Use the LoadBalancer service type

Learn how to expose applications using the LoadBalancer (layer-4) service type

Kubernetes enables you to define a logical set of Pods and an access policy as a Service. You can then use services and service types to control how your applications receive traffic. The LoadBalancer service type creates an external load balancer in the public cloud infrastructure and assigns a fixed, external IP to the service. Users can then access the service through the exposed IP address. The application is responsible for authentication and authorization. Many public clouds allow you to restrict access to the load balancer by the source IP address. For more information, see the Kubernetes Services, Load Balancer, and Networking documentation.

This tutorial demonstrates how to expose an application running on the Konvoy cluster using the LoadBalancer (layer-4) service type.

Before you begin

Before starting this tutorial, you should verify the following:

  • You must have access to a Linux, macOS, or Windows computer with a supported operating system version.

  • You must have a properly deployed and running cluster. For information about deploying Kubernetes with default settings, see the Quick Start.

Expose a pod using the LoadBalancer (L4) service

  1. Deploy a Redis Pod on your Kubernetes cluster by running the following command:

    cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
  labels:
    app: redis
  name: redis
spec:
  containers:
  - name: redis
    image: redis:5.0.3
    ports:
    - name: redis
      containerPort: 6379
      protocol: TCP
EOF

  2. Create a service with the service type of LoadBalancer by running the following command:

    cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Service
metadata:
  labels:
    app: redis
  name: redis
spec:
  type: LoadBalancer
  selector:
    app: redis
  ports:
  - protocol: TCP
    port: 6379
    targetPort: 6379
EOF

    The configuration settings in this example illustrate:

    • setting the kind to Service.
    • setting the app to be exposed to redis.
    • setting the service type to LoadBalancer.

  3. Get the URL of the load balancer created by the cloud provider (AWS) for the Redis service by running the following command:

    kubectl get svc redis

    This command displays the internal and external IP addresses for the service.

    NAME    TYPE           CLUSTER-IP   EXTERNAL-IP                                                               PORT(S)          AGE
redis   LoadBalancer   10.0.51.32   a92b6c9216ccc11e982140acb7ee21b7-1453813785.us-west-2.elb.amazonaws.com   6379:31423/TCP   43s

    NOTE: The external load balancer can take a few minutes to create. If the EXTERNAL-IP column is empty, then the external load balancer has not yet been created.

  4. Validate that you can access the Redis pod by connecting to the external IP address using the telnet command:

    telnet a92b6c9216ccc11e982140acb7ee21b7-1453813785.us-west-2.elb.amazonaws.com 6379
Trying 52.27.218.48...
Connected to a92b6c9216ccc11e982140acb7ee21b7-1453813785.us-west-2.elb.amazonaws.com.
Escape character is '^]'.
quit
+OK
Connection closed by foreign host.

    NOTE: If the external load balancer has a hostname, the DNS record can take a few minutes to propagate. If the telnet command fails because the hostname cannot be resolved, the DNS record has not yet propagated.