After an application is created in a Container Service for Kubernetes (ACK) cluster in Enterprise Distributed Application Service (EDAS), you can bind an Internet-facing or internal-facing Classic Load Balancer (CLB) instance to the application so that the application can be accessed over the Internet or a private network. This topic describes how to bind an Internet-facing or internal-facing CLB instance to an application in an ACK cluster.

Background information

To bind a CLB instance to an application, you must modify the configurations of listeners for the CLB instance in the EDAS console.

Important You cannot modify the configurations of the listeners and certificates in the Server Load Balancer (SLB) console. Otherwise, the modification may fail and the application may be inaccessible.

The differences in binding CLB instances to applications in ACK clusters and user-created Kubernetes clusters lie in the following aspects:

  • User-created Kubernetes cluster: You must purchase a new CLB instance for each application. Each application exclusively uses a CLB instance.
  • ACK cluster: You can purchase a new CLB instance for each application or use an existing CLB instance that is bound to other applications. If you purchase a new CLB instance for an application, the application exclusively uses the CLB instance.

Limits

  • You cannot use the ACK console, kubectl, or third-party tools to delete or modify the Service resources created by EDAS. These resources have the edas-domain:edas-admin label.
  • You cannot use the SLB console to delete or modify the CLB instances purchased by EDAS.
  • You cannot use the SLB console to delete or modify the listeners of the CLB instances used by EDAS.
  • You cannot use kubectl or the ACK console to modify external traffic policies for Services. Otherwise, the modification may fail and the application may be inaccessible.

Bind a new Internet-facing CLB instance

  1. Log on to the EDAS console. In the left-side navigation pane, choose Application Management > Applications. In the top navigation bar, select a region. In the upper part of the page, select a microservice namespace.Select Container Service or Serverless Kubernetes Cluster from the Cluster Type drop-down list and click the name of the application that you want to manage.
  2. On the Application Overview page, click the Plus icon icon next to SLB (Public Network) in the Access configuration section.
    Note If you have bound a CLB instance to your application, the IP address and port number of the CLB instance are displayed. You can click the Editicon to modify the configuration or click theicon to unbind the CLB instance from your application.
  3. In the SLB (Public Network) dialog box, set the parameters that are described in the following table and click OK.
    Parameter Description
    Select SLB You can select Create SLB or an existing SLB instance from the drop-down list.
    Scheduling Algorithm You can select RR or WRR.
    External Traffic Policy

    If you select Create SLB, tables appear below the External Traffic Policy parameter. The tables describe the status and descriptions of checks on SLB resources and the account balance, the specifications of Internet-facing SLB instances that you can choose, the quantity of the SLB instance to create, the billing method, the validity period for subscription SLB instances, and the pricing. You can click View Price to view the pricing of SLB.

    You can set the External Traffic Policy parameter to Local or Cluster.

    • Local: routes traffic only to pods on the node where the Service is deployed. If you set the External Traffic Policy parameter to Local, only the nodes on which the pods corresponding to the Service are deployed are added as the backend servers of the SLB instance. Traffic is not routed to the pods of other nodes in the cluster. Combined with the load balancing capabilities of the SLB instance, this policy provides good performance and can retain Layer-4 source IP addresses.
      Note If you set the External Traffic Policy parameter to Local, we recommend that you set the Scheduling Algorithm parameter to WRR. In a container cluster, Container Controller Manager (CCM) can adjust the weight of a node that is used as a backend server based on the number of pods deployed on the node. The weighted round-robin (WRR) algorithm can help obtain better load balancing performance.
    • Cluster: routes network traffic to pods on other nodes in the cluster.
      Note If you set the External Traffic Policy parameter to Cluster, all nodes of the cluster are added as the backend servers of the SLB instance. Access requests can be forwarded to a pod even if no pod is started on the accessed node. In this case, no Layer-4 source IP addresses can be retained.
    Existing listening information of the SLB instance This parameter is displayed only if you select an existing SLB instance from the Select SLB drop-down list. You can view the network protocol, the port number, and the container port number.
    TCP | HTTP
    • SLB Port(Application): the frontend port of the Internet-facing SLB instance. This port can be used to access the application. Valid values: 1 to 65535.
    • Container Port (Target Port): the port on which a process listens. This port is defined by the application. For example, a web application uses port 8080 by default.
    HTTPS protocol
    • HTTPS Port(Application): the frontend port of the Internet-facing SLB instance. This port can be used to access the application. Valid values: 1 to 65535.
    • SSL Certificate: the SSL certificate. You can select an uploaded SSL certificate from the drop-down list.
    • Container Port (Target Port): the port on which a process listens. This port is defined by the application. For example, a web application uses port 8080 by default.
    Note Multiple listeners are supported. You can click Add Listener to configure multiple listeners.
  4. If the number of access requests for your application exceeds the specifications of the existing SLB instance, repeat Step 2 to Step 3 to add SLB instances.
    Note The specification metrics of a CLB instance include the maximum connections, new connections per second, and queries per second. If the number of access requests for the application exceeds the value of a specification metric of the CLB instance, you can bind more CLB instances to share the traffic pressure.

Verify the results

In the address bar of your browser, enter <IP address of the SLB instance>:<Port number of the SLB instance>, such as 115.XX.XX.XX:80. Then, press the Enter key to go to the homepage of the corresponding application.

If the IP address and port number do not appear next to SLB (Public Network) on the Application Overview page, the binding failed. In this case, you can go to the Change Records page to view the change details, and troubleshoot the failure based on the change records.

Bind a new internal-facing CLB instance

  1. Log on to the EDAS console. In the left-side navigation pane, choose Application Management > Applications. In the top navigation bar, select a region. In the upper part of the page, select a microservice namespace.Select Container Service or Serverless Kubernetes Cluster from the Cluster Type drop-down list and click the name of the application that you want to manage.
  2. On the Application Overview page, click the Plus icon icon next to SLB (Private Network) in the Access configuration section.
    Note If you have bound a CLB instance to your application, the IP address and port number of the CLB instance are displayed. You can click the Editicon to modify the configuration or click theicon to unbind the CLB instance from your application.
  3. In the SLB (Private Network) dialog box, set the parameters that are described in the following table and click OK.
    Parameter Description
    Select SLB You can select Create SLB or an existing SLB instance from the drop-down list.
    Scheduling Algorithm You can select RR or WRR.
    External Traffic Policy

    If you select Create SLB, tables appear below the External Traffic Policy parameter. The tables describe the status and descriptions of checks on SLB resources and the account balance, the specifications of internal-facing SLB instances that you can choose, the quantity of the SLB instance to create, the billing method, the validity period for subscription SLB instances, and the pricing.

    You can set the External Traffic Policy parameter to Local or Cluster.

    • Local: routes traffic only to pods on the node where the Service is deployed. If you set the External Traffic Policy parameter to Local, only the nodes on which the pods corresponding to the Service are deployed are added as the backend servers of the SLB instance. Traffic is not routed to the pods of other nodes in the cluster. Combined with the load balancing capabilities of the SLB instance, this policy provides good performance and can retain Layer-4 source IP addresses.
      Note If you set the External Traffic Policy parameter to Local, we recommend that you set the Scheduling Algorithm parameter to WRR. In a container cluster, CCM can adjust the weight of a node that is used as a backend server based on the number of pods deployed on the node. The WRR algorithm can help obtain better load balancing performance.
    • Cluster: routes network traffic to pods on other nodes in the cluster.
      Note If you set the External Traffic Policy parameter to Cluster, all nodes of the cluster are added as the backend servers of the SLB instance. Access requests can be forwarded to a pod even if no pod is started on the accessed node. In this case, no Layer-4 source IP addresses can be retained.
    Existing listening information of the SLB instance This parameter is displayed only if you select an existing SLB instance from the Select SLB drop-down list. You can view the network protocol, the port number, and the container port number.
    TCP | HTTP
    • SLB Port(Application): the frontend port of the internal-facing SLB instance. This port can be used to access the application. Valid values: 1 to 65535.
    • Container Port (Target Port): the port on which a process listens. This port is defined by the application. For example, a web application uses port 8080 by default.
    HTTPS protocol
    • HTTPS Port(Application): the frontend port of the internal-facing SLB instance. This port can be used to access the application. Valid values: 1 to 65535.
    • SSL Certificate: the SSL certificate. You can select an uploaded SSL certificate from the drop-down list.
    • Container Port (Target Port): the port on which a process listens. This port is defined by the application. For example, a web application uses port 8080 by default.
    Note Multiple listeners are supported. You can click Add Listener to configure multiple listeners.
  4. If the number of access requests for your application exceeds the specifications of the existing SLB instance, repeat Step 2 to Step 3 to add SLB instances.
    Note The specification metrics of a CLB instance include the maximum connections, new connections per second, and queries per second. If the number of access requests for the application exceeds the value of a specification metric of the CLB instance, you can bind more CLB instances to share the traffic pressure.

Verify the results

In the address bar of your browser, enter <IP address of the SLB instance>:<Port number of the SLB instance>, such as 115.XX.XX.XX:80. Then, press the Enter key to go to the homepage of the corresponding application.

If the IP address and port number do not appear next to SLB (Public Network) on the Application Overview page, the binding failed. In this case, you can go to the Change Records page to view the change details, and troubleshoot the failure based on the change records.