- Print
- PDF
Load Balancer instance integrations
- Print
- PDF
Available in VPC
When you create a service to use Ncloud Kubernetes Service, you can automatically create a load balancer instance which is connected to the service.
Manage Load Balancer instances connected to Kubernetes
If you configure the load balancer of NAVER Cloud Platform created in Kubernetes through the console and API rather than the Kubernetes' Service resource, problems may occur in status synchronization. Change of settings for the created load balancers must be done by editing service resource created in Kubernetes.
Create instances
To create a Load Balancer instance connected to Ncloud Kubernetes Service, specify the service manifest type as LoadBalancer and set the service.beta.kubernetes.io/ncloud-load-balancer-layer-type
annotation as nplb or nlb.
- nplb: a Network Proxy Load Balancer (NPLB) instance is created.
- nlb: a Network Load Balancer (NLB) instance is created.
Set instance property
You can set properties of an instance created through the service manifest's annotation. To set instance properties, see the following table and enter the metadata.annotations value when creating an instance:
- Network Proxy Load Balancer (NPLB)
Annotation | Description | Note |
---|---|---|
service.beta.kubernetes.io/ncloud-load-balancer-layer-type | Load balancer network layer type setting Select one of the following values: nplb, nlb | Default: nplb |
service.beta.kubernetes.io/ncloud-load-balancer-size | Road balancer's load processing performance Select one of the following values: SMALL, MEDIUM, LARGE, DYNAMIC | Default: SMALL |
service.beta.kubernetes.io/ncloud-load-balancer-internal | Private network type load balancer creation setting Select one of the following values: "true" , "false" | Default "false" |
service.beta.kubernetes.io/ncloud-load-balancer-retain-public-ip-on-termination | The setting used to preserve the assigned public IP when the load balancer is removed. Applied only to the Load Balancers that have public IPs assigned. Select one of the following values: "true" , "false" | Default "false" |
service.beta.kubernetes.io/ncloud-load-balancer-description | Enter a note about the load balancer instance to be created | - |
service.beta.kubernetes.io/ncloud-load-balancer-termination-protection | Automatic removal protection setting for the load balancer when the service whose type is specified as LoadBalancer is removed Select one of the following values: "true" , "false" | Default "false" |
service.beta.kubernetes.io/ncloud-load-balancer-subnet-id | ID of the load balancer-only subnet to create load balancers | Use lbSubnetNo within the configmap named ncloud-config in the kube-system by default |
service.beta.kubernetes.io/ncloud-load-balancer-ssl-certificate-no | Certificate Manager's certificate number to be applied to listeners with the TLS protocol - the certificate number can be viewed in nrn of Resource Manager. (e.g., nrn:PUB:CertificateManager::000:Certificate/External/${certificateNo}) | - |
service.beta.kubernetes.io/ncloud-load-balancer-tls-ports | List of ports to apply TLS. e.g. "443,6443" | Default: "443" , values separated by commas can be used |
service.beta.kubernetes.io/ncloud-load-balancer-tls-min-version | Minimum support version type code of TLS Select one of the following values: TLSV10, TLSV11, TLSV12 | Default: TLSV10 |
service.beta.kubernetes.io/ncloud-load-balancer-proxy-protocol | Proxy protocol activation status. Select one of the following values: "true" , "false" | Default "false" |
service.beta.kubernetes.io/ncloud-load-balancer-algorithm-type-code | Can set Round Robin (RR), Source Ip Hash (SIPHS) or Least Connection (LC) as algorithm type. Select one of the following values: RR, SIPHS, LC | Default: RR |
service.beta.kubernetes.io/ncloud-load-balancer-enable-skip-acg-update | ACG update setting status. Select one of the following values: "true" , "false" | Default "false" |
service.beta.kubernetes.io/ncloud-load-balancer-idle-timeout | Load Balancer's idle timeout settings (1-3600) | Default: 60 |
service.beta.kubernetes.io/ncloud-load-balancer-cipher-suite-list | List of Cipher Suite supported by listener, (e.g., TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) | All cipher suites supported by the default listener |
- Network Load Balancer (NLB)
Annotation | Description | Note |
---|---|---|
service.beta.kubernetes.io/ncloud-load-balancer-layer-type | Load balancer network layer type setting Select one of the following values: nplb, nlb | Default: nplb Enter nlb to create a Network Load Balancer |
service.beta.kubernetes.io/ncloud-load-balancer-size | Road balancer's load processing performance Select one of the following values: SMALL, MEDIUM, LARGE, DYNAMIC | Default: DYNAMIC. Only DYNAMIC is available when creating a new one. For non-DYNAMIC types, some load balancers can be changed to DYNAMIC type by applying the DYNAMIC annotation. Cannot change from DYNAMIC type to another type. |
service.beta.kubernetes.io/ncloud-load-balancer-internal | Private network type load balancer creation setting Select one of the following values: "true" , "false" | Default "false" |
service.beta.kubernetes.io/ncloud-load-balancer-retain-public-ip-on-termination | The setting used to preserve the assigned public IP when the load balancer is removed. Applied only to the Load Balancers that have public IPs assigned. Select one of the following values: "true" , "false" | Default "false" |
service.beta.kubernetes.io/ncloud-load-balancer-description | Enter a note about the load balancer instance to be created | - |
service.beta.kubernetes.io/ncloud-load-balancer-termination-protection | Automatic removal protection setting for the load balancer when the service whose type is specified as LoadBalancer is removed Select one of the following values: "true" , "false" | Default "false" |
service.beta.kubernetes.io/ncloud-load-balancer-inbound-source | Value to be used as inbound access source in the ACG rule E.g., 119.194.195.143/32,143.248.12.77/32 | Default: 0.0.0.0/0 |
service.beta.kubernetes.io/ncloud-load-balancer-subnet-id | ID of the load balancer-only subnet for creating Load Balancers | Use lbSubnetNo within the configmap named ncloud-config in the kube-system |
service.beta.kubernetes.io/ncloud-load-balancer-algorithm-type-code | Set Hash (MH) or Round Robin (RR) as algorithm type. Select one of the following values: MH, RR | Default: MH |
service.beta.kubernetes.io/ncloud-load-balancer-enable-skip-acg-update | ACG update setting status. Select one of the following values: "true" , "false" | Default "false" |
service.beta.kubernetes.io/ncloud-load-balancer-sticky-session | Sticky Session setting status. Select one of the following values: "true" , "false" | Default "false" |
Public/private IP assignment method according to load balancer's subnet type
Load balancers use two types of subnets: Public Subnet and Private Subnet. Each type is required when creating a load balancer with a private or public IP assigned. When creating a load balancer, use the lbPublicSubnetNo configured by ncloud-config ConfigMap in the kube-system namespace or the Subnet ID in the lbSubnetNo field. This subnet ID can be specified to use a different subnet ID using the service.beta.kubernetes.io/ncloud-load-balancer-subnet-id
annotation when creating a load balancer.
1. Public Subnet (Internet Gateway only)
A public subnet is required to create a load balancer with an public IP assigned. Users may request a public IP from VPC > Public IP on the NAVER Cloud Platform console and assign it to a load balancer. If no public IP is specified, a new public IP will be applied.
2. Private Subnet
This subnet is required to create a load balancer in the private subnet assigned with a private IP within VPC.
Examples of instance property settings
For more detailed example of setting instance properties, see Examples of Load Balancer property settings.
Example of Network Proxy Load Balancer (NPLB) instance creation
An example of creating an NPLB instance connected to Kubernetes is as follows:
- Save the following code example as an nks-lb.yml file.
- You can see the annotation to create a private network proxy type load balancer instance in the following code example:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 1
selector:
matchLabels:
run: my-nginx
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: my-nginx
annotations:
service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nplb"
service.beta.kubernetes.io/ncloud-load-balancer-internal: "true"
service.beta.kubernetes.io/ncloud-load-balancer-size: "SMALL"
spec:
ports:
- port: 80
targetPort: 80
selector:
run: my-nginx
type: LoadBalancer
- Run the
kubectl apply -f nks-lb.yml
command to deploy.
Example of Network Load Balancer (NLB) instance creation
- Save the following code example as an nks-lb.yml file.
- You can see the annotation to create a private network proxy type load balancer instance in the following code example:
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 1
selector:
matchLabels:
run: my-nginx
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: my-nginx
annotations:
service.beta.kubernetes.io/ncloud-load-balancer-layer-type: "nlb"
service.beta.kubernetes.io/ncloud-load-balancer-internal: "true"
service.beta.kubernetes.io/ncloud-load-balancer-size: "SMALL"
spec:
ports:
- port: 80
targetPort: 80
selector:
run: my-nginx
type: LoadBalancer
- Run the
kubectl apply -f nks-lb.yml
command to deploy.
Check the external IP of a created load balancer instance
Run the command shown below to check the external IP of a created instance.
$ kubectl --kubeconfig $KUBE_CONFIG get svc example-service
The external IP of the instance is displayed in the EXTERNAL-IP column. The following is an example of viewing external IP using the command.
$ kubectl --kubeconfig $KUBE_CONFIG get svc example-service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
example-service LoadBalancer 172.16.101.104 10.39.10.118 8765:30365/TCP 2m11s
Delete instance
Delete the Kubernetes service which is created as LoadBalancer type to automatically delete the connected load balancer instance with it.
To check the Kubernetes service created as LoadBalancer type and delete it, follow these steps:
- Run the following command to check the created Kubernetes service.
- Each service's type can be seen in the result's TYPE column.
$ kubectl --kubeconfig $KUBE_CONFIG get service
- Run the following command to delete the LoadBalancer type service:
$ kubectl --kubeconfig $KUBE_CONFIG delete service my-nginx