Google Cloud HTTP Load Balancer (layer 7) for GKE

11/28/2016

I am having trouble using the HTTP Load Balancer (Layer 7) with a service in GKE. I originally exposed the service in GKE using the LoadBalancer service type:

kubectl expose deployment myservice --type="LoadBalancer"

This will create a public IP address for my cluster in the same zone and it has been working well. My goal is to use a global IP address with SSL support for my service. This is what I have tried:

  1. expose the GKE service as NodePort type kubectl expose deployment myservice --type=“NodeType”
  2. follow the tutorial here to create an ingress object. It didn’t work because the service in GKE is already in a managed instance group, and the ingress object would create a new instance group with zero instance. I found a discussion here.
  3. follow the suggestion in the discussion. Deleted to ingress object, and try to set up the HTTP Load Balancer manually from google cloud console.
    • Added a firewall rules to allow 130.211.0.0/22 on port 80 and 8081 (my service port) on all targets.
    • Backend service is the managed Instance group created by GKE.
    • Created a health check on port 8081, path /health. It still doesn’t work because the load balancer can recognize the correct number of instances in the managed instance group, but there are zero healthy nodes. My service has a health check endpoint myservice:8081/health and the root path "/" also returns HTTP 200 OK. I played with the health check configurations but the load balancer can never find a healthy node.

What am I missing?

-- Yi Chen
google-cloud-platform
kubernetes

1 Answer

12/6/2016

It turns out if I want to follow the ingress tutorial, I cannot define a HTTP(S) Load Balancer on the same endpoint. You either choose to follow the tutorial and let the ingress object to define a LB automatically, which worked for me after deleting my testing LB, or do not use ingress and define LB manually (which I never got it working).

-- Yi Chen
Source: StackOverflow