This topic describes how to use an existing Server Load Balancer (SLB) instance with an Ingress to set up forwarding. You can use an annotation to specify an SLB instance by ID when you create an Ingress.

Prerequisites

  • A serverless Kubernetes (ASK) cluster is created. You must configure a network address translation (NAT) gateway for the virtual private cloud (VPC) where the cluster is created so that the cluster can download container images from the Internet. For more information, see Create an ASK cluster.
  • The kubectl client is connected to the ASK cluster. For more information, see Use kubectl to connect to an ASK cluster.
  • A high-performance SLB instance is created in the virtual private cloud (VPC) where your serverless Kubernetes (ASK) cluster is deployed. High-performance SLB instances support elastic network interfaces (ENIs).
    • If you have an SLB instance in the VPC where your ASK cluster is deployed, you can log on to the SLB console and obtain the ID of the SLB instance on the Instances page.
    • If you have no SLB instance, you must create a high-performance SLB instance in the VPC where your ASK cluster is deployed. For example, you can create a high-performance SLB instance of the slb.s2.small instance type. The SLB instance can be internal-facing or Internet-facing. For more information, see Create and manage a CLB instance.
    • In this example, an Internet-facing SLB instance is used.

Procedure

Note The Ingress controller automatically opens port 80 and 443 on the SLB instance. Make sure that port 80 and 443 are not used by other services.

Step 1: Deploy an application

  1. Create a tomcat-service.yml file and copy the following code to the file, Then, run the kubectl apply -f tomcat-service.yml command to deploy a tomcat application for testing:
    apiVersion: apps/v1 
    kind: Deployment
    metadata:
      name: tomcat
    spec:
      replicas: 1
      selector:
        matchLabels:
          run: tomcat
      template:
        metadata:
          labels:
            run: tomcat
        spec:
          containers:
          - image: tomcat:7.0
            imagePullPolicy: Always
            name: tomcat
            ports:
            - containerPort: 8080
              protocol: TCP
          restartPolicy: Always
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: tomcat
    spec:
      ports:
      - port: 8080
        protocol: TCP
        targetPort: 8080
      selector:
        run: tomcat
      clusterIP: None

    Expected output:

    deployment "tomcat" created
    service "tomcat" created
  2. Run the following command to query the status of the application:
    kubectl get svc,deploy tomcat

    Expected output:

    NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)    AGE
    svc/tomcat   ClusterIP   <none>       <none>        8080/TCP   1m
    
    NAME            DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
    deploy/tomcat   1         1         1            1           1m

Step 2: Create an Ingress

  1. Create a tomcat-ingress.yml file and copy the following code to the file. Then, run the kubectl apply -f tomcat-ingress.yml command to create an Ingress:
    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: tomcat-ingress
      annotations:
        # Specify the ID of the existing SLB instance that you want to use. 
        service.beta.kubernetes.io/alicloud-loadbalancer-id: lb-xxxxxxxxxx            ##Replace lb-xxxxxxxxxx with the ID of your SLB instance. 
        service.beta.kubernetes.io/alicloud-loadbalancer-force-override-listeners: "true"
        The ID of the certificate that you want to use. 
        service.beta.kubernetes.io/alicloud-loadbalancer-cert-id: "624f2e60-62b6-11ea-95a3-2af160c0****"   
    spec:
      ingressClassName: slb
      rules:
      # Configure a Layer 7 domain name. 
      - host: bar.foo.com
        http:
          paths:
          # Configure a context path. 
          - path: /
            backend:
              service:
                name: tomcat
                port:
                  number: 8080
            pathType: ImplementationSpecific

    Expected output:

    ingress "tomcat-ingress" created
  2. Run the following command to obtain the IP address of the SLB instance:
    kubectl get ing tomcat-ingress

    Expected output:

    NAME             HOSTS         ADDRESS        PORTS     AGE
    tomcat-ingress   bar.foo.com   47.168.XX.XX   80, 443   1m

Step 3: Access the application

Note You must resolve the domain name to the IP address of the SLB instance.
In this example, the following DNS rule is created for the domain name to enable access to the test application. We recommend that you apply for an Internet Content Provider (ICP) number for the domain name if the domain name is used in the production environment.
47.168.XX.XX    bar.foo.com
  • Access the tomcat application by using a browser. S10
  • Access the tomcat application by using the CLI.
    curl -k -H "Host: bar.foo.com" https://47.168.XX.XX