Q: What are the scenarios of custom Server Load Balancer?

A: The custom Server Load Balancer can be used in the following scenarios:

  • In Layer-7 protocol Server Load Balancer, a route is customized for each service. Services of non-container clusters access the services of containers in container clusters when a traditional architecture is migrated to a container architecture.
  • In Layer-4 protocol Server Load Balancer, a route is customized for each service. Services of non-container clusters access the services of containers in container clusters when a traditional architecture is migrated to a container architecture.
  • Intranet Server Load Balancer instances are used for communication in Container Service.

Q: How to use custom Server Load Balancer?

A: See Server Load Balancer routing.

Q: How to use the labels of custom Server Load Balancer?

A: See lb in the service orchestration document Label description.

Q: How to configure ECS to support Server Load Balancer?

A: In principle, no special configuration is required for the Elastic Compute Service (ECS) instances added to the Server Load Balancer instance backend. For the ECS instances on Linux that associate with the Layer-4 protocol (TCP) Server Load Balancer, if you cannot access them normally, make sure that the values of the following three parameters in the system configuration file /etc/sysctl.conf are zero:

net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0

If the ECS instances deployed in the same intranet segment cannot communicate with each other, check whether or not the following parameters are set correctly:

net.ipv4.conf.default.arp_announce =2
net.ipv4.conf.all.arp_announce =2

Run the sysctl -p command to update the parameter settings.

Q: What are the benefits of custom Server Load Balancer?

A: The custom Server Load Balancer can automatically remove routes of the backend containers that are not running when you are updating the service configurations, and when the container is stopped or fails to be deployed. You must maintain the other settings of Server Load Balancer.

Q: What are the limits for custom Server Load Balancer?

A: Currently, the limits for custom Server Load Balancer are as follows:

  • Create a Server Load Balancer instance, name it, and create the corresponding listening port. Then, provide the Server Load Balancer instance name $slb_name or $slb_id, the port to be exposed, the used protocol $scheme (possible values include tcp, http, https, and udp), the mapped container port $container_port by using extension labels, and specify the frontend port $front_port of the Server Load Balancer instance.
  • You must specify the host:container port mapping of the service port to be exposed and then use the standard Dockerfile label ports to specify the port mapping. You must specify the host port and this port cannot conflict with the host ports mapped by other services. Server Load Balancer uses the host port to bind the backend ECS instance.
  • A service can only use one or more Server Load Balancer instances to expose the service port. Services cannot share the same Server Load Balancer instance because they are distributed in different ECS instance backends.
  • The host that has the service with Server Load Balancer NAT mapping deployed uses the same host:container port mapping. Therefore, these services only have one instance on each ECS instance.
  • The supported Server Load Balancer protocol $scheme includes tcp, http, https, and udp.
  • Create a listening port on your own in the Alibaba Cloud Server Load Balancer console.
  • Log on to the Server Load Balancer console to modify the configurations for the Server Load Balancer instance used in Container Service, such as bandwidth limitation, on your own.
  • The value of the lb label is that the backend is bound automatically after you configure the corresponding labels, without binding the backend ECS instance of Server Load Balancer by yourself. Therefore, except for binding the Server Load Balancer backend, set and modify the Server Load Balancer instances on your own in the Alibaba Cloud Server Load Balancer console.
  • Container Service helps you generate a Resource Access Management (RAM) user (you must activate RAM). This account has some Server Load Balancer permissions, but does not have the permission to create or delete Server Load Balancer instances. Use this account to help you manage the Server Load Balancer instances used in Container Service, for example, binding some nodes in the cluster as the service backend.