Skip to main content
Skip table of contents

External Load Balancer

Load Balancing for External Traffic in DKP

DKP includes a load balancing solution for the supported cloud infrastructure providers and for pre-provisioned environments. For more information, see Load Balancing for external traffic in DKP.

If you want to use a non-DKP load balancer (for example, as an alternative to MetalLB in pre-provisioned environments), DKP supports setting up an external load balancer.

When enabled, the external load balancer routes incoming traffic requests to a single point of entry in your cluster. Users and services can then access the DKP UI through an established IP or DNS address.

In DKP environments, the external load balancer must be configured without TLS termination.

Configure Kommander to use an External Load Balancer

To configure an external load balancer, configure a custom hostname (static IP or dynamic DNS address) and specify the target nodePorts for your cluster.

  1. Open the Kommander Installer Configuration File or kommander.yaml file:

    1. If you do not have the kommander.yaml file, initialize the configuration file, so you can edit it in the following steps. WARNING: Initialize this file only ONCE, otherwise you will overwrite previous customizations.

    2. If you have initialized the configuration file already, open the kommander.yaml with the editor of your choice.

  2. In that file, add the following line for the IP address or DNS name:
    (warning) ACME does not support the automatic creation of a certificate if you select an IP address for your clusterHostname.

    CODE
    [...]
    clusterHostname: <mycluster.example.com OR IP_address>
    [...]
  3. Optional: If you require a custom certificate for your clusterHostname, see Configure the Kommander Installation with a Custom Domain and Certificate.

  4. In the same Kommander Installer Configuration File, configure Kommander to use the NodePort service by adding a custom configuration under traefik:
    (warning) You can specify the nodePort entry points for the load balancer. Ensure the port is within the Kubernetes default (30 000 - 32 768). If not specified, Kommander assigns a port dynamically.

    CODE
    traefik:
      enabled: true
      values: |-
        ports:
          web:
            nodePort: 32080 #if not specified, will be assigned dynamically
          websecure:
            nodePort: 32443 #if not specified, will be assigned dynamically
        service:
          type: NodePort
  5. Use the configuration file to install Kommander.

Configure the External Load Balancer to Target the Specified Ports

The traefik service of the Kommander component now actively listens on the pod IPs, and is accessible through the specified ports on every node.

Configure the load balancer targets to include every worker node address (DNS name or IP address) and node port combination by following this format:

CODE
<node1>:<nodePort_web> # for example, my.node1.internal:32080
<node2>:<nodePort_web>
<node3>:<nodePort_web>
[...]
<node1>:<nodePort_websecure> # for example, my.node1.internal:32443
<node2>:<nodePort_websecure>
<node3>:<nodePort_websecure>
[...]

The exact configuration depends on your load balancer provider.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.