Configure Cloud Native Runtimes with VMware NSX Advanced Load Balancer

This topic tells you how to configure Cloud Native Runtimes (CNRs) with VMware NSX Advanced Load Balancer, formerly known as Avi Networks.

Overview

You can configure Cloud Native Runtimes to integrate with VMware NSX Advanced Load Balancer. VMware NSX Advanced Load Balancer is a multi-cloud platform that delivers features such as load balancing, security, and container ingress services.

The NSX Advanced Load Balancer Controller provides a control plane while the NSX Advanced Load Balance Service Engines provide a data plane. The Service Engines forward incoming traffic to your Kubernetes cluster’s Envoy pods, which Contour creates and manages.

For information about VMware NSX Advanced Load Balancer, see VMware NSX Advanced Load Balancer Documentation.

Prerequisites

To integrate VMware NSX Advanced Load Balancer with Cloud Native Runtimes, you must first install Cloud Native Runtimes:

If you have not already installed Cloud Native Runtimes, see Installing Cloud Native Runtimes.
If you already have a Contour installation on your cluster, see Installing Cloud Native Runtimes with an Existing Contour Installation.

Integrate VMware NSX Advanced Load Balancer with Cloud Native Runtimes

To configure Cloud Native Runtimes with VMware NSX Advanced Load Balancer:

Deploy the NSX Advanced Load Balancer Controller on a supported infrastructure provider. For a list of NSX Advanced Load Balancer supported providers, see Installation Guides.
Deploy the Avi Kubernetes operator to your Kubernetes cluster where Cloud Native Runtimes is hosted. For more information, see the Avi Kubernetes Operator documentation.
Connect to a test app and verify that it is reachable. Run:
```
"curl -H KNATIVE-SERVICE-DOMAIN" ENVOY-IP
```
Where:
- KNATIVE-SERVICE-DOMAIN is the name of your domain.
- ENVOY-IP is the IP address of your Envoy instance.
For information about deploying a sample application and connecting to the application, see Test Knative Serving.
(Optional) Create a DNS record that configures your KService URL to point to the Avi Service Engines, and resolve to the external IP of the Envoy. You can create a DNS record on any platform that supports DNS services. For more information, see the documentation for your DNS service platform.

To get the KService URL, run:
```
kn route describe APP-NAME | grep "URL"
```
To get Envoy’s external IP, follow step 3 in Test Knative Serving.

About Routing with VMware NSX Advanced Load Balancer and Cloud Native Runtimes

The following diagram shows how VMware NSX Advanced Load Balancer integrates with Cloud Native Runtimes:

This diagram illustrates the workflow described in the text below.

When Contour creates a Kubernetes LoadBalancer service for Envoy, the Avi Kubernetes operator (AKO) sees the new LoadBalancer service. Then NSX Advanced Load Balancer Controller creates a Virtual Service. For information about LoadBalancer services, see Type LoadBalancer in the Kubernetes documentation.

For each Envoy service, NSX Advanced Load Balancer Controller creates a corresponding Virtual Service. See Virtual Services in the VMware NSX Advanced Load Balancer documentation.

After NSX Advanced Load Balancer Controller creates a Virtual Service, the Controller configures the Service Engines to forward traffic to the Envoy pods. The Envoy pods route traffic based on incoming requests, including traffic splitting and path based routing.

The NSX Advanced Load Balancer Controller provides Envoy with an external IP address so that apps are reachable by the app developer.

Note
VMware NSX Advanced Load Balancer does not interact directly with any Cloud Native Runtimes resources. VMware NSX Advanced Load Balancer forwards all incoming traffic to Envoy.