Skip to main content

Create and delete load balancer

A load balancer distributes large amounts of traffic to multiple servers, supporting stable service operation. When creating a load balancer type service in Kubernetes Engine, based on the annotation options, either a Network Load Balancer (NLB) or an Application Load Balancer (ALB) will be created.

Create load balancer

The following describes how to create a load balancer in the Kubernetes Engine service.

Create load balancer in Multi-AZ cluster

In the kr-central-2 region, the cluster network can be set up to use different availability zones (AZs), enabling the creation of highly available Multi-AZ clusters. If a load balancer is created in a Multi-AZ cluster, a load balancer will be created in every AZ configured for the cluster network.

caution

If the node pool of a Multi-AZ cluster is configured in only one AZ, the cluster’s load balancer will still be created in all AZs. All load balancers (NLB or ALB) are subject to billing, so please take note.

Prerequisites

Step 1. Install and configure kubectl

To create a Service object in Kubernetes, install kubectl and configure it for cluster control. For detailed instructions on kubectl installation and control setup, refer to Configure kubectl control.

Step 2. Register and manage SSL certificates

To create an Application Load Balancer (ALB) and set the load balancer listener to TERMINATED_HTTPS in Kubernetes, an SSL certificate is required. Register and manage the SSL certificate for the ALB as follows.

Register certificate
  1. Go to the Container Pack > Kubernetes Engine > Certification tab in the KakaoCloud Console.

  2. In the Certification menu, click the [Register certificate] button.

  3. In the certificate registration popup, enter the required information and click [Register].

  4. Verify the registered certificate information in the certificate list.

Delete certificate
  1. Go to the Container Pack > Kubernetes Engine > Certification tab in the KakaoCloud Console.

  2. In the Certification menu, select the [More] icon next to the certificate to delete and click Delete certificate.

  3. In the delete certificate popup, enter the necessary details and click [Delete].

Step 1. Check load balancer service specifications

Check the specifications of the load balancer service. In the example YAML file for a load balancer type service associated with app: nginx, check the following two items.

Item to CheckValue and Description
spec.typeValue: LoadBalancer
  ᄂ Set service type to create a load balancer
metadata.annotations subfield of annotationsSet load balancer type
Value
loadbalancer.ke.kakaocloud.com/load-balancer-type
  ᄂ NLB (default): Create Network Load Balancer
  ᄂ ALB: Create Application Load Balancer
  ᄂ If not set, defaults to creating a Network Load Balancer.

Set public IP usage
Value
service.beta.kubernetes.io/openstack-internal-load-balancer
  ᄂ true (default): Use private IP
  ᄂ false: Use public IP
Check NLB load balancer service specifications
Check NLB load balancer service specifications
kind: Service
apiVersion: v1
metadata:
name: default-http-nginx-service
annotations:
service.beta.kubernetes.io/openstack-internal-load-balancer: 'true'
loadbalancer.ke.kakaocloud.com/load-balancer-type: 'NLB'
spec:
selector:
app: nginx
type: LoadBalancer
ports:
- name: http
port: 80
targetPort: 80
Check ALB load balancer service specifications
Check ALB load balancer service specifications
kind: Service
apiVersion: v1
metadata:
name: default-http-nginx-service
annotations:
service.beta.kubernetes.io/openstack-internal-load-balancer: 'true'
loadbalancer.ke.kakaocloud.com/load-balancer-type: 'ALB'
loadbalancer.openstack.org/default-tls-container-ref: 'https://key-manager.{enter the certificate path for the region}/v1/secrets/{enter certificate ID}'
spec:
selector:
app: nginx
type: LoadBalancer
ports:
- name: http
port: 80
targetPort: 80

Step 2. Set load balancer type

Based on the load balancer type setting, either a Network Load Balancer (NLB) or an Application Load Balancer (ALB) will be created.

When creating an Application Load Balancer (ALB) in Kubernetes Engine, it operates at OSI Layer 7 (application layer). Set the annotations under metadata.annotations as follows.

Annotation ItemValue and Description
loadbalancer.ke.kakaocloud.com/load-balancer-typeSet to create Application Load Balancer (ALB)
- Set to "ALB"
loadbalancer.openstack.org/default-tls-container-refListener protocol is set to 'TERMINATED_HTTPS', and SSL certificate setup is required
- Enter "https://key-manager.kr-central-2.kakaoi.io/v1/secrets/{secret UUID}"
  ᄂ Replace {secret UUID} with the certificate ID
  ᄂ You can verify the certificate ID after pre-registering it in the certification tab of the console
  ᄂ If an SSL certificate is not applied to the ALB, the listener protocol will be set to 'HTTP'
info
  • When setting the ALB annotation, ensure that the certificate path corresponds to the region where the load balancer is created.
  • The SSL certificate for the ALB must be applied when the ALB is first created, along with the certificate configuration annotation.
  • If the certificate settings need to be changed, you must delete and recreate the Service object. Note that this will disconnect or delete the existing load balancer and create a new one.

Step 3. Configure public IP for the load balancer

You can configure whether to use a public IP when creating a load balancer.
Set the service.beta.kubernetes.io/openstack-internal-load-balancer value under metadata.annotations to configure public IP usage for the load balancer.

  • To create a load balancer with a private IP, set the value to true (default)
  • To create a load balancer with a public IP, set the value to false
caution
  • Depending on the service.beta.kubernetes.io/openstack-internal-load-balancer setting, the load balancer’s public IP will either create and connect a new public IP or disconnect the public IP. If the value is set to false and a public IP was used, changing the value to true later will still result in the public IP being disconnected and subject to public IP billing.
  • To delete the public IP used by the Kubernetes Engine load balancer, go to the Public IP menu under the VPC section of the KakaoCloud Console. For more details, refer to Create and manage public IP.

Appendix. Configure detailed load balancer options

When creating a load balancer in the Kubernetes Engine service, additional options can be configured. Check the annotations section in the example YAML file for the load balancer type service.

Option ItemValue and Description
metadata.annotations subfield of annotationsDelete public IP setting
Value:
- loadbalancer.ke.kakaocloud.com/delete-floatingip
  ᄂ true: Deletes the public IP connected to the load balancer upon deletion
  ᄂ false (default): Disconnects the public IP when the load balancer is deleted

Health Check condition settings
Value:
- loadbalancer.openstack.org/health-monitor-timeout
  ᄂ Set the maximum response time for load balancer health checks
  ᄂ (Default): 30 if no detailed options are specified
  ᄂ Condition: Value is set in seconds, with no restriction on the limit
- loadbalancer.openstack.org/health-monitor-delay
  ᄂ Set the interval for load balancer health checks
  ᄂ (Default): 60 if no detailed options are specified
  ᄂ Condition: Must be set to a value greater than the timeout
- loadbalancer.openstack.org/health-monitor-max-retries
  ᄂ Set the maximum retry attempts for load balancer health checks
  ᄂ (Default): 5 if no detailed options are specified
  ᄂ Condition: Must be set within the range of 1–10

Appendix. Example of creating NLB load balancer service

The following example explains how to create a simple Nginx application as a load balancer type service.

Example of creating load balancer type service
apiVersion: apps/v1
kind: Deployment
metadata:
name: internal-http-nginx-deployment
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: default-http-nginx-service
annotations:
service.beta.kubernetes.io/openstack-internal-load-balancer: "true"
loadbalancer.ke.kakaocloud.com/load-balancer-type: "NLB"
spec:
selector:
app: nginx
type: LoadBalancer
ports:
- name: http
port: 80
targetPort: 80
  1. Deploy using the following command. Upon execution, KakaoCloud's load balancer will be automatically created. It may take about 5 minutes to complete the load balancer creation.

    Deployment command
    kubectl --kubeconfig=$KUBE_CONFIG apply -f https://raw.githubusercontent.com/kakaoicloud-guide/kubernetes-engine/main/guide-samples/createLB/lb-nginx.yml
  2. To check the IP address of the created load balancer, run the following command and check the EXTERNAL-IP column. The status may remain Pending until the load balancer is created.

    Check load balancer IP address
    kubectl --kubeconfig=$KUBE_CONFIG get svc default-http-nginx-service
    주소 확인 실행 결과
    NAME                         TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)        AGE
    default-http-nginx-service LoadBalancer {CLUSTER-IP} {EXTERNAL-IP} 80:32245/TCP 7h15m
  3. You can verify that traffic is being properly received at the EXTERNAL-IP by running the following command.

    Verify traffic reception at EXTERNAL-IP
    curl {EXTERNAL-IP}
    Traffic reception verification result
    <!doctype html>
    <html>
    <head>
    <title>Welcome to nginx!</title>
    <style>
    body {
    width: 35em;
    margin: 0 auto;
    font-family: Tahoma, Verdana, Arial, sans-serif;
    }
    </style>
    </head>
    <body>
    <h1>Welcome to nginx!</h1>
    <p>
    If you see this page, the nginx web server is successfully installed
    and working. Further configuration is required.
    </p>

    <p>
    For online service and support please refer to
    <a href="http://nginx.org/">nginx.org</a>.<br/>
    Commercial support is available at
    <a href="http://nginx.com/">nginx.com</a>.
    </p>

    <p><em>Thank you for using nginx.</em></p>
    </body>
    </html>
info
  • If you set the service.beta.kubernetes.io/openstack-internal-load-balancer value to false and check the service connected to the load balancer using the kubectl command, the EXTERNAL-IP column will display the public IP associated with the load balancer, allowing clients to access it via that public IP.
  • If a load balancer is created in a cluster in the kr-central-2 region, the EXTERNAL-IP column will display the DNS linked to the load balancer, and clients can connect via that DNS.

Delete load balancer

You can delete a load balancer that is no longer in use. The Service object created as a load balancer type is automatically linked with the KakaoCloud load balancer. Deleting the linked Service will also delete the associated load balancer.

Delete Service
kubectl --kubeconfig=$KUBE_CONFIG delete svc default-http-nginx-service