All Products
Search
Document Center

Container Service for Kubernetes:Use LoadBalancer Services to expose applications in ACK Edge clusters

Last Updated:Dec 25, 2024

In Kubernetes, Services are used to expose application pods in order to decouple the front end from the back end. This allows you to use a loosely coupled microservices design. Services are classified into ClusterIP, NodePort, and LoadBalancer Services. This topic describes how to use LoadBalancer Services to expose applications in ACK Edge clusters.

Background information

Kubernetes clusters support all types of Services. The following topics describe how to configure a LoadBalancer Service:

On-cloud applications that use LoadBalancer Services

If your pods are deployed on Elastic Compute Service (ECS) instances in a virtual private cloud (VPC), you can use LoadBalancer Services to expose your applications. The on-cloud control plane automatically manages Classic Load Balancer (CLB) listeners and backend servers for your pods. Requests are evenly distributed to backend pods by using CLB.

image

ENS applications that use LoadBalancer Services

If your pods are deployed on a server at the edge, you can use the forwarding feature of on-cloud ECS to forward requests to the pods at the edge.

Important

You must perform the following operations in advance:

  • Connect an on-cloud VPC and an edge data center by using Express Connect circuits.

  • Set the external traffic policy of the LoadBalancer Service to Cluster. For more information about external traffic policies, see External traffic policies.

  • Traffic load balancing cannot be implemented without the network forwarding capability of an ECS instance.

image

Use NLB to expose applications in on-cloud node pools or edge node pools (Recommended)

If pods are deployed in an on-cloud or on-premises data center, you can use Network Load Balancer (NLB) to expose applications. The prerequisites are as follows:

  • The on-cloud and edge node pools are connected by using Express Connect circuits.

  • Terway Edge is used as the network plug-in.

The following table describes the annotations that you must add to the NLB Service to ensure that the pod is used as the backend server of the NLB instance.

Annotation

Description

service.beta.kubernetes.io/backend-type: "eni"

Add pods to NLB instances as backend servers.

service.beta.kubernetes.io/alibaba-cloud-loadbalancer-server-group-type: "Ip"

Set the type of the backend server group to IP.

image

External traffic policies

You can configure the external traffic policy of a LoadBalancer or NodePort Service by using the externalTrafficPolicy parameter. The external traffic policy specifies how external requests are routed to backend pods. The external traffic policy contains the Local and Cluster policies.

Note

The traffic policy takes effect for Terway Edge and Flannel Virtual Extensible Local Area Network (VXLAN) plug-ins.

  • Local: Traffic is routed only to pods on the node to which the requests are sent.

  • Cluster: Traffic can be routed to pods on other nodes in the cluster.

image

Item

Local

Cluster

Backend servers

Only the nodes on which the backend pods are deployed are added to SLB instances as backend servers.

All nodes in the cluster are added to SLB instances as backend servers.

SLB resource quotas

This policy consumes a small amount of SLB resources and does not require high SLB resource quotas. For more information about SLB resource quotas, see Quotas.

This policy requires high SLB resource quotas because all nodes in the cluster are added to SLB instances as backend servers. For more information about SLB resource quotas, see Quotas.

Access to the IP address of an SLB instance

Only the nodes on which the backend pods are deployed can access the IP address of an SLB instance.

All nodes in the cluster can access the IP address of an SLB instance.

Load balancing among pods

By default, load balancing among pods is disabled.

To enable load balancing among pods, set the scheduling algorithm to weighted round-robin (WRR) by adding the service.beta.kubernetes.io/alibaba-cloud-loadbalancer-scheduler:"wrr" annotation to the Service YAML file.

By default, load balancing among pods is enabled.

Source IP preservation

Supported

Not supported

Session persistence

Supported

Not supported

Use scenarios

Applications that need to preserve client IP addresses, such as applications that need to record client IP addresses in logs.

Applications that require high availability but do not need to preserve client IP addresses, such as large web application clusters.

References

For more information about how to use Edge Load Balancer (ELB) instances to expose Services deployed in Edge Node Service (ENS) node pools, see Use ELB instances to expose Services in multiple regions.