mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
124 lines
4.2 KiB
Plaintext
124 lines
4.2 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * installing/installing_aws/ipi/installing-aws-outposts.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="aws-outposts-load-balancer-clb_{context}"]
|
|
= Using AWS Classic Load Balancers in an AWS VPC cluster extended into an Outpost
|
|
|
|
AWS Outposts infrastructure cannot run AWS Classic Load Balancers, but Classic Load Balancers in the AWS VPC cluster can target edge compute nodes in the Outpost if edge and cloud-based subnets are in the same availability zone.
|
|
As a result, Classic Load Balancers on the VPC cluster might schedule pods on either of these node types.
|
|
|
|
Scheduling the workloads on edge compute nodes and cloud-based compute nodes can introduce latency.
|
|
If you want to prevent a Classic Load Balancer in the VPC cluster from targeting Outpost edge compute nodes, you can apply labels to the cloud-based compute nodes and configure the Classic Load Balancer to only schedule on nodes with the applied labels.
|
|
|
|
[NOTE]
|
|
====
|
|
If you do not need to prevent a Classic Load Balancer in the VPC cluster from targeting Outpost edge compute nodes, you do not need to complete these steps.
|
|
====
|
|
|
|
.Prerequisites
|
|
|
|
* You have extended an AWS VPC cluster into an Outpost.
|
|
|
|
* You have access to the cluster using an account with `cluster-admin` permissions.
|
|
|
|
* You have installed the {oc-first}.
|
|
|
|
* You have created a user workload in the Outpost with tolerations that match the taints for your edge compute machines.
|
|
|
|
.Procedure
|
|
|
|
. Optional: Verify that the edge compute nodes have the `location=outposts` label by running the following command and verifying that the output includes only the edge compute nodes in your Outpost:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get nodes -l location=outposts
|
|
----
|
|
|
|
. Label the cloud-based compute nodes in the VPC cluster with a key-value pair by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ for NODE in $(oc get node -l node-role.kubernetes.io/worker --no-headers | grep -v outposts | awk '{print$1}'); do oc label node $NODE <key_name>=<value>; done
|
|
----
|
|
+
|
|
where `<key_name>=<value>` is the label you want to use to distinguish cloud-based compute nodes.
|
|
+
|
|
.Example output
|
|
[source,text]
|
|
----
|
|
node1.example.com labeled
|
|
node2.example.com labeled
|
|
node3.example.com labeled
|
|
----
|
|
|
|
. Optional: Verify that the cloud-based compute nodes have the specified label by running the following command and confirming that the output includes all cloud-based compute nodes in your VPC cluster:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get nodes -l <key_name>=<value>
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
NAME STATUS ROLES AGE VERSION
|
|
node1.example.com Ready worker 7h v1.34.2
|
|
node2.example.com Ready worker 7h v1.34.2
|
|
node3.example.com Ready worker 7h v1.34.2
|
|
----
|
|
|
|
. Configure the Classic Load Balancer service by adding the cloud-based subnet information to the `annotations` field of the `Service` manifest:
|
|
+
|
|
.Example service configuration
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app: <application_name>
|
|
name: <application_name>
|
|
namespace: <application_namespace>
|
|
annotations:
|
|
service.beta.kubernetes.io/aws-load-balancer-subnets: <aws_subnet> # <1>
|
|
service.beta.kubernetes.io/aws-load-balancer-target-node-labels: <key_name>=<value> # <2>
|
|
spec:
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
protocol: TCP
|
|
targetPort: 8080
|
|
selector:
|
|
app: <application_name>
|
|
type: LoadBalancer
|
|
----
|
|
<1> Specify the subnet ID for the AWS VPC cluster.
|
|
<2> Specify the key-value pair that matches the pair in the node label.
|
|
|
|
. Create the `Service` CR by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc create -f <file_name>.yaml
|
|
----
|
|
|
|
.Verification
|
|
|
|
. Verify the status of the `service` resource to show the host of the provisioned Classic Load Balancer by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ HOST=$(oc get service <application_name> -n <application_namespace> --template='{{(index .status.loadBalancer.ingress 0).hostname}}')
|
|
----
|
|
|
|
. Verify the status of the provisioned Classic Load Balancer host by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ curl $HOST
|
|
----
|
|
|
|
. In the AWS console, verify that only the labeled instances appear as the targeted instances for the load balancer.
|