An AlbConfig object is a CustomResourceDefinition (CRD) object that Container Service for Kubernetes (ACK) provides for the Application Load Balancer (ALB) Ingress controller. The ALB Ingress controller uses AlbConfig objects to configure ALB instances and listeners. This topic describes how to create and modify an AlbConfig object, and how to use an AlbConfig object to enable Log Service.

Background information

The ALB Ingress controller retrieves the changes to Ingresses from the API server and dynamically generates AlbConfig objects when Ingresses changes are detected. Then, the ALB Ingress controller performs the following operations in sequence: create ALB instances, configure listeners, create Ingress rules, and configure backend server groups. The Service, Ingress, and AlbConfig objects interact with each other in the following ways:

  • A Service is an abstraction of an application that is deployed in a group of replicated pods.
  • An Ingress contains reverse proxy rules. It controls to which Services HTTP or HTTPS requests are routed. For example, an Ingress routes requests to different Services based on the hosts and URLs in the requests.
  • An AlbConfig object is a CustomResourceDefinition (CRD) object that the ALB Ingress controller uses to configure ALB instances and listeners. An AlbConfig object corresponds to one ALB instance.
ALB Ingress

An AlbConfig object is used to configure an ALB instance. The ALB instance can be specified in forwarding rules of multiple Ingresses. Therefore, an AlbConfig object can be associated with multiple Ingresses.

Create an AlbConfig object

An AlbConfig object is used to configure an ALB instance. If you want to configure multiple ALB instances, you must create multiple AlbConfig objects. Perform the following steps to create an AlbConfig object:

  1. Create a file named alb-test.yaml and copy the following content into the file. The file is used to create an AlbConfig Object. 
    apiVersion: alibabacloud.com/v1
kind: AlbConfig
metadata:
  name: default
spec:
  config:
    name: alb-test
    addressType: Internet
    zoneMappings:
    - vSwitchId: vsw-uf6ccg2a9g71hx8go****
    - vSwitchId: vsw-uf6nun9tql5t8nh15****
    Parameter Description
    spec.config.name The name of the ALB instance. This parameter is optional.
    addressType The type of IP address that the ALB instance uses to provide services. This parameter is required. Valid values:
    • Internet: The ALB instance uses a public IP address. The domain name of the Ingress is resolved to the public IP address of the ALB instance. Therefore, the ALB instance is accessible over the Internet. This is the default value.
    • Intranet: The ALB instance uses a private IP address. The domain name of the Ingress is resolved to the private IP address of the ALB instance. Therefore, the ALB instance is accessible only within the virtual private cloud (VPC) where the ALB instance is deployed.
    zoneMappings The IDs of the vSwitches that are used by the ALB Ingress. You must specify at least two vSwitch IDs and the vSwitches must be deployed in different zones. This parameter is required. For more information about the regions and zones that are supported by ALB Ingresses, see Supported regions and zones.
  2. Run the following command to create an AlbConfig object: 
    kubectl apply -f alb-test.yaml
    Expected output:
    AlbConfig.alibabacloud.com/default created
  3. Run the following command to query the automatically created AlbConfig object: 
    kubectl -n kube-system get AlbConfig
    Expected output:
    NAME      AGE
default   87m
    The following content shows the configuration of the default AlbConfig object:
    apiVersion: alibabacloud.com/v1
kind: AlbConfig
metadata:
  name: default                      # The name of the AlbConfig object. 
spec:
  config:
    accessLogConfig:
      logProject: ""
      logStore: ""
    addressAllocatedMode: Dynamic
    addressType: Internet
    billingConfig:
      internetBandwidth: 0
      internetChargeType: ""
      payType: PostPay
    deletionProtectionEnabled: true
    edition: Standard
    forceOverride: false
    zoneMappings:
    - vSwitchId: vsw-wz92lvykqj1siwvif****        # A vSwitch that is specified for the AlbConfig object. You must specify two vSwitches. 
    - vSwitchId: vsw-wz9mnucx78c7i6iog****        # A vSwitch that is specified for the AlbConfig object. 
status:
  loadBalancer:
    dnsname: alb-s2em8fr9debkg5****.cn-shenzhen.alb.aliyuncs.com
    id: alb-s2em8fr9debkg5****

Associate an AlbConfig object with an Ingress

You can associate an AlbConfig object with an Ingress by using an IngressClass. To do this, you must first create an IngressClass.

  1. Create a file named alb.yaml and copy the following content to the file: 
    apiVersion: networking.k8s.io/v1beta1
kind: IngressClass
metadata:
  name: alb
spec:
  controller: ingress.k8s.alibabacloud/alb
  parameters:
    apiGroup: alibabacloud.com
    kind: AlbConfig
    name: default
    apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: alb
spec:
  controller: ingress.k8s.alibabacloud/alb
  parameters:
    apiGroup: alibabacloud.com
    kind: AlbConfig
    name: default

  2. Run the following command to create an IngressClass: 
    kubectl apply -f alb.yaml
    Expected output:
    ingressclass.networking.k8s.io/alb created
  3. To associate an AlbConfig object with an Ingress, specify the alb IngressClass in the ingressClassName field of the Ingress YAML template. 
    apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: cafe-ingress
spec:
  ingressClassName: alb
  rules:
  - http:
      paths:
      # Configure a context path. 
      - path: /tea
        backend:
          serviceName: tea-svc
          servicePort: 80
      # Configure a context path. 
      - path: /coffee
        backend:
          serviceName: coffee-svc
          servicePort: 80
    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: cafe-ingress 
spec:
  ingressClassName: alb
  rules:
  - http:
      paths:
      # Configure a context path. 
      - path: /tea
        pathType: ImplementationSpecific
        backend:
          service:
            name: tea-svc
            port:
              number: 80
      # Configure a context path. 
      - path: /coffee
        pathType: ImplementationSpecific
        backend:
          service:
            name: coffee-svc
            port: 
              number: 80

Change the name of an AlbConfig object

To change the name of an AlbConfig object, run the following command. The change is automatically applied after you save the modification. 
kubectl -n kube-system edit AlbConfig default
...
  spec:
    config:
      name: test   # The new name that you want to use. 
...

Change the vSwitches that are specified for an AlbConfig object

To change the vSwitches that are specified for an AlbConfig object, run the following command. The change is automatically applied after you save the modification. 
kubectl -n kube-system edit AlbConfig default
...
  zoneMappings:
    - vSwitchId: vsw-wz92lvykqj1siwvif****
    - vSwitchId: vsw-wz9mnucx78c7i6iog****
...

Enable Log Service for log collection

If you want to collect the access logs of ALB Ingresses, set the logProject and logStore parameters in the AlbConfig configuration. 

apiVersion: alibabacloud.com/v1
kind: AlbConfig
metadata:
  name: default
spec:
  config:
    accessLogConfig:
      logProject: "k8s-log-xz92lvykqj1siwvif****"
      logStore: "alb_****"
    ...
Note Set logStore to a value that starts with alb_. If the specified Logstore does not exist, the system automatically creates one with the specified name.

After you save the modification to the AlbConfig configuration, you can go to the Log Service console and view the collected log in the specified Logstore.

Reuse an existing ALB instance

If you want to reuse an existing ALB instance, specify the ID of the ALB instance in the AlbConfig configuration. 
apiVersion: alibabacloud.com/v1
kind: AlbConfig
metadata:
  name: reuse-alb
spec:
  config:
    id: ****
    forceOverride: false   # Specify whether to overwrite the existing listeners. If you set the value to true, the existing listeners are overwritten. If you set the value to false, the existing listeners are not overwritten.

Use multiple ALB instances

If you want to use multiple ALB instances, specify multiple IngressClasses in the spec.ingressClassName field of the Ingress configuration.

  1. Create a file named alb-demo2.yaml and copy the following content to the file: 
    apiVersion: alibabacloud.com/v1
kind: AlbConfig
metadata:
  name: demo
spec:
  config:
    name: alb-demo2        # The name of an ALB instance. 
    addressType: Internet  # The ALB instance has a public IP address. 
    zoneMappings:
    - vSwitchId: vsw-uf6ccg2a9g71hx8go****
    - vSwitchId: vsw-uf6nun9tql5t8nh15****
  2. Run the following command to create an AlbConfig object: 
    kubectl apply -f alb-demo2.yaml
    Expected output:
    AlbConfig.alibabacloud.com/demo created
  3. Create a file named alb.yaml and copy the following content to the file: 
    apiVersion: networking.k8s.io/v1beta1
kind: IngressClass
metadata:
  name: alb-demo2
spec:
  controller: ingress.k8s.alibabacloud/alb
  parameters:
    apiGroup: alibabacloud.com
    kind: AlbConfig
    name: demo
    apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: alb-demo2
spec:
  controller: ingress.k8s.alibabacloud/alb
  parameters:
    apiGroup: alibabacloud.com
    kind: AlbConfig
    name: demo
  4. Run the following command to create an IngressClass: 
    kubectl apply -f alb.yaml
    Expected output:
    ingressclass.networking.k8s.io/alb-demo2 created
  5. Specify multiple ALB instances in the ingressClassName field of the Ingress YAML template. 
    apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: demo
  namespace: default
spec:
  ingressClassName: alb-demo2
  rules:
    - host: ""
      http:
        paths:
          - backend:
              serviceName: demo-service
              servicePort: 80
            path: /hello
            pathType: ImplementationSpecific
    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: demo
  namespace: default
spec:
  ingressClassName: alb-demo2
  rules:
    - host: ""
      http:
        paths:
          - backend:
             service:
              name: demo-service
              port:
                number: 80
            path: /hello
            pathType: ImplementationSpecific

Delete an ALB instance

An AlbConfig object is used to configure an ALB instance. Therefore, you can delete an ALB instance by deleting the corresponding AlbConfig object. Before you can delete an AlbConfig object, you must delete all Ingresses that are associated with the AlbConfig object. 

kubectl -n kube-system delete AlbConfig default

Replace default with the name of the AlbConfig object that you want to delete.