When you set the type of a service to LoadBalancer, the cloud controller manager (CCM) of Alibaba Cloud Container Compute Service (ACS) provisions a Server Load Balancer (SLB) instance for the service, which includes resources like listeners and backend server groups. This topic describes the key considerations for configuring a LoadBalancer service in an ACS cluster and explains the CCM's resource update policies.
SLB update policies
You can either use an existing SLB instance for a service or let the CCM create a new one. These two methods have different resource update policies, as shown in the following table.
|
Resource |
Existing SLB instance |
CCM-managed SLB instance |
|
SLB instance |
Specify an existing instance by using the
|
|
|
Listener |
Configure listener behavior by using the
|
The CCM automatically creates and configures listeners based on the service configuration. |
|
Backend server group |
When the backend endpoints or cluster nodes of the service change, the CCM automatically updates the vServer groups of the SLB instance. In an ACS cluster, the CCM supports adding only pod IPs to the vServer groups. |
|
Usage notes
-
Which SLB instances can be reused?
-
You can reuse SLB instances that you create in the SLB console, but not those automatically created by the CCM.
-
If you want to reuse a private SLB instance in a Kubernetes cluster, the SLB instance must be in the same virtual private cloud (VPC) as the cluster.
-
-
Considerations for CCM-managed SLB instances
-
The CCM configures an SLB instance only for a service of type
LoadBalancer. The CCM does not configure load balancing for services of other types.ImportantWhen a Service of
Type=LoadBalanceris changed toType!=LoadBalancer, the CCM deletes the SLB configuration, which makes the Service inaccessible through that SLB. -
The CCM uses a declarative API and automatically reconciles the SLB instance configuration based on the service configuration. When the
service.beta.kubernetes.io/alibaba-cloud-loadbalancer-force-override-listenersannotation is set totrue, any manual changes that you make to the configuration in the SLB console risk being overwritten.ImportantDo not manually modify any configuration of an SLB instance that is created and maintained by Kubernetes in the SLB console. Otherwise, your changes may be overwritten and the service may become inaccessible.
-
Quotas
VPC
-
Each node in a cluster corresponds to one route entry. By default, a VPC supports a maximum of 200 route entries. If your cluster has more than 200 nodes, log on to the Quota Center console and submit an application to request a quota increase.
-
For more information about VPC usage limits, see Limits and quotas.
To view your VPC quotas, go to the VPC Quota Management page.
SLB
-
The CCM creates an SLB instance for each service of type
LoadBalancer. By default, each Alibaba Cloud account can have up to 60 SLB instances. If you need more than 60 SLB instances, log on to the Quota Center console and submit an application. -
The CCM creates listeners for the SLB instance based on the ports defined in the service. By default, you can add a maximum of 50 listeners to an SLB instance. To add more listeners, log on to the Quota Center console and submit an application.
-
For more information about SLB usage limits, see Limits.
To view your SLB quotas, go to the SLB Quota Management page.