Create and delete load balancer
A load balancer distributes large volumes of incoming traffic across multiple servers, ensuring stable service operation.
In the Kubernetes Engine service, depending on the annotation
options used when creating a service of type LoadBalancer, a Network Load Balancer (NLB) or an Application Load Balancer (ALB) is created.
Create load balancer
Here is how to create a load balancer in the Kubernetes Engine service.
To ensure high availability across multiple Availability Zones (AZ), you can configure a cluster network across different AZs.
When creating a load balancer in a multi-AZ cluster, a load balancer is automatically created in each AZ that is part of the cluster network.
:::caution
Even if a node pool in a multi-AZ cluster is configured in only one AZ, load balancers are still created in all AZs. All load balancer types (NLB or ALB) are billable, so please consider this when deploying.
:::
Prerequisites
Step 1. Install and configure kubectl
To create a Service
object in Kubernetes, you need to install kubectl
and configure access to your cluster.
For detailed instructions, refer to Configure kubectl control.
Step 2. Register and manage SSL certificates
If you're creating an Application Load Balancer (ALB) with the listener protocol set to TERMINATED_HTTPS
, an SSL certificate is required.
You can register and manage SSL certificates as follows:
Register a certificate
-
Go to the KakaoCloud Console > Management > Certificate Manager.
-
Click the [Register certificate] button in the Certificates menu.
-
Enter the required information in the popup window and click [Register].
-
Confirm that the certificate appears in the list.
Delete a certificate
-
Go to the KakaoCloud Console > Management > Certificate Manager.
-
In the Certificates menu, click the [More] icon for the certificate and select Delete certificate.
-
Enter the required information in the popup and click [Delete].
-
Verify the certificate has been successfully deleted.
Step 1. Check service specifications for load balancer type
Review the YAML file for a service of type LoadBalancer associated with app: nginx
, paying attention to:
Field | Description |
---|---|
spec.type | Value: LoadBalancer — required to create a load balancer |
metadata.annotations | Set load balancer typeloadbalancer.ke.kakaocloud.com/load-balancer-type : - NLB (default): Create a Network Load Balancer - ALB : Create an Application Load Balancer - Omit to default to NLB Set public IP usage service.beta.kubernetes.io/openstack-internal-load-balancer : - true (default): Use private IP - false : Use public IP |
Example: NLB service spec
kind: Service
apiVersion: v1
metadata:
name: default-http-nginx-service
annotations:
service.beta.kubernetes.io/openstack-internal-load-balancer: 'true'
loadbalancer.ke.kakaocloud.com/load-balancer-type: 'NLB'
spec:
selector:
app: nginx
type: LoadBalancer
ports:
- name: http
port: 80
targetPort: 80
Example: ALB service spec
kind: Service
apiVersion: v1
metadata:
name: default-http-nginx-service
annotations:
service.beta.kubernetes.io/openstack-internal-load-balancer: 'true'
loadbalancer.ke.kakaocloud.com/load-balancer-type: 'ALB'
loadbalancer.openstack.org/default-tls-container-ref: 'https://key-manager.{region}/v1/secrets/{certificate-id}'
spec:
selector:
app: nginx
type: LoadBalancer
ports:
- name: http
port: 80
targetPort: 80
Step 2. Set load balancer type
- Create 'Network Load Balancer (NLB)'
- Create 'Application Load Balancer (ALB)'
By default, creating a LoadBalancer-type service in Kubernetes Engine will provision a Network Load Balancer (NLB), operating at OSI Layer 4.
Annotation | Value |
---|---|
loadbalancer.ke.kakaocloud.com/load-balancer-type | Set to "NLB" |
You can create an Application Load Balancer (ALB) to handle traffic at OSI Layer 7.
Annotation | Value |
---|---|
loadbalancer.ke.kakaocloud.com/load-balancer-type | Set to "ALB" |
loadbalancer.openstack.org/default-tls-container-ref | Set listener protocol to TERMINATED_HTTPS , requires SSL certificate - "https://key-manager.kr-central-2.kakaoi.io/v1/secrets/{certificate UUID}" - Register the certificate first to obtain its ID |
- Annotation paths for certificates vary by region. Use the appropriate path for your load balancer’s region.
- Certificate annotations must be set when the ALB is initially created.
- To change certificate settings, delete and recreate the Service object. This will delete the existing load balancer and create a new one.
Step 3. Configure public IP for the load balancer
Set the annotation service.beta.kubernetes.io/openstack-internal-load-balancer
to determine public IP usage.
true
(default): Use private IPfalse
: Use public IP
Changing this setting may result in the allocation or detachment of a public IP, which can affect billing.
Public IPs used with Kubernetes Engine load balancers can be deleted in the console under VPC > Public IP.
See Create and manage public IPs for more.
Appendix. Configure detailed load balancer options
You can specify advanced options in the annotations
section of the YAML file:
Option | Description |
---|---|
loadbalancer.ke.kakaocloud.com/delete-floatingip | On deletion of load balancer: - true : Also deletes associated public IP- false (default): Detaches public IP but does not delete |
loadbalancer.openstack.org/health-monitor-timeout | Max response time for health check (in seconds) Default: 30 |
loadbalancer.openstack.org/health-monitor-delay | Interval between health checks (in seconds), must be greater than timeout Default: 60 |
loadbalancer.openstack.org/health-monitor-max-retries | Max retries for failed health checks Default: 5 Must be between 1–10 |
Appendix. Example: Create NLB load balancer service
Here is an example for deploying a basic Nginx app using a LoadBalancer-type service.
apiVersion: apps/v1
kind: Deployment
metadata:
name: internal-http-nginx-deployment
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: default-http-nginx-service
annotations:
service.beta.kubernetes.io/openstack-internal-load-balancer: "true"
loadbalancer.ke.kakaocloud.com/load-balancer-type: "NLB"
spec:
selector:
app: nginx
type: LoadBalancer
ports:
- name: http
port: 80
targetPort: 80
-
Apply the deployment using the following command. Load balancer creation may take up to 5 minutes.
Deploykubectl --kubeconfig=$KUBE_CONFIG apply -f https://raw.githubusercontent.com/kakaoenterprise/kakaocloud-tutorials/refs/heads/k8se-public-guides/createLB/lb-nginx.yml
-
To verify the load balancer’s external IP:
Check EXTERNAL-IPkubectl --kubeconfig=$KUBE_CONFIG get svc default-http-nginx-service
-
Confirm traffic is received at the
EXTERNAL-IP
:Check trafficcurl {EXTERNAL-IP}
Example response<html>
<head><title>Welcome to nginx!</title></head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, nginx is working.</p>
</body>
</html>
- If you set
service.beta.kubernetes.io/openstack-internal-load-balancer
tofalse
, a public IP is assigned and shown in theEXTERNAL-IP
column. - When using DNS, the
EXTERNAL-IP
field may show a domain name, and clients can access the load balancer using that DNS name.
Delete load balancer
You can delete load balancers that are no longer needed.
Deleting the Service
object of type LoadBalancer will also delete the corresponding KakaoCloud load balancer.
kubectl --kubeconfig=$KUBE_CONFIG delete svc default-http-nginx-service