Kubernetes Cloud Provider for VMware Cloud Director supports the following features.
Multiple Virtual Services With Shared IP Address
This section details the virtual service shared IP address for VMware Cloud Director 10.4.0 and later.
Prior to Kubernetes Cloud Provider for VMware Cloud Director 1.2.0 and VMware Cloud Director 10.4.0, each virtual service required a distinct IP address. Therefore, multiple internal IP addresses were used, and DNAT rules were necessary to map the internal IP addresses to external IP addresses.
As of Kubernetes Cloud Provider for VMware Cloud Director 1.2.0, the enableVirtualServiceSharedIP
feature allows utilizing a feature in VMware Cloud Director 10.4.0 and newer versions, in which you can create multiple virtual services with the same external IP address and different ports. This removes the need to create a DNAT rule, and preserves internal IP addresses. To use the feature, in the configmap, you must set enableVirtualServiceSharedIP
to true
.
enableVirtualServiceSharedIP
is set to
true
, and
oneArm
is not
nil
, the virtual services share an internal IP address instead of an external IP address. DNAT rules are used to map the shared internal IP address to an external IP address.
IP Address for an Application Load Balancer
You can configure IP addresses for application load balancers.
With Kubernetes Cloud Provider for VMware Cloud Director 1.3.0 and later, you can define the IP address of the load balancer through specifying the IP address in the Service object. For more information, see Type LoadBalancer.
apiVersion: v1 kind: Service metadata: name: my-service spec: type: LoadBalancer loadBalancerIP: 10.10.10.10
- You can also use an internal IP address, for example, 192.168.x.x, for
loadBalancerIP
. - In Kubernetes Cloud Provider for VMware Cloud Director 1.3.0, if the configuration is set to
enableVirtualServiceSharedIP: true
andoneArm: nil
, you cannot update the user specifications of the load balancer IP address.
SSL Termination at NSX Advanced Load Balancer
With Kubernetes Cloud Provider for VMware Cloud Director 1.3.0 and later, you can deactivate SSL termination at NSX Advanced Load Balancer and allow Ingress to control SSL termination. To perform this task, add the following annotation to the Ingress load balancer service.
annotations: service.beta.kubernetes.io/vcloud-avi-ssl-no-termination: "true"
This feature allows using certs at an Ingress Controller and deactivating SSL at the controller.
IP Spaces
With Kubernetes Cloud Provider for VMware Cloud Director 1.6, you can use gateways that are configured to use IP spaces.
- Tо use this feature, you must also use Kubernetes Cluster API Provider for VMware Cloud Director 1.3 or later.
- Service providers are responsible for managing the creation of IP spaces, provider gateways, edge gateways, and their quota.
- Gateways that are configured to use IP Blocks are also supported by Kubernetes Cloud Provider for VMware Cloud Director.