When you configure a Type=LoadBalancer Service, the cloud controller manager (CCM) of Alibaba Cloud Container Compute Service (ACS) automatically creates or configures a Server Load Balancer (SLB) for the Service. The CCM also automatically configures listeners and backend server groups for the SLB instance. This topic describes the considerations for configuring a LoadBalancer Service in an ACS cluster and the resource update policies of the CCM.
Policies used by the CCM to update SLB resources
ACS allows you to specify an existing SLB instance for a Service or use the CCM to automatically create an SLB instance. The two methods use different policies to update SLB resources. The following table describes the differences.
Resource object | Existing SLB instance | SLB instance created and managed by the CCM |
SLB | Use the following annotation to specify an existing SLB instance for a Service:
|
|
Listeners | Use the following annotation to configure listeners: service.beta.kubernetes.io/alibaba-cloud-loadbalancer-force-override-listeners:.
| CCM configures listeners for the SLB instance based on the Service configuration. |
Backend server groups | When the endpoints of a Service change or the cluster nodes change, the CCM automatically updates the vServer groups of the SLB instance created for the Service. In ACS clusters, the CCM can mount only pod IP addresses as backend servers to an SLB instance. | |
Precautions
Before you reuse an existing SLB instance, check whether the instance meets the following requirements
The SLB instance that you want to reuse is created in the SLB console. You cannot reuse an SLB instance that is created by the CCM.
To reuse an internal-facing SLB instance for a cluster, the SLB instance and the cluster must be deployed in the same virtual private cloud (VPC).
Considerations for using the CCM to configure an SLB instance
The CCM configures SLB instances only for
LoadBalancerServices.ImportantIf you change the of a Service from
Type=LoadBalancertoType!=LoadBalancer, the CCM automatically deletes the configurations related to the SLB instance created for Service. As a result, you cannot use the SLB instance to access the Service.When specific conditions are met, the CCM uses a declarative API to automatically update the configuration of an SLB instance based on the Service configuration. When
service.beta.kubernetes.io/alibaba-cloud-loadbalancer-force-override-listeners:is set totrue, your modifications made in the SLB console may be overwritten.ImportantIf the SLB instance is created and managed by the CCM, we recommend that you do not modify the configuration of the SLB instance in the SLB console. Otherwise, the CCM may overwrite the configuration and the Service may become unavailable.
Quotas
VPC
A node in a cluster is mapped to a route entry in a route table. By default, each route table for a VPC can contain up to 200 entries. If the number of nodes in a cluster exceeds 200, apply for a quota increase in the log on to the Quota Center console and submit an application
For more information about the limits and quotas related to VPC, see VPC quotas.
To query VPC resource quotas, go to the Quota Management page in the VPC console.
SLB
The CCM creates SLB instances for
LoadBalancerServices. By default, you can have at most 60 SLB instances within your Alibaba Cloud account. To create more SLB instances, apply for a quota increase in the log on to the Quota Center console and submit an application.The CCM automatically creates listeners that use Service ports for SLB instances. By default, each SLB instance supports at most 50 listeners. To increase the number of listeners supported by each SLB instance, apply for a quota increase in the log on to the Quota Center console and submit an application.
For more information about the limits on SLB, see Limits.
To query SLB resource quotas, go to the Quota Management page in the SLB console.