Skip to main content

How to create Service type LoadBalancer with private ip address from assigned vnet-subnet

Use-case - To expose the service within virtual network as Internal LoadBalancer

By default, when we create service type LoadBalancer without customized annotations in AKS(Azure Kubernetes Service), then AKS will create Load Balancer with Public IP attached to it, through which application can be accessible to internet world.

However, it is possible that we may need to create service to be exposed within virtual network only, however with service type Load Balancer.

For this, we need to add service.beta.kubernetes.io/azure-load-balancer-internal: "true" in annotations in kubernetes service manifest file.

Create an Internal LoadBalancer

            
apiVersion: v1
kind: Service
metadata:
  name: nameOfService
  annotations:
    service.beta.kubernetes.io/azure-load-balancer-internal: "true"
spec:
  type: LoadBalancer
  ports:
  - port: 8080
    targetPort: 8080
  selector:
    app: nameOfApplication

Define particular private ip address

For this, we need to add loadBalancerIP in spec with required IP address from the same subnet of AKS.

Ex.

            
apiVersion: v1
kind: Service
metadata:
  name: nameOfService
  annotations:
    service.beta.kubernetes.io/azure-load-balancer-internal: "true"
spec:
  type: LoadBalancer
  loadBalancerIP: 10.10.10.10
  ports:
  - port: 8080
    targetPort: 8080
  selector:
    app: nameOfApplication

Define particular subnet

For this, we need to add service.beta.kubernetes.io/azure-load-balancer-internal-subnet: "subnetName" in annotations

Ex.

            
apiVersion: v1
kind: Service
metadata:
  name: nameOfService
  annotations:
    service.beta.kubernetes.io/azure-load-balancer-internal: "true"
    service.beta.kubernetes.io/azure-load-balancer-internal-subnet: "subnetName"
spec:
  type: LoadBalancer
  loadBalancerIP: 10.10.10.10
  ports:
  - port: 8080
    targetPort: 8080
  selector:
    app: nameOfApplication
Labels:

Comments

Post a Comment

Popular posts from this blog

How to skip resources, compiler, surfire, install plugin in maven's default build process

When we want to use maven command line to upload zip type artifact to artifact repository then we don't want resources, compiler, surefire, install phases in maven process, only assembly would be enough. To skip particular phases go to each plugin's original website phase according to latest running plugin version download the same to our own project refer the skip phase configuration of particular phase, either it can be done command line or as part of the build-plugin-configuration. Example using POM.xml file <project> [...] <build> <plugins> <plugin> <groupId...
Post a Comment
Read more

Install AWS CLI on Ubuntu localhost using Ansible Playbook

Install AWS CLI on Ubuntu localhost using Ansible Playbook --- - hosts: localhost tasks: - name: Installing Unzip package package: name: unzip state: present when: ansible_facts['os_family'] == "Debian" become: true - name: Create awscli directory in home directory file: path: ~/awscli state: directory mode: '0755' - name: Download bundled installer zip file get_url: url: https://s3.amazonaws.com/aws-cli/awscli-bundle.zip dest: ~/awscli/awscli-bundle.zip - name: Extract zip file unarchive: src: ~/awscli/awscli-bundle.zip dest: ~/awscli - name: Run install command shell: /home/ubuntu/awscli/awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws become: true Same script is also avail...
Post a Comment
Read more

How to give permission to particular user to particular dir. or file in Linux

Permission error: ubuntu@ip-192-168-62-113:~/bbb/testing$ ls -ltrh total 4.0K -rwx------ 1 ubuntu ubuntu 70 Mar 18 09:43 test.sh ubuntu@ip-192-168-62-113:~/bbb/testing$ sudo su - abc abc@ip-192-168-62-113:~$ cat /home/ubuntu/jaydeep/testing/test.sh cat: /home/ubuntu/bbb/testing/test.sh: Permission denied Command - how to give permission to particular user to particular dir. or file ubuntu@ip-192-168-62-113:~/bbb/testing$ sudo setfacl -m u:abc:r test.sh ubuntu@ip-192-168-62-113:~/bbb/testing$ sudo su - abc abc@ip-192-168-62-113:~$ cat /home/ubuntu/bbb/testing/test.sh #!/bin/bash read -p "What is your name? " name echo "Welcome $name!" For the Directory setfacl -m u:userID:rwx /dir/subdir/ setfacl -m u:userID:rwx /d...
Post a Comment
Read more