LATEST VERSION: v1.2 - RELEASE NOTES
Pivotal Container Service v1.2

Configuring a GCP Load Balancer for PKS Clusters

Page last updated:

This topic describes how to configure a Google Cloud Platform (GCP) load balancer for a Kubernetes cluster deployed by Pivotal Container Service (PKS).

A load balancer is a third-party device that distributes network and application traffic across resources. You can use a load balancer to access a PKS cluster from outside the network using the PKS API and kubectl. Using a load balancer can also prevent individual network components from being overloaded by high traffic.

You can configure GCP load balancers only for PKS clusters that are deployed on GCP.

Prerequisites

The procedures in this topic have the following prerequisites:

  • To complete these procedures, you must have already configured a load balancer to access the PKS API. For more information, see Creating a GCP Load Balancer for the PKS API.
  • The version of the PKS CLI you are using must match the version of the PKS tile you are installing.

Configure GCP Load Balancer

Follow the procedures in this section to create and configure a load balancer for PKS-deployed Kubernetes clusters using GCP. Modify the example commands in these procedures to match your PKS installation.

Step 1: Create a GCP Load Balancer

Perform the following steps to create a GCP load balancer for your PKS clusters:

  1. Navigate to the Google Cloud Platform console.
  2. In the sidebar menu, select Network Services > Load balancing.
  3. Click Create a Load Balancer.
  4. In the TCP Load Balancing pane, click Start configuration.
  5. Click Continue. The New TCP load balancer menu opens.
  6. Give the load balancer a name. For example, my-cluster.
  7. Click Frontend configuration and configure the following settings:
    1. Click IP.
    2. Select Create IP address.
    3. Give the IP address a name. For example, my-cluster-ip.
    4. Click Reserve. GCP assigns an IP address.
    5. In the Port field, enter 8443.
    6. Click Done to complete frontend configuration.
  8. Review your load balancer configuration and click Create.

Step 2: Create the Cluster

Follow the procedures in the Create a Kubernetes Cluster section of Creating Clusters. Use the GCP-assigned IP address from the previous step as the external hostname when you run the pks create-cluster command.

Step 3: Configure Load Balancer Backend

Perform the following steps to configure the backend of the load balancer:

  1. Navigate to the Google Cloud Platform console.
  2. In the sidebar menu, select Network Services > Load balancing.
  3. Select the load balancer you created for the cluster and select Configure.
  4. Click Backend configuration and configure the following settings:
    1. Select all master VMs for your cluster from the dropdown. To locate the IP addresses and VM IDs of the master VMs, see Identify Kubernetes Cluster Master VMs in Creating Clusters.

      Breaking Change: If master VMs are recreated for any reason, such as a stemcell upgrade, you must reconfigure the load balancer to target the new master VMs. For more information, see the Reconfiguring a GCP Load Balancer section below.

    2. Specify any other configuration options you require and click Update to complete backend configuration.

      Note: For clusters with multiple master node VMs, health checks on port 8443 are recommended.

Step 4: Access the Cluster

Perform the following steps to complete cluster configuration:

  1. From your local workstation, run pks get-credentials CLUSTER-NAME. This command creates a local kubeconfig that allows you to manage the cluster. For more information about the pks get-credentials command, see Retrieving Cluster Credentials and Configuration.

  2. Run kubectl cluster-info to confirm you can access your cluster using the Kubernetes CLI.

See Managing PKS for information about checking cluster health and viewing cluster logs.

Step 5: Create a Network Tag

Perform the following steps to create a network tag:

  1. In the Google Cloud Platform sidebar menu, select Compute Engine > VM instances.
  2. Filter to find the master instances of your cluster. Type master in the Filter VM Instances search box and press Enter.
  3. Click the name of the master instances. The VM instance details menu opens.
  4. Click Edit.
  5. Click in the Network tags field and type a human-readable name in lower case letters. Press Enter to create the network tag.
  6. Scroll to the bottom of the screen and click Save.

Step 6: Create Firewall Rules

Perform the following steps to create firewall rules:

  1. In the Google Cloud Platform sidebar menu, select VPC Network > Firewall Rules.
  2. Click Create Firewall Rule. The Create a firewall rule menu opens.
  3. Give your firewall rule a human-readable name in lower case letters. For ease of use, you may want to align this name with the name of the load balancer you created in Step 1: Create a GCP Load Balancer.
  4. In the Network menu, select the VPC network on which you have deployed the PKS tile.
  5. In the Direction of traffic field, select Ingress.
  6. In the Action on match field, select Allow.
  7. Confirm that the Targets menu is set to Specified target tags and enter the tag you made in Step 5: Create a Network Tag in the Target tags field.
  8. In the Source filter field, choose an option to filter source traffic.
  9. Based on your choice in the Source filter field, specify IP addresses, Subnets, or Source tags to allow access to your cluster.
  10. In the Protocols and ports field, choose Specified protocols and ports and enter the port number you specified in Step 1: Create a GCP Load Balancer, prepended by tcp:. For example: tcp:8443.
  11. Specify any other configuration options you require and click Done to complete frontend configuration.
  12. Click Create.

Reconfigure Load Balancer

If Kubernetes master node VMs are recreated for any reason, you must reconfigure your cluster load balancers to point to the new master VMs. For example, after a stemcell upgrade, BOSH recreates the VMs in your deployment.

To reconfigure your GCP cluster load balancer to use the new master VMs, do the following:

  1. Locate the VM IDs of the new master node VMs for the cluster. For information about locating the VM IDs, see Identify Kubernetes Cluster Master VMs in Creating Clusters.
  2. Navigate to the GCP console.
  3. In the sidebar menu, select Network Services > Load balancing.
  4. Select your cluster load balancer and click Edit.
  5. Click Backend configuration.
  6. Click Select existing instances.
  7. Select the new master VM IDs from the dropdown. Use the VM IDs you located in the first step of this procedure.
  8. Click Update.

Please send any feedback you have to pks-feedback@pivotal.io.

Create a pull request or raise an issue on the source for this page in GitHub