All Products
Document Center

Container Service for Kubernetes:Use an automatically created SLB instance to expose an application

Last Updated:Nov 27, 2023

When no Server Load Balancer (SLB) instance is available, you can use cloud controller manager (CCM) to automatically create an SLB instance for a LoadBalancer Service and then use CCM to manage the SLB instance. This topic describes how to use an automatically created SLB instance to expose an application. An NGINX application is used as an example.


  • The CCM configures SLB instances only for Services that have Type=LoadBalancer configured. The CCM does not configure SLB instances for other types of Services
    Important When a Service that has Type=LoadBalancer configured is changed to another type of Service, the CCM deletes the configurations that are added to the related SLB instance. As a result, you can no longer use the SLB instance to access the Service.
  • CCM uses a declarative API. CCM automatically updates the configurations of an SLB instance to match the configurations of the exposed Service when specific conditions are met. If you modify the configurations of an SLB instance in the SLB console, CCM may overwrite the changes.
    Important Do not use the SLB console to modify the configurations of the SLB instance that is created and managed by CCM. Otherwise, the modifications may be overwritten and the Service may become inaccessible.
  • You cannot change the SLB instance of a LoadBalancer Service after the Service is created. To change the SLB instance, you must create a new Service.

SLB resource quotas

  • The CCM creates SLB instances for Services that have Type=LoadBalancer configured. By default, you can have at most 60 SLB instances within your Alibaba Cloud account. To create more SLB instances, apply for a quota increase in Go to the Quota Center page to submit a ticket.

  • The CCM automatically adds Elastic Compute Service (ECS) instances to the backend server groups of an SLB instance based on the Service configurations.

  • The CCM automatically creates listeners that use Service ports for SLB instances. By default, each SLB instance supports at most 50 listeners. To increase the number of listeners supported by each SLB instance, apply for a quota increase in Go to the Quota Center page to submit a ticket.

  • For more information about SLB resource quotas, see Limits.

    To query the SLB resource quotas, go to the Quota Management page in the SLB console.

Step 1: Deploy an application

The following section describes how to use the kubectl command-line tool to deploy an application. For more information about how to deploy an application in the ACK console, see Create a stateless application by using a Deployment.

  1. Create a my-nginx.yaml file with the following YAML template:
    apiVersion: apps/v1 # for versions before 1.8.0 use apps/v1beta1
    kind: Deployment
      name: my-nginx    # The name of the application. 
        app: nginx
      replicas: 3       # The number of replicated pods. 
          app: nginx     # You must specify the same value in the selector of the Service that is used to expose the application. 
            app: nginx
        #  nodeSelector:
        #    env: test-team
          - name: nginx
            image:     # Replace the value with the image address that you want to use. Format: <image_name:tags>. 
            - containerPort: 80               # The port that you want to expose in the Service. 
  2. Run the following command to deploy the my-nginx application:
    kubectl apply -f my-nginx.yaml
  3. Run the following command to query the status of the application:
    kubectl get deployment my-nginx

    Expected output:

    my-nginx   3/3     3            3           50s

Step 2: Use an automatically created SLB instance to expose an application

You can use the Container Service for Kubernetes (ACK) console or kubectl to create a LoadBalancer Service. After the Service is created, you use the Service to expose the application.

Use the ACK console

  1. Log on to the ACK console.

  2. In the left-side navigation pane of the ACK console, click Clusters.

  3. On the Clusters page, find the cluster that you want to manage and click the name of the cluster or click Details in the Actions column. The details page of the cluster appears.

  4. In the left-side navigation pane of the details page, choose Network > Services

  5. On the Services page, click Create in the upper-right corner of the page.
  6. In the Create Service dialog box, set the required parameters.
    Enter a name for the Service.
    TypeSelect the type of the Service. This parameter determines how the Service is accessed. Choose Server Load Balancer -> Public Access -> Create SLB Instance and click Modify to select a specification for the SLB instance. The default specification Small I (slb.s1.small) is used in this example.
    Select the backend application that you want to associate with the Service. If you do not associate the Service with a backend application, no Endpoint object is created. You can manually associate the Service with a backend application. For more information, see services-without-selectors.
    External Traffic Policy
    Select a policy to distribute external traffic.
    • Local: routes traffic only to pods on the node where the Service is deployed.
    • Cluster: the network traffic can be routed to pods on other nodes in the cluster.
    Note The External Traffic Policy parameter is available only if you set Type to Node Port or Server Load Balancer.
    Port Mapping
    Specify a Service port and a container port. The Service port corresponds to the port field in the YAML file and the container port corresponds to the targetPort field in the YAML file. The container port must be the same as the one that is exposed in the backend pod.
    Add one or more annotations to the Service to modify the configuration of the SLB instance. You can select Custom Annotation or Alibaba Cloud Annotation from the Type drop-down list. For more information, see Add annotations to the YAML file of a Service to configure CLB instances.
    Add one or more labels to the Service. Labels are used to identify the Service.
  7. Click Create.
    On the Services page, you can view the created Service. endpoint
  8. Click 39.106.XX.XX:80 in the External Endpoint column to access the sample application.

Use kubectl

  1. Use the following YAML template to create a my-nginx-svc.yaml file.
    To associate the Service with the backend application, set selector to the value of matchLabels in the my-nginx.yaml file. The value is app: nginx in this example.
    apiVersion: v1
    kind: Service
        app: nginx
      name: my-nginx-svc
      namespace: default
      - port: 80
        protocol: TCP
        targetPort: 80
        app: nginx
      type: LoadBalancer
  2. Run the following command to create a Service named my-nginx-svc and use the Service to expose the application:
    kubectl apply -f my-nginx-svc.yaml
  3. Run the following command to check whether the LoadBalancer Service is created:
    kubectl get svc my-nginx-svc

    Expected output:

    NAME           TYPE           CLUSTER-IP    EXTERNAL-IP      PORT(S)        AGE
    my-nginx-svc   LoadBalancer   39.106.XX.XX     80:30471/TCP   5m
  4. Run the curl <YOUR-External-IP> command to access the application. Replace YOUR-External-IP with the IP address displayed in the EXTERNAL-IP column in the preceding output.
    curl 39.106.XX.XX

    Expected output:

    <!DOCTYPE html>
    <title>Welcome to nginx!</title>
        body {
            width: 35em;
            margin: 0 auto;
            font-family: Tahoma, Verdana, Arial, sans-serif;
    <h1>Welcome to nginx!</h1>
    <p>If you see this page, the nginx web server is successfully installed and
    working. Further configuration is required.</p>
    <p>For online documentation and support please refer to
    <a href=""></a>.<br/>
    Commercial support is available at
    <a href=""></a>.</p>
    <p><em>Thank you for using nginx.</em></p>