Skip to main content

Using Loadbalancers

Loadbalancers are an essential component in a Kubernetes cluster, enabling the distribution of traffic to multiple pods and ensuring high availability of applications. The type of loadbalancer used in your managed Kubernetes cluster depends on the environment.

Environment-Specific Loadbalancer Configurations

The following sections outline the loadbalancer configurations used in different environments:

Pure OpenStack Cluster

In a pure OpenStack cluster, we utilize OpenStack loadbalancers to distribute traffic to your applications. This provides a scalable and highly available loadbalancing solution, integrated with the OpenStack platform.

Example: Creating an OpenStack Loadbalancer

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
  - name: http
    port: 80
    targetPort: 8080
  type: LoadBalancer
kubectl apply -f my-service.yaml

This will create a new OpenStack loadbalancer and expose the my-service service to the outside world.

OpenStack with FortiGate

In an OpenStack environment with FortiGate, we do not support LoadBalancer resources. Instead, we recommend using NodePorts in combination with the FortiGate Loadbalancer. This approach allows you to leverage the advanced security features of FortiGate while still providing loadbalancing capabilities for your applications.

Example: Exposing a Service using NodePort and FortiGate

apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
  - name: http
    port: 80
    targetPort: 8080
    nodePort: 30080
  type: NodePort
kubectl apply -f my-service.yaml

Then, configure the FortiGate Loadbalancer to point to the NodePort:

fortigate-config set load-balance virtual-server "my-virtual-server"
  set port 80
  set protocol http
  set server-group "my-server-group"
  config server
    edit 1
      set ip 10.0.0.1
      set port 30080
    next
  end
end

This will expose the my-service service to the outside world through the FortiGate Loadbalancer.

vCluster

In a vCluster environment, we do not implement LoadBalancer resources. Instead, we rely on Ingress resources to manage traffic to your applications. This provides a flexible and scalable way to expose your services to the outside world, while also allowing you to leverage the built-in features of Kubernetes Ingress controllers.

Example: Creating an Ingress Resource

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - host: myapp.example.com
    http:
      paths:
      - path: /api
        backend:
          service:
            name: my-service
            port:
              number: 80
kubectl apply -f my-ingress.yaml

This will create a new Ingress resource and expose the my-service service to the outside world.

Bare Metal Cluster

In a bare metal cluster, we use MetalLB implementations that peer with FortiGate instances using BGP (Border Gateway Protocol). This approach provides a highly available and scalable loadbalancing solution, integrated with the FortiGate security platform.

Example: Configuring MetalLB with BGP

apiVersion: metallb.io/v1beta1
kind: MetalLB
metadata:
  name: my-metallb
spec:
  peers:
  - peerAddress: 10.0.0.1
    peerAS: 64512
    myAS: 64512
kubectl apply -f my-metallb.yaml

Then, configure the FortiGate instance to peer with MetalLB using BGP:

fortigate-config set router bgp 64512
  config neighbor
    edit 10.0.0.1
      set remote-as 64512
      set ebgp-enforce-multihop enable
    next
  end
end

This will configure MetalLB to peer with the FortiGate instance using BGP and provide loadbalancing capabilities for your applications.

Key Considerations

When working with loadbalancers in your managed Kubernetes cluster, keep the following key considerations in mind:

  • Ensure you understand the loadbalancer configuration specific to your environment.
  • Use the recommended loadbalancer resources and configurations for your environment to ensure optimal performance and availability.
  • Consult with our support team if you have questions or concerns about loadbalancer configurations or troubleshooting. By following these guidelines and understanding the loadbalancer configurations used in your environment, you can ensure the successful deployment and management of your applications in our managed Kubernetes cluster.