All Products
Search
Document Center

Enterprise Distributed Application Service:Bind CLB instances

Last Updated:Nov 15, 2023

After an application is created in a Container Service for Kubernetes (ACK) cluster in Enterprise Distributed Application Service (EDAS), you can bind an Internet-facing or internal-facing Classic Load Balancer (CLB) instance to the application so that the application can be accessed over the Internet or a private network. This topic describes how to bind an Internet-facing or internal-facing CLB instance to an application in an ACK cluster.

Background information

To bind a CLB instance to an application, you must modify the configurations of listeners for the CLB instance in the EDAS console.

Important

You cannot modify the configurations of the listeners and certificates in the Server Load Balancer (SLB) console. Otherwise, the modification may fail and the application may be inaccessible.

The differences in binding CLB instances to applications in ACK clusters and self-managed Kubernetes clusters lie in the following aspects:

  • Self-managed Kubernetes cluster: To bind a CLB instance to an application, you must purchase a new CLB instance. Each application has a dedicated CLB instance.

  • ACK cluster: You can purchase a new CLB instance for each application or use an existing CLB instance that is bound to other applications. If you purchase a new CLB instance for an application, the application exclusively uses the CLB instance.

Limits

Take note of the following limits if you want to bind a CLB instance to an application in a self-managed Kubernetes cluster or an ACK cluster. If you do not comply with the limits, the modification may fail and the application may be inaccessible.

  • You cannot use the ACK console, kubectl, or third-party tools to delete or modify the Service resources created by EDAS. These resources have the edas-domain:edas-admin label.

  • You cannot use the SLB console to delete or modify the CLB instances purchased by EDAS.

  • You cannot use the SLB console to delete or modify the listeners of the CLB instances used by EDAS.

  • You cannot use kubectl or the ACK console to modify external traffic policies for Services.

Bind a new Internet-facing CLB instance

  1. Log on to the Enterprise Distributed Application Service (EDAS) console. In the left-side navigation pane, choose Application Management > Applications. In the top navigation bar, select a region. In the upper part of the page, select a microservice namespace. Select Kubernetes Cluster from the Cluster Type drop-down list and click the name of the application that you want to manage.

  2. On the Application Overview page, click the 加号 icon next to SLB (Public Network) in the Access configuration section.

    Note

    If you have bound a CLB instance to your application, the IP address and port number of the CLB instance are displayed. You can click the 编辑 icon to modify the configurators, or click the image.png icon to unbind the CLB instance from your application.

  3. In the Load balancing (public network) dialog box, configure the parameters that are described in the following table and click OK.

    Parameter

    Description

    Select SLB

    The SLB instance that you want to bind. You can select Create SLB or an existing SLB instance from the drop-down list.

    Scheduling Algorithm

    The algorithm that is used for scheduling. Valid values: RR and WRR.

    External Traffic Policy

    If you select Create SLB, tables appear below the External Traffic Policy parameter. The tables describe the status and descriptions of checks on SLB resources and the account balance, the specifications of Internet-facing SLB instances that you can choose, the quantity of the SLB instance to create, the billing method, the validity period for subscription SLB instances, and the pricing. You can click View Price to view the pricing of SLB.

    Valid values: Local and Cluster.

    • Local: routes traffic only to pods on the node in which the Service is deployed. If you set the External Traffic Policy parameter to Local, only the nodes on which the pods corresponding to the Service are deployed are added as the backend servers of the SLB instance. Traffic is not routed to the pods of other nodes in the cluster. Combined with the load balancing capabilities of the SLB instance, this policy provides good performance and can retain Layer-4 source IP addresses.

      Note

      If you set the External Traffic Policy parameter to Local, we recommend that you set the Scheduling Algorithm parameter to WRR. In a container cluster, Container Controller Manager (CCM) can adjust the weight of a node that is used as a backend server based on the number of pods deployed on the node. The weighted round-robin (WRR) algorithm can help obtain better load balancing performance.

    • Cluster: routes network traffic to pods on other nodes in the cluster.

      Note

      If you set the External Traffic Policy parameter to Cluster, all nodes of the cluster are added as the backend servers of the SLB instance. Access requests can be forwarded to a pod even if no pod is started on the accessed node. In this case, no Layer-4 source IP addresses can be retained.

    Existing listening information of the SLB instance

    This parameter is displayed only if you select an existing SLB instance from the Select SLB drop-down list. You can view the network protocol, port number, and container port number.

    TCP | HTTP

    • SLB Port (Application): the frontend port of the Internet-facing SLB instance. This port can be used to access the application. Valid values: 1 to 65535.

    • Container Port (Target Port): the port on which a process listens. This port is defined by the application. For example, the default port of a web application is 8080.

    UDP

    • SLB Port (Application): the frontend port of the Internet-facing SLB instance. This port can be used to access the application. Valid values: 1 to 65535.

    • Container Port (Target Port): the port on which a process listens. This port is defined by the application.

    HTTPS protocol

    • HTTPS Port (Application): the frontend port of the Internet-facing SLB instance. This port can be used to access the application. Valid values: 1 to 65535.

    • SSL Certificate: the SSL certificate. You can select an uploaded SSL certificate from the drop-down list.

    • Container Port (Target Port): the port on which a process listens. This port is defined by the application. For example, the default port of a web application is 8080.

    Note

    Multiple listeners are supported. You can click Add Listener to configure multiple listeners.

  4. If the number of access requests for your application exceeds the specifications of the existing SLB instance, repeat Step 2 to Step 3 to add SLB instances.

    Note

    The specification metrics of a CLB instance include the maximum connections, new connections per second, and queries per second. If the number of access requests for the application is larger than expected, you can bind more CLB instances to share the traffic pressure.

Check the result

In the address bar of your browser, enter <IP address of the CLB instance>:<Port number of the CLB instance>, such as 115.xx.xx.xx:80. Then, press the Enter key to go to the homepage of the desired application.

If the IP address and port number do not appear next to SLB (Public Network) on the Application Overview page, the binding failed. In this case, you can go to the Change Records page to view the change details, and troubleshoot the issue based on the change records.

Bind a new internal-facing CLB instance

  1. Log on to the Enterprise Distributed Application Service (EDAS) console. In the left-side navigation pane, choose Application Management > Applications. In the top navigation bar, select a region. In the upper part of the page, select a microservice namespace. Select Kubernetes Cluster from the Cluster Type drop-down list and click the name of the application that you want to manage.

  2. On the Application Overview page, click the 加号 icon next to SLB (Private Network) in the Access configuration section.

    Note

    If you have bound a CLB instance to your application, the IP address and port number of the CLB instance are displayed. You can click the 编辑 icon to modify the configurators, or click the image.png icon to unbind the CLB instance from your application.

  3. In the SLB (Private Network) dialog box, configure the parameters that are described in the following table and click OK.

    Parameter

    Description

    Select SLB

    The SLB instance that you want to bind. You can select Create SLB or an existing SLB instance from the drop-down list.

    Scheduling Algorithm

    The algorithm that is used for scheduling. Valid values: RR and WRR.

    External Traffic Policy

    If you select Create SLB, tables appear below the External Traffic Policy parameter. The tables describe the status and descriptions of checks on SLB resources and the account balance, the specifications of internal-facing SLB instances that you can choose, the quantity of the SLB instance to create, the billing method, the validity period for subscription SLB instances, and the pricing.

    Valid values: Local and Cluster.

    • Local: routes traffic only to pods on the node in which the Service is deployed. If you set the External Traffic Policy parameter to Local, only the nodes on which the pods corresponding to the Service are deployed are added as the backend servers of the SLB instance. Traffic is not routed to the pods of other nodes in the cluster. Combined with the load balancing capabilities of the SLB instance, this policy provides good performance and can retain Layer-4 source IP addresses.

      Note

      If you set the External Traffic Policy parameter to Local, we recommend that you set the Scheduling Algorithm parameter to WRR. In a container cluster, CCM can adjust the weight of a node that is used as a backend server based on the number of pods deployed on the node. The WRR algorithm can help obtain better load balancing performance.

    • Cluster: routes network traffic to pods on other nodes in the cluster.

      Note

      If you set the External Traffic Policy parameter to Cluster, all nodes of the cluster are added as the backend servers of the SLB instance. Access requests can be forwarded to a pod even if no pod is started on the accessed node. In this case, no Layer-4 source IP addresses can be retained.

    Existing listening information of the SLB instance

    This parameter is displayed only if you select an existing SLB instance from the Select SLB drop-down list. You can view the network protocol, port number, and container port number.

    TCP | HTTP

    • SLB Port (Application): the frontend port of the internal-facing SLB instance. This port can be used to access the application. Valid values: 1 to 65535.

    • Container Port (Target Port): the port on which a process listens. This port is defined by the application. For example, the default port of a web application is 8080.

    HTTPS protocol

    • HTTPS Port (Application): the frontend port of the internal-facing SLB instance. This port can be used to access the application. Valid values: 1 to 65535.

    • SSL Certificate: the SSL certificate. You can select an uploaded SSL certificate from the drop-down list.

    • Container Port (Target Port): the port on which a process listens. This port is defined by the application. For example, the default port of a web application is 8080.

    Note

    Multiple listeners are supported. You can click Add Listener to configure multiple listeners.

  4. If the number of access requests for your application exceeds the specifications of the existing SLB instance, repeat Step 2 to Step 3 to add SLB instances.

    Note

    The specification metrics of a CLB instance include the maximum connections, new connections per second, and queries per second. If the number of access requests for the application is larger than expected, you can bind more CLB instances to share the traffic pressure.

Check the result

In the address bar of your browser, enter <IP address of the CLB instance>:<Port number of the CLB instance>, such as 115.xx.xx.xx:80. Then, press the Enter key to go to the homepage of the desired application.

If the IP address and port number do not appear next to SLB (Public Network) on the Application Overview page, the binding failed. In this case, you can go to the Change Records page to view the change details, and troubleshoot the issue based on the change records.