadBalancer

          Example of setting Network Proxy Load Balancer (NPLB) property

          Example of setting load balancer's load processing performance

          You can set load processing performance of a created load balancer using the service.beta.kubernetes.io/ncloud-load-balancer-size annotation.

          The following is an example of setting load processing performance using the annotation.

          kind: Service
apiVersion: v1
metadata:
  name: my-nginx
  annotations:
    service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nplb"
    service.beta.kubernetes.io/ncloud-load-balancer-size: "MEDIUM"
spec:
  ports:
    - port: 80
      targetPort: 80
  selector:
    run: my-nginx
  type: LoadBalancer

          TLS settings example

          You can apply a TLS/SSL certificate to your load balancer through the service specifications. Set the certificate number (nrn) registered in Certificate Manager to service.beta.kubernetes.io/ncloud-load-balancer-ssl-certificate-no and set the number of the port that will use TLS to the service.beta.service.beta.kubernetes.io/ncloud-load-balancer-tls-ports annotation. Below is an example of encrypting the traffic coming through the 443 port (HTTPS) and forwarding it to the 80 port (HTTP).

          kind: Service
apiVersion: v1
metadata:
  name: my-nginx
  annotations:
    service.beta.kubernetes.io/ncloud-load-balancer-ssl-certificate-no: "1234"
    service.beta.kubernetes.io/ncloud-load-balancer-tls-ports: "443"
spec:
  ports:
    - port: 443
      targetPort: 80
  selector:
    app: nginx
  type: LoadBalancer

          Proxy protocol activation examples

          You can activate the proxy protocol of your load balancer using the service.beta.kubernetes.io/ncloud-load-balancer-proxy-protocol annotation. The proxy protocol is a protocol that allows the original client IP address to be known when using TCP or SSL protocols and making connection requests through a proxy environment. To use this feature, you should configure the settings for the load balancer as well as for the connected applications (pods).

          kind: Service
apiVersion: v1
metadata:
  name: my-nginx
  annotations:
    service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nplb"
    service.beta.kubernetes.io/ncloud-load-balancer-proxy-protocol: "true"
spec:
  ports:
    - port: 80
      targetPort: 80
  selector:
    run: my-nginx
  type: LoadBalancer

          Load balancer Idle Timeout settings example

          You can adjust the Idle Timeout in your load balancer using service.beta.kubernetes.io/ncloud-load-balancer-idle-timeout. The value should be adjusted considering the Idle Timeout of the application, and the default value for the load balancer is 60 seconds. The example below describes how to set the Idle Timeout for the load balancer to 90 seconds.

          kind: Service
apiVersion: v1
metadata:
  name: my-nginx
  annotations:
    service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nplb"
    service.beta.kubernetes.io/ncloud-load-balancer-idle-timeout: "90"
spec:
  ports:
    - port: 80
      targetPort: 80
  selector:
    run: my-nginx
  type: LoadBalancer

          Example of setting Network Load Balancer (NLB) property

          Example of setting ACG rule's inbound source upon creation of a load balancer

          If the service type is LoadBalancer, then an ACG rule with 0.0.0.0./0 as inbound source is set up by default for external communication. If a different IP block is required to be set to be the inbound source, then you can use the annotation of service.beta.kubernetes.io/ncloud-load-balancer-inbound-source. If you'd like to specify multiple inbound sources, then you can use commas (,) as separators.

          The following is an example of setting the ACG rule's Inbound Source when creating an NLB instance.

          kind: Service
apiVersion: v1
metadata:
  name: my-nginx
  annotations:
    service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nlb"
    service.beta.kubernetes.io/ncloud-load-balancer-inbound-source: "10.120.0.0/16,143.248.12.77/32"
spec:
  ports:
    - port: 80
      targetPort: 80
  selector:
    run: my-nginx
  type: LoadBalancer
          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout