forked from pivotal-cf/docs-pks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
aws-cluster-load-balancer.html.md.erb
142 lines (96 loc) · 6.9 KB
/
aws-cluster-load-balancer.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
---
title: Creating and Configuring an AWS Load Balancer for Enterprise PKS Clusters
owner: PKS
---
This topic describes how to configure a Amazon Web Services (AWS) load balancer for your <%= vars.product_full %> cluster.
A load balancer is a third-party device that distributes network and application traffic across resources.
Using a load balancer can also prevent individual network components from being overloaded by high traffic.
For more information about the different types of load balancers used in a <%= vars.product_short %> deployment see [Load Balancers in PKS](./about-lb.html).
You can use an AWS <%= vars.product_short %> cluster load balancer to secure and facilitate access to a <%= vars.product_short %> cluster from outside the network.
You can also [reconfigure](#reconfigure) your AWS <%= vars.product_short %> cluster load balancers.
Using an AWS <%= vars.product_short %> cluster load balancer is optional, but adding one to your Kubernetes cluster can make it easier to manage the cluster using the PKS API and `kubectl`.
<p class="note"><strong>Note</strong>: If Kubernetes master node VMs are recreated for any reason, you must reconfigure your
AWS PKS cluster load balancers to point to the new master VMs.</p>
##<a id="prereqs"></a> Prerequisite
The version of the PKS CLI you are using must match the version of the <%= vars.product_tile %> tile that you are installing.
<p class="note"><strong>Note</strong>: This procedure uses example commands which you should modify to represent the details of your <%= vars.product_short %> installation.</p>
##<a id="create"></a> Configure AWS Load Balancer
### <a id='define-lb'></a>Step 1: Define Load Balancer
To define your load balancer using AWS, you must provide a name, select a VPC, specify listeners, and select subnets where you want to create the load balancer.
Perform the following steps:
1. In a browser, navigate to the [AWS Management Console](https://console.aws.amazon.com/console/home).
1. Under **Compute**, click **EC2**.
1. In the **EC2 Dashboard**, under **Load Balancing**, click **Load Balancers**.
1. Click **Create Load Balancer**.
1. Under **Classic Load Balancer**, click **Create**.
1. On the **Define Load Balancer** page, complete the **Basic Configuration** section as follows:
1. **Load Balancer name**: Name the load balancer. Pivotal recommends that you name your load balancer `k8s-master-CLUSTERNAME` where `CLUSTERNAME` is a unique name that you provide when creating the cluster. For example, `k8s-master-mycluster`.
1. **Create LB inside**: Select the VPC where you installed Ops Manager.
1. **Create an internal load balancer**: Do not enable this checkbox. The cluster load balancer must be internet-facing.
1. Complete the **Listeners Configuration** section as follows:
1. Configure the first listener as follows.
* Under **Load Balancer Protocol**, select **TCP**.
* Under **Load Balancer Port**, enter `8443`.
* Under **Instance Protocol**, select **TCP**.
* Under **Instance Port**, enter `8443`.
1. Under **Select Subnets**, select the public subnets for your load balancer in the availability zones where you want to create the load balancer.
1. Click **Next: Assign Security Groups**.
### <a id='assign-security-groups'></a>Step 2: Assign Security Groups
Perform the following steps to assign security groups:
1. On the **Assign Security Groups** page, select one of the following:
* **Create a new security group**: Complete the security group
configuration as follows:
1. **Security group name**: Name your security group.
1. Confirm that your security group includes **Protocol** `TCP` with
**Ports** `8443`.
* **Select an existing security group**: Select the default security group.
The default security group includes includes **Protocol** `TCP` with
**Ports** `8443`.
1. Click **Next: Configure Security Settings**.
### <a id='configure-security-settings'></a>Step 3: Configure Security Settings
On the **Configure Security Settings** page, ignore the warning. SSL termination is done on the Kubernetes API.
### <a id='configure-health-check'></a>Step 4: Configure Health Check
Perform the following steps to configure the health check:
1. On the **Configure Health Check** page, set the **Ping Protocol** to `TCP`.
1. For **Ping Port**, enter `8443`.
1. Click **Next: Add EC2 Instances**.
### <a id='add-ec2-instances'></a>Step 5: Add EC2 Instances
Perform the following steps:
1. Verify the settings under **Availability Zone Distribution**.
1. Click **Add Tags**.
### <a id='add-tags'></a>(Optional) Step 6: Add Tags
Perform the following steps to add tags:
1. Add tags to your resources to help organize and identify them. Each tag consists of a case-sensitive key-value pair.
1. Click **Review and Create**.
### <a id='review-create'></a>Step 7: Review and Create the Load Balancer
Perform the following steps to review your load balancer details and create your load balancer:
1. On the **Review** page, review your load balancer details and edit any as necessary.
1. Click **Create**.
### <a id='create-cluster'></a> Step 8: Create a Cluster
Create a Kubernetes cluster using the AWS-assigned address of your load balancer as the external
hostname when you run the `pks create-cluster` command. For example:
<pre class="terminal">$ pks create-cluster my-cluster \
--external-hostname example111a6511e9a099028c856be95-155233362.eu-west-1.elb.amazonaws.com \
--plan small --num-nodes 10
</pre>
For more information, see [Create a Kubernetes Cluster](create-cluster.html#create) section of _Creating Clusters_.
### <a id='point'></a>Step 9: Point the Load Balancer to All Master VMs
1. Locate the VM IDs of all master node VMs for your cluster.
For information about locating the VM IDs, see [Identify Kubernetes Cluster Master VMs](create-cluster.html#master-id) in _Creating Clusters_.
1. Navigate to the [AWS console](https://console.aws.amazon.com/console/home).
1. Under EC2, select **Load balancers**.
1. Select the load balancer.
1. On the **Instances** tab, click **Edit instances**.
1. Select all master nodes in the list of VMs.
1. Click **Save**.
## <a id="reconfigure"></a>Reconfigure AWS Load Balancer
If Kubernetes master node VMs are recreated for any reason, you must reconfigure your cluster load balancers to point to the new master VMs.
For example, after a stemcell upgrade, BOSH recreates the VMs in your deployment.
To reconfigure your AWS cluster load balancer to use the new master VMs, do the following:
1. Locate the VM IDs of the new master node VMs for the cluster. For information about locating the VM IDs, see [Identify Kubernetes Cluster Master VMs](create-cluster.html#master-id) in _Creating Clusters_.
1. Navigate to the [AWS console](https://console.aws.amazon.com/console/home).
1. Under EC2, select **Load balancers**.
1. Select the load balancer.
1. On the **Instances** tab, click **Edit instances**.
1. Select the new master nodes in the list of VMs.
1. Click **Save**.