To provision an external load balancer in a Tanzu Kubernetes cluster, you can create a Service of type LoadBalancer. The load balancer service exposes a public IP address. Traffic from the external load balancer can be directed at cluster pods.
You can provision an external load balancer for Kubernetes pods that are exposed as services. For example, you can deploy a Nginx container and expose it as a Kubernetes service of type LoadBalancer.
- Review the Service type LoadBalancer in the Kubernetes documentation.
- Provision a Tanzu Kubernetes cluster. See Provision a Tanzu Kubernetes Cluster.
- Create appropriate PodSecurityPolicy. See Using Pod Security Policies with Tanzu Kubernetes Clusters.
- Connect to the target Tanzu Kubernetes cluster. See Connect to a Tanzu Kubernetes Cluster as a vCenter Single Sign-On User.
- Verify that the cluster is running the VMware Cloud Provider pod.
kubectl get pods -n vmware-system-cloud-providerThe Tanzu Cloud Provider is ready and running.
NAME READY STATUS RESTARTS AGE tanzu-cluster-cloud-provider-59dc84b95c-nbs4n 1/1 Running 0 24h
- Create a YAML file named nginx-lbsvc.yaml and populate it with the following content.
kind: Service apiVersion: v1 metadata: name: srvclb-ngnx spec: selector: app: hello tier: frontend ports: - protocol: "TCP" port: 80 targetPort: 80 type: LoadBalancer --- apiVersion: apps/v1 kind: Deployment metadata: name: loadbalancer spec: replicas: 2 selector: matchLabels: app: hello template: metadata: labels: app: hello tier: frontend spec: serviceAccountName: NETWORKING-TEST-SA containers: - name: nginx image: "nginxdemos/hello"This YAML file defines a Kubernetes service of type LoadBalancer and deploys a Nginx container as an external load balancer for the service.
- Apply the service type LoadBalancer configuration.
kubectl apply -f nginx-lbsvc.yaml
- Verify the deployment of the Nginx pod and service.
kubectl get allIn the command output, you see that the
Running, and the
LoadBalanceris up with an external and internal IP address. The service is also represented in the Supervisor Namespace.
- Get the external IP address and port for the Nginx LoadBalancer service.
kubectl get servicesSample Result:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE srvclb LoadBalancer 18.104.22.168 192.168.123.4 80:30964/TCP 14m
- Run a browser and enter the external IP address for the Nginx LoadBalancer service.
You see the message:
Welcome to nginx!