Load Balancer
Introduction
This document provides instructions on using Azure Load Balancers with your AKS cluster.
Load balancers can be managed trough kubernetes service deployments.
When you deploy a kubernetes Loadbalancer service, a public or private Azure load balancer is automatically created and managed by the AKS cluster.
Using the public load balancer
To create a public service of type LoadBalancer, copy the manifest below and paste it into a file named public-svc.yaml.
apiVersion: v1
kind: Service
metadata:
name: public-svc
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: public-app
Deploy the public service manifest using kubectl apply and specify the name of your YAML manifest.
kubectl apply -f public-svc.yaml
Using the private load balancer
To set up an internal load balancer, you can follow these steps:
- Create a service manifest file named
internal-lb.yaml. - In the service manifest, specify the service type as LoadBalancer.
- Add the azure-load-balancer-internal annotation to the manifest to indicate that it’s an internal load balancer.
Here’s an example of how to add the annotation to the manifest:
apiVersion: v1
kind: Service
metadata:
name: internal-app
annotations:
service.beta.kubernetes.io/azure-load-balancer-internal: "true"
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: internal-app
Deploy the internal load balancer using kubectl apply and specify the name of your YAML manifest.
kubectl apply -f internal-lb.yaml
After deploying the manifest, the AKS cluster will create a private azure loadbalancer
Restrict inbound traffic to specific IP ranges
The following manifest uses loadBalancerSourceRanges to specify a new IP range for inbound external traffic.
Here’s an example of how to add the annotation to the manifest:
apiVersion: v1
kind: Service
metadata:
name: azure-vote-front
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: azure-vote-front
loadBalancerSourceRanges:
- <IP_RANGE> # e.g. - 10.1.0.0/16