LATEST VERSION: v1.2 - RELEASE NOTES
Pivotal Container Service v1.2

Creating an AWS Load Balancer for the PKS API

Page last updated:

This topic describes how to create a load balancer for the PKS API using Amazon Web Services (AWS).

Before you install PKS, you must configure an external TCP load balancer to access the PKS API from outside the network. You can use any external TCP load balancer of your choice.

Refer to the procedures in this topic to create a load balancer using AWS. If you choose to use a different load balancer, use this topic as a guide.

Step 1: Define Load Balancer

To define your load balancer using AWS, you must provide a name, select a VPC, specify listeners, and select subnets where you want to create the load balancer. Perform the following steps:

  1. In a browser, navigate to the AWS Management Console.
  2. Under Compute, click EC2.
  3. In the EC2 Dashboard, under Load Balancing, click Load Balancers.
  4. Click Create Load Balancer.
  5. Under Classic Load Balancer, click Create.
  6. On the Define Load Balancer page, complete the Basic Configuration section as follows:
    1. Load Balancer name: Name the load balancer. Pivotal recommends that you name your load balancer pks-api.
    2. Create LB inside: Select the VPC where you installed Ops Manager.
    3. Create an internal load balancer: Do not enable this checkbox. The PKS API load balancer must be internet-facing.
  7. Complete the Listeners Configuration section as follows:
    1. Configure the first listener as follows.
      • Under Load Balancer Protocol, select TCP.
      • Under Load Balancer Port, enter 8443.
      • Under Instance Protocol, select TCP.
      • Under Instance Port, enter 8443.
    2. Click Add.
      • Under Load Balancer Protocol, select TCP.
      • Under Load Balancer Port, enter 9021.
      • Under Instance Protocol, select TCP.
      • Under Instance Port, enter 9021.
  8. Under Select Subnets, select the public subnets for your load balancer in the availability zones where you want to create the load balancer.
  9. Click Next: Assign Security Groups.

Step 2: Assign Security Groups

  1. On the Assign Security Groups page, select one of the following:

    • Create a new security group: Complete the security group configuration as follows:
      1. Security group name: Name your security group.
      2. Click Add Rule and complete the following fields:
        • Type: Select Custom TCP.
        • Port Range: Enter 8443.
        • Source: Select Custom and enter 0.0.0.0/0.
      3. Click Add Rule and complete the following fields:
        • Type: Select Custom TCP.
        • Port Range: Enter 9021.
        • Source: Select Custom and enter 0.0.0.0/0.
      4. Click Save.
    • Select an existing security group: Select the default security group. The default security group includes includes Protocol TCP with Ports 8443 and 9021.
  2. Click Next: Configure Security Settings.

Step 3: Configure Security Settings

On the Configure Security Settings page, ignore the warning. SSL termination is done on the PKS API server.

Step 4: Configure Health Check

  1. On the Configure Health Check page, set the Ping Protocol to TCP.

  2. For Ping Port, enter 9021.

Step 5: (Optional) Add Tags

  1. (Optional) Add tags to your resources to help organize and identify them. Each tag consists of a case-sensitive key-value pair.

  2. Click Review and Create.

Step 6: Review and Create

  1. On the Review page, review your load balancer details and edit any as necessary.

  2. Click Create.

Next Steps

After you complete this procedure, follow the instructions in Installing PKS on AWS.


Please send any feedback you have to pks-feedback@pivotal.io.

Create a pull request or raise an issue on the source for this page in GitHub