A kubernetes network load balancer operator implementation.
THIS SOFTWARE IS WORK IN PROGRESS / ALPHA RELEASE AND IS NOT MEANT FOR USAGE IN PRODUCTION SYSTEMS
Introduction blog article: PaperLB. A Kubernetes Network Load Balancer Implementation
You might have noticed that vanilla Kubernetes does not come with a Load Balancer implementation. If you create a LoadBalancer Service in a self-hosted cluster setup, its status will remain "pending" and it won't show an external IP you can use to access the service. It should look something like this:
$ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
k8s-pod-info-api-service LoadBalancer 10.43.12.233 <pending> 5000:31767/TCP 6s
On the other hand, when you create a LoadBalancer Service in a managed kubernetes cluster such as GCP GKE or AWS EKS, the service will receive an External IP from a Load Balancer assigned by the cloud provider.
The idea behind PaperLB is to allow "LoadBalancer" type services to work with external network load balancers in any environment. PaperLB allows you to use an external L4 Load Balancer of your choice (an nginx server for example) in front of your Kubernetes cluster services. It should work on your development clusters running locally as well as cloud virtual machines or bare metal.
PaperLB is implemented as a kubernetes "Operator":
- Custom Resource Definitions
- Kubernetes Controllers that manage the Custom Resources and interact with your load balancer
The idea is:
- You create a Kubernetes LoadBalancer type service and a LoadBalancerConfig configuration object
- The controller notices the service and LoadBalancerConfig and creates a "LoadBalancer" object
- The controller notices the "LoadBalancer" object and updates your network load balancer using the config data + the service/nodes info
- Works with TCP or UDP L4 load balancers
- Adapters implemented:
- Updates load balancer configuration on:
- Node updates
- Service updates
- Deletes load balancer configuration on Service deletion
You’ll need a kubernetes cluster to run against. You can use a local cluster for testing, or run against a remote cluster.
Note: Your controller will automatically use the current context in your kubeconfig file (i.e. whatever cluster kubectl cluster-info
shows).
You can find the full example in the demo/ directory Service example:
apiVersion: v1
kind: Service
metadata:
labels:
app: k8s-pod-info-api
name: k8s-pod-info-api-service
#optional annotation to use a config different than the default config
#annotations:
# lb.paperlb.com/config-name: "my-special-config"
spec:
ports:
- port: 5000
protocol: TCP
targetPort: 4000
selector:
app: k8s-pod-info-api
type: LoadBalancer
LoadBalancerConfig example:
apiVersion: lb.paperlb.com/v1alpha1
kind: LoadBalancerConfig
metadata:
name: default-lb-config
namespace: paperlb-system
spec:
default: true
httpUpdaterURL: "http://192.168.64.1:3000/api/v1/lb"
host: "192.168.64.1"
portRange:
low: 8100
high: 8200
LoadBalancerConfig fields:
.spec.default
: "true" if this should be the default config, false otherwise.spec.httpUpdaterURL
: URL where the http lb updater instance can be called. The API is explained here: https://github.com/didil/nginx-lb-updater#api.spec.host
: Load Balancer Host.spec.portRange
: The controller will select a load balancer port from this range.spec.portRange.low
: Lowest of the available ports on the load balancer.spec.portRange.high
: Highest of the available ports on the load balancer
When you apply these manifests, a load balancer resource should be created. To get the load balancer connection info you can run:
$ k get loadbalancer k8s-pod-info-api-service
NAME HOST PORT PROTOCOL TARGETCOUNT STATUS
k8s-pod-info-api-service 192.168.64.1 8100 TCP 2 READY
Testing with Curl
$ curl -s 192.168.64.1:8100/api/v1/info|jq
"pod": {
"name": "k8s-pod-info-api-84dc7c9bdd-mz74t",
"ip": "10.42.0.27",
"namespace": "default",
"serviceAccountName": "default"
},
"node": {
"name": "k3s-local-server"
}
}
To run tests:
make test
- Install the CRDs into the cluster:
make install
- Run your controller (this will run in the foreground, so switch to a new terminal if you want to leave it running):
make run
-
You will need to run a load balancer instance and an API to allow the load balancer to be updated. You can use the example from this repository https://github.com/didil/nginx-lb-updater#run-locally
-
The demo folder contains sample resource definitions to create a service and deployment. You can tweak them and run:
kubectl apply -f demo/
To install PaperLB CRDs and controllers, run:
kubectl apply -f https://raw.githubusercontent.com/didil/paperlb/v0.2.0/config/manifests/paperlb.yaml
The resources are created in the paperlb-system
namespace.
Please feel free to open issues and / PRs if you'd like to contribute ! You can also get in touch at [email protected]
Copyright 2023 Adil H.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.