K
Q

External Load Balancer for Kubernetes cluster

8/23/2016

I want to implement a simple Layer 7 Load Balancer in my kubernetes cluster which will allow me to expose kubernetes services to external consumers.

I will create a simple ha-proxy based container which will observe kubernetes services and respective endpoints and reload its backend/frontend configuration (complemented with SYN eating rule during reload)

This will allow me to access kubernetes services like SVCa, SVCb, SVCc over

http://load-balancer-ip:port/SVCa -------> Pod endpoints.....
http://load-balancer-ip:port/SVCb -------> Pod endpoints..... 
http://load-balancer-ip:port/SVCc -------> Pod endpoints.....

How would above approach work compared to

(1) ha-proxy forwarding all the requests to clusterIP address of kubernetes services.

 http://load-balancer-ip:port/SVCa ------->clusterIP-SVCa
 http://load-balancer-ip:port/SVCb ------->clusterIP-SVCa
 http://load-balancer-ip:port/SVCc ------->clusterIP-SVCa

(2) ha-proxy load-balancing requests to worker-node-ip:port obtained by creating NodePort type services

http://load-balancer-ip:port/SVCa  --------> node1:p1, node2:p1, node3:p1
http://load-balancer-ip:port/SVCb  --------> node1:p2, node2:p2, node3:p2
http://load-balancer-ip:port/SVCc  --------> node1:p3, node2:p3, node3:p3

Note: My k8s cluster is running on custom solution (on-premise VMs)

-- Suyog Barve
haproxy
kubernetes
load-balancing
routing

Similar Questions

kubernetes intra cluster service communication
Jenkins on Docker - Persist data
Docker build inside kubernetes pod fails with "could not find bridge docker0"
How do Kubernetes modules communicate with etcd?

2 Answers

8/24/2016

(2) This is not ideal if your cluster is very dynamic without predictable node names. This is also very very anti-pattern to immutable infrastructure- if that is something you are working towards.

(1) This will work, but relies on kube proxy for proxying to another node- which is not super intelligent right now, you are essentially going from haproxy (powerful proxy) to kube proxy (relatively dumb proxy) to pod- adding an extra jump and some (although minimal) latency

Your original plan is probably the best, and is essentially the same as an ingress controller.

-- Drew Rapenchuk
Source: StackOverflow
8/24/2016

I think a nginx IngressController can work better in this case. You only have to set the backend service and the hostname inside the ingress definition.

Take a look here: https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx

-- Camil
Source: StackOverflow