- Print
- PDF
Load Balancer instance connection
- Print
- PDF
The latest service changes have not yet been reflected in this content. We will update the content as soon as possible. Please refer to the Korean version for information on the latest updates.
Available in VPC
When you create a service to use Ncloud Kubernetes Service, you can automatically create a load balancer instance which is connected to the service.
Manage Load Balancer instances connected to Kubernetes
If you configure the load balancer of NAVER Cloud Platform created in Kubernetes through the console and API rather than the Kubernetes' Service resource, problems may occur in status synchronization. Change of settings for the created load balancers must be done by editing service resource created in Kubernetes.
Create instances
To create a Load Balancer instance connected to the Ncloud Kubernetes Service, specify the service manifest type as LoadBalancer and set the service.beta.kubernetes.io/ncloud-load-balancer-layer-type
annotation as nplb or nlb.
- nplb: a Network Proxy Load Balancer (NPLB) instance is created.
- nlb: a Network Load Balancer (NLB) instance is created.
Enable instance property
You can set properties of an instance created through the service manifest's annotation. To set instance properties, see the table below and enter the metadata.annotations value when creating an instance.
- Network Proxy Load Balancer (NPLB)
Annotation | Description | Remarks |
---|---|---|
service.beta.kubernetes.io/ncloud-load-balancer-layer-type | Load balancer network layer type setting Select one of the following values: nplb, nlb | Default: nplb |
service.beta.kubernetes.io/ncloud-load-balancer-size | Road balancer's load processing performance Select one of the following values: SMALL, MEDIUM, LARGE | Default is SMALL |
service.beta.kubernetes.io/ncloud-load-balancer-internal | Private network type load balancer creation setting Select one of the following values: "true" , "false" | Default: "false" |
service.beta.kubernetes.io/ncloud-load-balancer-retain-public-ip-on-termination | The setting used to preserve the assigned public IP when the load balancer is removed. Applied only to the Load Balancers that have public IPs assigned. Select one of the following values: "true" , "false" | Default: "false" |
service.beta.kubernetes.io/ncloud-load-balancer-description | Write a note about the load balancer instance to be created | - |
service.beta.kubernetes.io/ncloud-load-balancer-termination-protection | Automatic removal protection setting for the load balancer when the service whose type is specified as LoadBalancer is removed Select one of the following values: "true" , "false" | Default: "false" |
service.beta.kubernetes.io/ncloud-load-balancer-subnet-id | ID of the load balancer-only subnet to create load balancers | Use lbSubnetNo within the configmap of which name of ncloud-config in the kube-system |
service.beta.kubernetes.io/ncloud-load-balancer-ssl-certificate-no | Certificate Manager's certificate number to be applied to listeners with the TLS protocol - the certificate number can be viewed in nrn of Resource Manager. (e.g., nrn:PUB:CertificateManager::000:Certificate/External/${certificateNo}) | - |
service.beta.kubernetes.io/ncloud-load-balancer-tls-ports | List of ports to apply TLS. e.g. "443,6443" | Default: "443" , Values separated by commas can be used |
service.beta.kubernetes.io/ncloud-load-balancer-tls-min-version | Minimum support version type code of TLS Select one of the following values: TLSV10, TLSV11, TLSV12 | Default: TLSV10 |
service.beta.kubernetes.io/ncloud-load-balancer-proxy-protocol | Proxy protocol activation status. Select one of the following values: "true" , "false" | Default: "false" |
service.beta.kubernetes.io/ncloud-load-balancer-algorithm-type-code | Can set Round Robin(RR), Source Ip Hash(SIPHS) or Least Connection(LC) as algorithm type. Select one of the following values: RR, SIPHS, LC | Default is RR |
service.beta.kubernetes.io/ncloud-load-balancer-enable-skip-acg-update | ACG update setting status. Select one of the following values: "true" , "false" | Default: "false" |
service.beta.kubernetes.io/ncloud-load-balancer-idle-timeout | Load Balancer's idle timeout settings (1-3600) | Default: 60 |
service.beta.kubernetes.io/ncloud-load-balancer-cipher-suite-list | List of Cipher Suite supported by listener, (e.g., TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) | All cipher suites supported by the default listener |
- Network Load Balancer (NLB)
Annotation | Description | Remarks |
---|---|---|
service.beta.kubernetes.io/ncloud-load-balancer-layer-type | Load balancer network layer type setting Select one of the following values: nplb, nlb | Default: nplb Enter nlb to create a Network Load Balancer |
service.beta.kubernetes.io/ncloud-load-balancer-size | Road balancer's load processing performance Select one of the following values: SMALL, MEDIUM, LARGE, DYNAMIC | Default value DYNAMIC. Only DYNAMIC can be set during initial creation. If the type is not DYNAMIC, in some load balancers, applying the DYNAMIC annotation can change it to DYNAMIC type. Changes from the DYNAMIC type to other types are not possible. |
service.beta.kubernetes.io/ncloud-load-balancer-internal | Private network type load balancer creation setting Select one of the following values: "true" , "false" | Default: "false" |
service.beta.kubernetes.io/ncloud-load-balancer-retain-public-ip-on-termination | The setting used to preserve the assigned public IP when the load balancer is removed. Applied only to the Load Balancers that have public IPs assigned. Select one of the following values: "true" , "false" | Default: "false" |
service.beta.kubernetes.io/ncloud-load-balancer-description | Write a note about the load balancer instance to be created | - |
service.beta.kubernetes.io/ncloud-load-balancer-termination-protection | Automatic removal protection setting for the load balancer when the service whose type is specified as LoadBalancer is removed Select one of the following values: "true" , "false" | Default: "false" |
service.beta.kubernetes.io/ncloud-load-balancer-inbound-source | Value to be used as inbound access source in the ACG rule E.g., 119.194.195.143/32,143.248.12.77/32 | Default: 0.0.0.0/0 |
service.beta.kubernetes.io/ncloud-load-balancer-subnet-id | ID of the load balancer-only subnet for creating Load Balancers | Use lbSubnetNo within the configmap with the name of ncloud-config in the kube-system |
service.beta.kubernetes.io/ncloud-load-balancer-algorithm-type-code | Set Hash(MH) or Round Robin(RR) as algorithm type. Select one of the following values: MH, RR | Default is MH |
service.beta.kubernetes.io/ncloud-load-balancer-enable-skip-acg-update | ACG update setting status. Select one of the following values: "true" , "false" | Default: "false" |
service.beta.kubernetes.io/ncloud-load-balancer-sticky-session | Sticky Session setting status. Select one of the following values: "true" , "false" | Default: "false" |
Public/private IP assignment method according to load balancer's subnet type
There are two types of subnets for load balancer: Public Subnet and Private Subnet. Each type is required when creating a load balancer with a private or public IP assigned. When creating a load balancer, use the lbPublicSubnetNo configured by ncloud-config ConfigMap in the kube-system namespace or the Subnet ID in the lbSubnetNo field. This subnet ID can be specified to use a different subnet ID using the service.beta.kubernetes.io/ncloud-load-balancer-subnet-id
annotation when creating a load balancer.
1. Public Subnet (Internet Gateway only)
A public subnet is required to create a load balancer with an public IP assigned. Users may request an public IP from the VPC > Public IP menu on the NAVER Cloud Platform console and assign it to a load balancer. If no public IP is specified, a new public IP will be applied.
2. Private Subnet
This subnet is required to create a load balancer in the private subnet assigned with a private IP within VPC.
Examples of instance property settings
For more detailed example of setting instance properties, see Examples of Load Balancer property settings.
Example of Network Proxy Load Balancer (NPLB) instance creation
An example of creating a NPLB instance connected to Kubernetes is shown as follows.
- Save the following code example as an nks-lb.yml file.
- You can see the annotation to create a private network proxy type load balancer instance in the code example shown below.
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 1
selector:
matchLabels:
run: my-nginx
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: my-nginx
annotations:
service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nplb"
service.beta.kubernetes.io/ncloud-load-balancer-internal: "true"
service.beta.kubernetes.io/ncloud-load-balancer-size: "SMALL"
spec:
ports:
- port: 80
targetPort: 80
selector:
run: my-nginx
type: LoadBalancer
- Run the
kubectl apply -f nks-lb.yml
command to deploy.
Example of Network Load Balancer (NLB) instance creation
- Save the following code example as an nks-lb.yml file.
- You can see the annotation to create a private network proxy type load balancer instance in the code example shown below.
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 1
selector:
matchLabels:
run: my-nginx
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: my-nginx
annotations:
service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nlb"
service.beta.kubernetes.io/ncloud-load-balancer-internal: "true"
service.beta.kubernetes.io/ncloud-load-balancer-size: "SMALL"
spec:
ports:
- port: 80
targetPort: 80
selector:
run: my-nginx
type: LoadBalancer
- Run the
kubectl apply -f nks-lb.yml
command to deploy.
Check the external IP of a created load balancer instance
Run the command shown below to check the external IP of a created instance.
$ kubectl --kubeconfig $KUBE_CONFIG get svc example-service
The external IP of the instance is displayed in the EXTERNAL-IP column. The following is an example of viewing an external IP using the command.
$ kubectl --kubeconfig $KUBE_CONFIG get svc example-service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
example-service LoadBalancer 172.16.101.104 10.39.10.118 8765:30365/TCP 2m11s
Delete instance
Delete the Kubernetes service which is created as LoadBalancer type to automatically delete the connected load balancer instance with it.
The following describes how to check the Kubernetes service created as LoadBalancer type and delete it.
- Run the following command to check the created Kubernetes service.
- Each service's type can be seen in the result's TYPE column.
$ kubectl --kubeconfig $KUBE_CONFIG get service
- Run the following command to delete the LoadBalancer type service.
$ kubectl --kubeconfig $KUBE_CONFIG delete service my-nginx