This topic describes how to create a load balancer for the TKGI API using Google Cloud Platform (GCP).
Before you install VMware Tanzu Kubernetes Grid Integrated Edition, you must configure an external TCP load balancer to access the TKGI API from outside the network. You can use any external TCP load balancer of your choice.
Refer to the procedures in this topic to create a load balancer using GCP. If you choose to use a different load balancer, use the configuration in this topic as a guide.
Note: This procedure uses example commands which you should modify to represent the details of your Tanzu Kubernetes Grid Integrated Edition installation.
To create a GCP load balancer for the TKGI API, do the following:
To create a load balancer using GCP, perform the following steps:
In a browser, navigate to the GCP console.
Navigate to Network Services > Load balancing and click CREATE LOAD BALANCER.
Under TCP Load Balancing, click Start configuration.
Under Internet facing or internal only, select From Internet to my VMs.
Under Multiple regions or single region, select Single region only.
Click Continue.
Name your load balancer. VMware recommends naming your load balancer tkgi-api
.
Select Backend configuration.
Select Frontend configuration.
tkgi-api-ip
. GCP assigns a static IP address that appears next to the name.9021
. Your external load balancer forwards traffic to the TKGI API VM using the UAA endpoint on port 8443 and the TKGI API endpoint on port 9021.tkgi-api-uaa
.8443
.Click Review and finalize to review your load balancer configuration.
Click Create.
To create a firewall rule that allows traffic between the load balancer and the TKGI API VM, do the following:
From the GCP console, navigate to VPC Network > Firewall rules and click CREATE FIREWALL RULE.
Configure the following:
0
and 65535
.tkgi-api
.Note: When deploying the TKGI API VM, Ops Manager will tag the TKGI API VM with the specified load balancer and this firewall rule will then be applied to the TKGI API VM.
0.0.0.0/0
.tcp:8443,9021
.Click Create.
To create a DNS entry in GCP for your TKGI API domain, do the following:
From the GCP console, navigate to Network Services > Cloud DNS.
If you do not already have a DNS zone, click Create zone.
Click Add record set.
Under DNS Name, enter a subdomain for the load balancer. For example, if your domain is example.com
, enter api.tkgi
in this field to use api.tkgi.example.com
as your TKGI API load balancer hostname.
Under Resource Record Type, select A to create a DNS address record.
Enter a value for TTL and select a TTL Unit.
Enter the static IP address that GCP assigned when you created the load balancer in Create a Load Balancer.
Click Create.
Follow the instructions in Installing Tanzu Kubernetes Grid Integrated Edition on GCP to deploy Tanzu Kubernetes Grid Integrated Edition.