Container Service for Kubernetes (ACK) allows you to use a Server Load Balancer (SLB)
instance to expose a Service. To access the Service from outside the cluster, you
can use the domain name of the SLB instance or the connection string <IP:Service port>
. To access the Service from within the cluster, you can use the connection string
<Service name:Service port>
. This topic describes how to use an existing SLB instance to expose an application.
An NGINX application is used as an example.
Prerequisites
Background information
By default, cloud controller manager (CCM) v1.9.3.59-ge3bc999-aliyun and later do
not automatically configure listeners for existing SLB instances. You can enable CCM
to configure listeners for an SLB instance by adding the annotation service.beta.kubernetes.io/alibaba-cloud-loadbalancer-force-override-listeners: "true"
. You can also manually configure listeners for an SLB instance.
- Use the ACK onsole: Log on to the ACK console and check the CCM version on the Add-ons page.
- Log on to the the ACK console.
- In the left-side navigation pane, click Clusters.
- On the Clusters page, find the cluster that you want to manage, and choose in the Actions column. On the Add-ons page, check the CCM version on the Core Components tab.
- Use kubectl: Run the following command to check the CCM version. This method applies only to
ACK dedicated clusters.
kubectl get pod -n kube-system -o yaml|grep image:|grep cloud-con|uniq
Considerations
- When you use an existing SLB instance to expose an application, take note of the following
limits:
- The SLB instance must be created in the SLB console. You cannot reuse SLB instances that are automatically created by CCM.
- To reuse an internal-facing SLB instance for a cluster, the SLB instance and the cluster must be deployed in the same virtual private cloud (VPC).
- The network type of the SLB instance must be consistent with the connection method
of the Service. If the Service is used for Internet access (
service.beta.kubernetes.io/alibaba-cloud-loadbalancer-address-type: "internet"
), the network type of the SLB instance must be Internet-facing. If the Service is used for internal access (service.beta.kubernetes.io/alibaba-cloud-loadbalancer-address-type: "intranet"
), the network type of the SLB instance must be internal-facing. - The SLB instance must listen on different Service ports if the SLB instance exposes more than one Service.
- CCM configures SLB instances only for Services that have
Type=LoadBalancer
configured. CCM does not configure SLB instances for other types of Services.Notice When a Service that hasType=LoadBalancer
configured is changed to another type of Service, CCM deletes the configurations that are added to the related SLB instance. As a result, you can no longer use the SLB instance to access the Service. - CCM uses a declarative API and automatically updates the configurations of an SLB
instance to match the configurations of the exposed Service when specific conditions
are met. If you set
service.beta.kubernetes.io/alibaba-cloud-loadbalancer-force-override-listeners:
totrue
, the SLB configurations that you update in the SLB console may be overwritten.Notice Do not modify the configurations of the SLB instance that is created and managed by CCM in the SLB console. Otherwise, the modifications may be overwritten and the Service may become inaccessible. - You cannot change the SLB instance that is associated to a LoadBalancer Service after the Service is created. To change the SLB instance, you must create a new Service.
SLB resource quotas
- CCM creates SLB instances for Services that have
Type=LoadBalancer
configured. By default, you can have at most 60 SLB instances within your Alibaba Cloud account. To increase the quota, Submit a ticket.Note In the ticket, specify that you want to modify theslb_quota_instances_num
parameter to increase the quota of SLB instances. - CCM automatically creates listeners that use Service ports for SLB instances. By default,
each SLB instance supports at most 50 listeners. To increase the quota, submit a ticket.
Note In the ticket, specify that you want to modify the
slb_quota_listeners_num
parameter to increase the quota of listeners for each SLB instance. - CCM automatically adds Elastic Compute Service (ECS) instances to the backend server
groups of an SLB instance based on the Service configurations.
- By default, an ECS instance can be added to at most 50 backend server groups. To increase
the quota, Submit a ticket.
Note In the ticket, specify that you want to modify the
slb_quota_backendserver_attached_num
parameter to increase the maximum number of backend server groups to which an ECS instance can be added. - By default, you can add at most 200 backend servers to an SLB instance. To increase
the quota, submit a ticket.
Note In the ticket, specify that you want to modify the
slb_quota_backendservers_num
parameter to increase the maximum number of backend servers that can be added to each SLB instance.
For more information about SLB limits, see Limits. For more information about how to query SLB resource quotas, see the Quota Management page in the SLB console.
- By default, an ECS instance can be added to at most 50 backend server groups. To increase
the quota, Submit a ticket.
Step 1: Deploy an application
The following section describes how to use the kubectl command-line tool to deploy an application. For more information about how to deploy an application in the ACK console, see Create a stateless application by using a Deployment.
Step 2: Use an existing SLB instance to expose the application
You can create a LoadBalancer Service in the ACK console or by using kubectl. After the Service is created, you can use the Service to expose the application.
Use the ACK console
Use kubectl