External Load Balancers
External load balancers for Verrazzano system and application endpoints
Verrazzano requires the following load balancers at installation:
- Load balancer for NGINX ingress
- Load balancer for Istio ingress
By default, Verrazzano automatically creates them as Kubernetes managed load balancers.
However, users do have the options to use their own external load balancers. They can pick and choose to replace either or both load balancers.
The following is an example of using external load balancers for both system and application ingress.
Prepare the external load balancers
-
External load balancer for system ingress
- This load balancer must have a listener set up on port
443
withTCP
protocol. - The backend set for this listener needs to include the Kubernetes cluster node IP addresses on a port you pick, for example,
31443
.
- This load balancer must have a listener set up on port
-
External load balancer for application ingress
- This load balancer must have a listener set up on port
443
withTCP
protocol. - The backend set for this listener needs to include the Kubernetes cluster node IP addresses on a port you pick, for example,
32443
.
- This load balancer must have a listener set up on port
Verrazzano installation options
-
External load balancer for system ingress
- Set
NodePort
as the ingress type in Ingress Component. - Set
controller.service.externalIPs
with the IP address for the external system load balancer in NGINX Install Args. - Set
ports
in Ingress Component with a PortConfig that has443
asport
,31443
asnodePort
,https
astargetPort
, andTCP
asprotocol
.
- Set
-
External load balancer for application ingress
- Set
NodePort
as the Istio ingress type in Istio Ingress Configuration. - Set
gateways.istio-ingressgateway.externalIPs
with the IP address for the external application load balancer in Istio Install Args. - Set
ports
in Istio Ingress Configuration with a PortConfig that has443
asport
,32443
asnodePort
,8443
astargetPort
, andTCP
asprotocol
.
- Set
Example Custom Resource with system and application external load balancers
apiVersion: install.verrazzano.io/v1alpha1
kind: Verrazzano
metadata:
name: myvz
spec:
components:
ingress:
type: NodePort
ports:
- name: https
port: 443
nodePort: 31443
protocol: TCP
targetPort: https
nginxInstallArgs:
- name: controller.service.externalIPs
valueList:
- 11.22.33.44
istio:
ingress:
type: NodePort
ports:
- name: https
port: 443
nodePort: 32443
protocol: TCP
targetPort: 8443
istioInstallArgs:
- name: gateways.istio-ingressgateway.externalIPs
valueList:
- 55.66.77.88
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.