The components of the NSX Advanced Load Balancer, also known as Avi Load Balancer, include the Avi Controller cluster, Service Engines (data plane) VMs and the Avi Kubernetes Operator (AKO).

Controller

The Avi Controller, also called the Controller, interacts with the vCenter Server to automate the load balancing for the Tanzu Kubernetes clusters. It is responsible for provisioning service engines, coordinating resources across service engines, and aggregating service engine metrics and logging. The Controller provides a Web interface, command-line interface, and API for user operation and programmatic integration.

After you deploy and configure the Controller VM in vSphere, see Deploy a Controller Cluster for information on how to set up the control plane cluster for HA.

Service Engine

The Avi Service Engine, also called the Service Engine, is the data plane virtual machine. A Service Engine runs one or more virtual services. A Service Engine is managed by the controller. The controller provisions Service Engines to host virtual services.

The Service Engine has two types of network interfaces:
  • The first network interface, vnic0 of the VM, connects to the Management Network where it can connect to the Avi Controller.
  • The remaining interfaces, vnic1 - 8, connect to the Data Network where virtual services run.

The Service Engine interfaces automatically connect to correct VDS port groups. Unused interfaces are connected to a port group called Avi Internal, which is created automatically, and reserved for future use. Each Service Engine can support up to 1000 virtual services.

A virtual service provides layer 4 and layer 7 load balancing services for Tanzu Kubernetes cluster workloads. A virtual service is configured with one virtual IP and multiple ports. When a virtual service is deployed, the Controller automatically selects an ESX server, spins up a Service Engine, and connects it to the correct networks (port groups).

The first Service Engine is created only after the first virtual service is configured. Any subsequent virtual services that are configured use the existing Service Engine.

Each virtual server exposes a layer 4 load balancer with a distinct IP address of type load balancer for a Tanzu Kubernetes cluster. The IP address assigned to each virtual server is selected from the IP address block give to the Controller when you configure it.

AVI includes native IPAM and external IPAM provider support. In vSphere, AVI native IPAM is leveraged.

Avi Kubernetes Operator

The Avi Kubernetes operator (AKO) watches Kubernetes resources and communicates with the Controller to request the corresponding load balancing resources.

The Avi Kubernetes Operator is installed on the Supervisor Cluster as part of the enablement process.