To provision an external load balancer in a Tanzu Kubernetes cluster, you can create a Service of type LoadBalancer. The load balancer service exposes a public IP address. Traffic from the external load balancer can be directed at cluster pods.

You can provision an external load balancer for Kubernetes pods that are exposed as services. For example, you can deploy a Nginx container and expose it as a Kubernetes service of type LoadBalancer.

Prerequisites

Procedure

  1. Create an appropriate role binding to the default privileged PSP. See Example Role Bindings for Pod Security Policy.
  2. Create the following nginx-lbsvc.yaml YAML file.
    This YAML file defines a Kubernetes service of type LoadBalancer and deploys a Nginx container as an external load balancer for the service.
    kind: Service
    apiVersion: v1
    metadata:
      name: srvclb-ngnx
    spec:
      selector:
        app: hello
        tier: frontend
      ports:
      - protocol: "TCP"
        port: 80
        targetPort: 80
      type: LoadBalancer
    ---
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: loadbalancer
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: hello
      template:
        metadata:
          labels:
            app: hello
            tier: frontend
        spec:
          containers:
          - name: nginx
            image: "nginxdemos/hello"
    
  3. Apply the YAML.
    kubectl apply -f nginx-lbsvc.yaml
  4. Verify the deployment of the Nginx service.
    kubectl get services
    The srvclb-ngnx is up with an external and internal IP address.
    NAME          TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)        AGE
    srvclb-ngnx   LoadBalancer   10.11.12.19      10.19.15.89     80:30818/TCP   18m
    
  5. Using a browser, enter the external IP address for the Nginx LoadBalancer service.
    You see the message NGINX banner and details of the load balancer.