Alibaba Cloud Provider Overview-Alibaba Cloud Developer Community

from: Alibaba Cloud container service ACK 2018-08-17 7885

introduction: introduction to Alibaba Cloud Provider CloudProvider provides the ability to connect kubernetes with cloud vendor basic services, which is implemented by the Cloud-controller-manager component. Pass this component, can let users create k8s LoadBalancer type of service when automatic for user.
+ Follow to continue viewing

Alibaba Cloud Provider Profile

CloudProvider provides the ability to connect kubernetes with cloud vendor basic services cloud-controller-manager component implementation .

This component allows you to automatically create an Alibaba Cloud SLB instance when creating a k8s LoadBalancer service, and dynamically bind and unbind the SLB backend, and provides a variety of configurations to allow users to customize the generated LoadBalancer.

See ReleaseNotes.

Basic usage cloudprovider uses the annotation on the service to control the behavior when creating a service of Type: LoadBalancer. An example of a basic annotation is as follows: 

apiVersion: v1
kind: Service
metadata:
  annotations:
    # 这里填写相应的annotation, 用例
    service.beta.kubernetes.io/alicloud-loadbalancer-id: lb-bp1hfycf39bbeb019pg7m
  name: nginx
  namespace: default
spec:
  ports:
  - name: web
    port: 443
    protocol: TCP
    targetPort: 443
  type: LoadBalancer

>> note:

  • if the cloud-controller-manager version of your cluster is later than or equal to v1.9.3, the system does not process listeners for the specified SLB by default, you must manually configure the listener rules for the SLB instance.

Run the following command to view the version of cloud-controller-manager. 

root@master # kubectl get po -n kube-system -o yaml|grep image:|grep cloud-con|uniq

image: registry-vpc.cn-....-controller-manager-amd64:v1.9.3
  • When your cluster cloudprovider is not the latest version, some features may not be available. For more information, see how to manually upgrade CloudProvider.

Create a LoadBalancer

prerequisites.

  • A cluster created by Alibaba Cloud container service. Reference
  • how to connect to a cluster through kubectl. Reference
  • create a common nginx application. For more information, see.

>> small

  • save the following yaml as svc.1.yaml and use kubectl apply -f svc.1.yaml to create a service.

1. Create an Internet SLB instance 

apiVersion: v1
kind: Service
metadata:
  name: nginx
  namespace: default
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: nginx
  type: LoadBalancer

2. Create an intranet SLB instance 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-address-type: "intranet"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: nginx
  type: LoadBalancer

3. Create an HTTP SLB instance 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-protocol-port: "http:80"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: nginx
  type: LoadBalancer

4. Create an HTTPS SLB instance 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-protocol-port: "https:443"
    service.beta.kubernetes.io/alicloud-loadbalancer-cert-id: ${YOUR_CERT_ID}
  name: nginx
  namespace: default
spec:
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  selector:
    run: nginx
  type: LoadBalancer

>> note:

  • to create an https SLB instance, you must provide a certificate ID. If no certificate exists, go to the SLB console to create one.

5. Limit the bandwidth of the SLB instance. 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-bandwidth: "100"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  selector:
    run: nginx
  type: LoadBalancer

>> note:

  • only the bandwidth of the SLB instance is limited. All listener sharing the load balancing bandwidth. See shared instance bandwidth

6. Specify the SLB instance type 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-spec: "slb.s1.small"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  selector:
    run: nginx
  type: LoadBalancer

7. Bind an existing server load balancer instance to the Service 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-id: "${YOUR_LOADBALANCER_ID}"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  selector:
    run: nginx
  type: LoadBalancer

>> note:

  • by default, when you bind an existing SLB instance, the CloudProvider only binds and unbinds the SLB backend Server. You must specify service.beta.kubernetes.io/alicloud-loadbalancer-force-override-listeners: "true" to forcibly overwrite the listener. Note that this deletes unexpected listeners on your existing SLB instance.

8. Bind an existing SLB instance and forcibly overwrite the existing listener. 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-id: "${YOUR_LOADBALANCER_ID}"
    service.beta.kubernetes.io/alicloud-loadbalancer-force-override-listeners: "true"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  selector:
    run: nginx
  type: LoadBalancer

9. Enable SLB to Mount worker nodes with specified labels as backend servers 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-backend-label: "failure-domain.beta.kubernetes.io/zone:ap-southeast-5a"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  selector:
    run: nginx
  type: LoadBalancer

>> small

  • separate multiple labels with commas (,). "k1:v1,k2:v2"
  • the semantics of and exists between multiple labels.

10. Configure session persistence SessionSticky for TCP SLB 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-persistence-timeout: "1800"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  selector:
    run: nginx
  type: LoadBalancer

>> small

  • this parameter only applies to TCP listeners.
  • If multiple TCP listening ports are configured for the service, session persistence applies to all TCP listening ports by default.

11. Configure session persistence SessionSticky(insert cookie) for HTTP and HTTPS SLB instances 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-sticky-session: "on"
    service.beta.kubernetes.io/alicloud-loadbalancer-sticky-session-type: "insert"
    service.beta.kubernetes.io/alicloud-loadbalancer-cookie-timeout: "1800"
    service.beta.kubernetes.io/alicloud-loadbalancer-protocol-port: "http:80"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: nginx
  type: LoadBalancer

>> small

  • only HTTP and HTTPS are supported.
  • The session persistence type is insert and Cookie is inserted.
  • If multiple HTTP or HTTPS listening ports are configured for the service, the session persistence applies to all HTTP and HTTPS listening ports by default.

12. Configure session persistence SessionSticky(server cookie) for HTTP and HTTPS SLB instances 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-sticky-session: "on"
    service.beta.kubernetes.io/alicloud-loadbalancer-sticky-session-type: "server"
    service.beta.kubernetes.io/alicloud-loadbalancer-cookie: "${YOUR_COOKIE}"
    service.beta.kubernetes.io/alicloud-loadbalancer-protocol-port: "http:80"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: nginx
  type: LoadBalancer

>> small

  • only HTTP and HTTPS are supported.
  • The session persistence type is server and the Cookie is overwritten.
  • If multiple HTTP or HTTPS listening ports are configured for the service, the session persistence applies to all HTTP and HTTPS listening ports by default.

13. Specify the active/standby zone when creating an SLB instance 

apiVersion: v1
kind: Service
metadata:
  annotations:
    service.beta.kubernetes.io/alicloud-loadbalancer-master-zoneid: "ap-southeast-5a"
    service.beta.kubernetes.io/alicloud-loadbalancer-slave-zoneid: "ap-southeast-5a"
  name: nginx
  namespace: default
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: nginx
  type: LoadBalancer

>> small

  • SLB instances in some regions do not support primary/secondary zones, such as ap-southeast-5
  • you cannot modify the primary/secondary zones.

13. Specify SLB to mount only the node where the Pod is located as the backend Server. 

apiVersion: v1
kind: Service
metadata:
  name: nginx
  namespace: default
spec:
  externalTrafficPolicy: Local
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: nginx
  type: LoadBalancer

>> small

  • SLB instances in some regions do not support primary/secondary zones, such as ap-southeast-5
  • you cannot modify the primary/secondary zones.

Attachment: available Annotation parameters and their descriptions

>> small

The available annotation (annotation) description default value

developer Community> alibaba Cloud container service ACK
Please read this disclaimer carefully before you start to use the service. By using the service, you acknowledge that you have agreed to and accepted the content of this disclaimer in full. You may choose not to use the service if you do not agree to this disclaimer. This document is automatically generated based on public content on the Internet captured by Machine Learning Platform for AI. The copyright of the information in this document, such as web pages, images, and data, belongs to their respective author and publisher. Such automatically generated content does not reflect the views or opinions of Alibaba Cloud. It is your responsibility to determine the legality, accuracy, authenticity, practicality, and completeness of the content. We recommend that you consult a professional if you have any doubt in this regard. Alibaba Cloud accepts no responsibility for any consequences on account of your use of the content without verification. If you have feedback or you find that this document uses some content in which you have rights and interests, please contact us through this link: https://www.alibabacloud.com/campaign/contact-us-feedback. We will handle the matter according to relevant regulations.

Related Articles

Block Storage: Block-Level Data Storage Service - Alibaba Cloud from: Site > Product > Storage
Key Management Service: Cryptographic Keys on the Cloud - Alibaba Cloud from: Site > Product > Security
Anti-DDoS Basic: Security Service Against DDoS & Trojan Attacks - Alibaba Cloud from: Site > Product > Container & Middleware
Alibaba Cloud
Free Trial
50+ Free Offers
Selected, One-Stop Store for Enterprise Applications
Support various scenarios to meet companies' needs at different stages of development

Start Building Today with a Free Trial to 50+ Products

Learn and experience the power of Alibaba Cloud.

Sign Up Now