Service Type LoadBalancer

Overview of Service Type LoadBalancer

A service of type LoadBalancer is the simplest and the fastest way to expose a service inside a Kubernetes cluster to the external world. You only need to specify the service type as type=LoadBalancer in the service definition.

Services of type LoadBalancer are natively supported in Kubernetes deployments. For services of the type LoadBalancer, the CIS controller deployed inside the Kubernetes cluster reads service type LB and creates the corresponding LTM virtuals on the BIGIP which load balance the incoming traffic to the Kubernetes cluster.

Configuration

serviceType LoadBalancer is supported with NextGen Routes and Custom Resources.

  • With NextGen Routes, the following parameters are required for CIS deployment: controller-mode=openshift
  • With Custom Resources, the following parameters are required for CIS deployment: custom-resource-mode=true
  • If you are using ipam then configure the following parameter as well: ipam=true.
  • If you are using Load Balancer Class then configure the following parameters, see Load Balancer Class Support.

Note

CRDs are also required with serviceTypeLB.

Install the F5 CRDs using following Commands:

1
2
3
4
5
6
7
8
9
export CIS_VERSION=<cis-version>
# For example
# export CIS_VERSION=v2.12.0
# or
# export CIS_VERSION=2.x-master
#
# the latter if using a CIS image with :latest label
#
kubectl create -f https://raw.githubusercontent.com/F5Networks/k8s-bigip-ctlr/${CIS_VERSION}/docs/config_examples/customResourceDefinitions/customresourcedefinitions.yml

Service Type LoadBalancer Annotations

Supported annotation for service type LoadBalancer are:

Annotation Required Description Example
cis.f5.com/policyName Optional Name of Policy CR to attach profiles/policies defined in it. https://github.com/F5Networks/k8s-bigip-ctlr/blob/2.x-master/docs/config_examples/customResource/serviceTypeLB/service-type-lb-with-policyname.yaml
cis.f5.com/ipamLabel Mandatory Specify the ipamLabel if you are using the FIC controller to configure the IP addresses. https://github.com/F5Networks/k8s-bigip-ctlr/blob/2.x-master/docs/config_examples/customResource/serviceTypeLB/example-service-type-lb.yaml
cis.f5.com/ip Mandatory Specify the ip address for the ltm virtual server. https://github.com/F5Networks/k8s-bigip-ctlr/blob/2.x-master/docs/config_examples/customResource/serviceTypeLB/example-service-type-lb-staic-ip.yaml
cis.f5.com/host Optional Specify the hostname for configuring the WideIP pools on the GTM server. It works along with the EDNS CR. https://github.com/F5Networks/k8s-bigip-ctlr/blob/2.x-master/docs/config_examples/customResource/serviceTypeLB/service-type-lb-with-hostname.yaml
cis.f5.com/health Optional It configures the health monitor for pools in ltm virtual server. https://github.com/F5Networks/k8s-bigip-ctlr/blob/2.x-master/docs/config_examples/customResource/serviceTypeLB/healthMonitor-serviceTypeLB.yaml
cis.f5.com/partition Optional The BIG-IP partition in which the Controller should create/update/delete objects for this ServiceTypeLB. https://github.com/F5Networks/k8s-bigip-ctlr/blob/2.x-master/docs/config_examples/customResource/serviceTypeLB/service-type-lb-with-custom-partition.yaml

Note

If both the cis.f5.com/ipamLabel and cis.f5.com/ip annotations are provided then the cis.f5.com/ip will be given priority and LTM virtual will be created using the IP address provided by cis.f5.com/ip.

Click here Github for more serviceTypeLB examples.

Load Balancer Class Support

Kubernetes 1.24 and later have introduced the standard .spec.loadBalancerClass field in the service spec to be able to distinguish between the types of load balancing services available to the cluster, so that you can specify which load balancing class you would like to use. See Specifying class of load balancer implementation.

The below section describes the CIS support for Load Balancer Class.

Overview

The CIS version 2.18.0 onwards, by default, CIS will process all the services that do not have the loadBalancerClass field set in the service spec. CIS will not process the services that have the loadBalancerClass field set in the service spec. If you have configured the loadBalancerClass field in the service for TS/VS/IngressLink/SvcLB, then configure the CIS deployment parameter load-balancer-class to the same value, Otherwise CIS will not process the service with loadBalancerClass field configured in the service for TS/VS/IngressLink/SvcLB.

Note

Load Balancer Class is supported for all the Custom Resources (VirtualServer, TransportServer and IngressLink) and loadBalancer service by default and can not be disabled. You need to either remove the loadBalancerClass field from the service or configure the CIS deployment parameter load-balancer-class to the same value as the loadBalancerClass field in the service.

CIS Deployment parameters for Load Balancer Class

CIS supports two deployment parameters for the Load Balancer Class:

Parameter Type Required Default Description Allowed Values Agent Minimum supported version
load-balancer-class String Optional “” CIS considers services only that matches the specified class. CIS will ignore services that have this field set and does not match with the provided load-balancer-class.   AS3 2.18.0
manage-load-balancer -class-only Boolean Optional false

If set to true, CIS processes all load balancer services with loadBalancerClass only.

If set to false, CIS process all the load balancer service without loadBalancerClass and service that have the loadBalancerClass specified by the load-balancer-class parameter.

 true, false AS3 2.18.0

FIC Integration:

See How F5 IPAM Controller works.