Skip to content

Latest commit

 

History

History
225 lines (197 loc) · 6.74 KB

2016-03-24-bare-metal-lb-for-kube-cluster.md

File metadata and controls

225 lines (197 loc) · 6.74 KB
layout title date categories tags excerpt
post
Setup Bare Metal Load Balancers for kubernetes service
2016-03-24 03:00:30 -0700
Container
kubernetes
Setup Bare Metal Load Balancers for kubernetes service

Overview

There are 2 ways to expose a service to ingress traffic in the current kubernetes service model:

(1) Create a cloud load balancer.

(2) Allocate a port (the same port) on every node in your cluster and proxy ingress traffic through that port to the endpoints.

Create service

Reference to Services.

Create loadbalancer

Loadbalancers are created via a ReplicationController. Load balancers will only run on nodes with the role=loadbalancer label.

  • manifest file
# cat rc.yaml         
apiVersion: v1
kind: ReplicationController
metadata:
  name: service-loadbalancer
  labels:
    app: service-loadbalancer
    version: v1
spec:
  replicas: 1
  selector:
    app: service-loadbalancer
    version: v1
  template:
    metadata:
      labels:
        app: service-loadbalancer
        version: v1
    spec:
      nodeSelector:
        role: loadbalancer
      containers:
      - image: gcr.io/google_containers/servicelb:0.4
        imagePullPolicy: Never
        livenessProbe:
          httpGet:
            path: /healthz
            port: 8081
            scheme: HTTP
          initialDelaySeconds: 30
          timeoutSeconds: 5
        name: haproxy
        ports:
        # All http services
        - containerPort: 80
          hostPort: 80
          protocol: TCP
        # nginx https
        - containerPort: 443
          hostPort: 8080
          protocol: TCP
        # mysql
        - containerPort: 3306
          hostPort: 3306
          protocol: TCP
        # haproxy stats
        - containerPort: 1936
          hostPort: 1936
          protocol: TCP
        resources: {}
        args:
        - --tcp-services=my-nginx-service:8080
          --server=172.17.42.31:443
  • create RC
# kubectl create -f ./rc.yaml 
replicationcontroller "service-loadbalancer" created

# kubectl get rc -l app=service-loadbalancer
CONTROLLER             CONTAINER(S)   IMAGE(S)                                 SELECTOR                              REPLICAS   AGE
service-loadbalancer   haproxy        gcr.io/google_containers/servicelb:0.4   app=service-loadbalancer,version=v1   1          2m

# kubectl get pods -l app=service-loadbalancer
NAME                         READY     STATUS    RESTARTS   AGE
service-loadbalancer-mqv56   0/1       Pending   0          1m


# kubectl describe pods -l app=service-loadbalancer
Name:           service-loadbalancer-do0ix
Namespace:      default
Image(s):       gcr.io/google_containers/servicelb:0.4
Node:           /
Labels:         app=service-loadbalancer,version=v1
Status:         Pending
Reason:
Message:
IP:
Controllers:    ReplicationController/service-loadbalancer
Containers:
  haproxy:
    Container ID:
    Image:              gcr.io/google_containers/servicelb:0.4
    Image ID:
    Args:
      --tcp-services=mysql:3306,nginxsvc:443
    QoS Tier:
      cpu:              BestEffort
      memory:           BestEffort
    State:              Waiting
    Ready:              False
    Restart Count:      0
    Environment Variables:
Volumes:
  default-token-ekfrr:
    Type:       Secret (a secret that should populate this volume)
    SecretName: default-token-ekfrr
Events:
  FirstSeen     LastSeen        Count   From                    SubobjectPath   Type            Reason                  Message
  ---------     --------        -----   ----                    -------------   --------        ------                  -------
  5s            4s              2       {default-scheduler }                    Warning         FailedScheduling        pod (service-loadbalancer-do0ix) failed to fit in any node
fit failure on node (kube-node1): MatchNodeSelector
fit failure on node (kube-node3): MatchNodeSelector
fit failure on node (kube-node2): MatchNodeSelector

  2s    2s      1       {default-scheduler }            Warning FailedScheduling        pod (service-loadbalancer-do0ix) failed to fit in any node
fit failure on node (kube-node2): MatchNodeSelector
fit failure on node (kube-node1): MatchNodeSelector
fit failure on node (kube-node3): MatchNodeSelector
  • set node as a load balancer
# kubectl label node kube-node3 role=loadbalancer
node "kube-node3" labeled

# kubectl get nodes                          
NAME         LABELS                                                STATUS    AGE
kube-node1   kubernetes.io/hostname=kube-node1                     Ready     29d
kube-node2   kubernetes.io/hostname=kube-node2                     Ready     29d
kube-node3   kubernetes.io/hostname=kube-node3,role=loadbalancer   Ready     3h

# kubectl describe pods -l app=service-loadbalancer
Name:           service-loadbalancer-kf1db
Namespace:      default
Image(s):       gcr.io/google_containers/servicelb:0.4
Node:           kube-node3/172.17.42.33
Start Time:     Thu, 17 Mar 2016 10:55:53 +0000
Labels:         app=service-loadbalancer,version=v1
Status:         Running
Reason:
Message:
IP:             172.16.86.4
Controllers:    ReplicationController/service-loadbalancer
Containers:
  haproxy:
    Container ID:       docker://6f8b823df363f74a503fb06801066b911659d5c5dd9b3fbfbd768029f045c83c
    Image:              gcr.io/google_containers/servicelb:0.4
    Image ID:           docker://2a88d37702442a587f45b8cec3ee87aa045f79c7a2f3413eceae70729070b661
    Args:
      --tcp-services=my-nginx-service:8080 --server=172.17.42.31:443
    QoS Tier:
      cpu:              BestEffort
      memory:           BestEffort
    State:              Running
      Started:          Thu, 17 Mar 2016 10:58:34 +0000
    Ready:              True
    Restart Count:      0
    Environment Variables:
Conditions:
  Type          Status
  Ready         True 
Volumes:
  default-token-ekfrr:
    Type:       Secret (a secret that should populate this volume)
    SecretName: default-token-ekfrr
No events.
  • test
# curl http://172.16.86.4/my-nginx-service:8080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Related posts