The components of the NSX Advanced Load Balancer, also known as Avi Load Balancer, include the Controller cluster, Service Engines (data plane) VMs and the Avi Kubernetes Operator (AKO).

For information on installing and configuring NSX Advanced Load Balancer components, see Install and Configuring NSX Advanced Load Balancer.

Controller

The NSX Advanced Load Balancer Controller, also called the Controller, interacts with the vCenter Server to automate the load balancing for the Tanzu Kubernetes Grid clusters. It is responsible for provisioning service engines, coordinating resources across service engines, and aggregating service engine metrics and logging. The Controller provides a Web interface, command-line interface, and API for user operation and programmatic integration.

After you deploy and configure the Controller VM in vSphere, see you can deploy a Controller Cluster to set up the control plane cluster for HA.

Clouds are containers for the environment that the NSX Advanced Load Balancer is installed or operates within. During the initial configuration of the Controller, a cloud with name Default-cloud is automatically created. You can use the Default-cloud as a VMware vCenter cloud or create one or more custom clouds of type VMware vCenter.

When you configure a VMware vCenter type of cloud, it is associated with a unique vCenter and a data center within that vCenter. All resources that are available to that vCenter and data center are available to the cloud.

To allow the load balancer to service multiple vCenter servers or multiple data centers, you can create multiple custom clouds of type VMware vCenter one for each vCenter and data center combination. This lowers the operation burden as fewer load balancer instances and thereby fewer cores are required to support the environment. For more information about clouds, see the NSX Advanced Load Balancer documentation.

Service Engine

The NSX Advanced Load Balancer Service Engine, also called the Service Engine, is the data plane virtual machine. A Service Engine runs one or more virtual services. A Service Engine is managed by the controller. The controller provisions Service Engines to host virtual services.

The Service Engine has two types of network interfaces:
  • The first network interface, vnic0 of the VM, connects to the Management Network where it can connect to the NSX Advanced Load Balancer Controller.
  • The remaining interfaces, vnic1 - 9, connect to the Data Network where virtual services run.

The Service Engine interfaces automatically connect to correct vDS port groups. Unused interfaces are connected to a management network port group in a disconnected state. Each Service Engine can support up to 1000 virtual services.

A virtual service provides layer 4 and layer 7 load balancing services for Tanzu Kubernetes Grid cluster workloads. A virtual service is configured with one virtual IP and multiple ports. When a virtual service is deployed, the Controller automatically selects an ESX server, spins up a Service Engine, and connects it to the correct networks (port groups).

The first Service Engine is created only after the first virtual service is configured. Any subsequent virtual services that are configured use the existing Service Engine.

Each virtual server exposes a layer 4 load balancer with a distinct IP address of type load balancer for a Tanzu Kubernetes Grid cluster. The IP address assigned to each virtual server is selected from the IP address block give to the Controller when you configure it.

AVI includes native IPAM and external IPAM provider support. In vSphere, AVI native IPAM is leveraged.

Avi Kubernetes Operator

The Avi Kubernetes operator (AKO) watches Kubernetes resources and communicates with the Controller to request the corresponding load balancing resources.

The Avi Kubernetes Operator is installed on the Supervisors as part of the enablement process.