public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-04-29 01:33:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updating layer-4-and-layer-7-load-balancing.md, adding note v2.10/v2.11 as RKE still applicable

Browse Source 
Signed-off-by: Sunil Singh <sunil.singh@suse.com>
This commit is contained in:
Sunil Singh
2026-03-19 13:12:08 -07:00
parent 0a206c2a71
commit 27c40e5b37
12 changed files with 72 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files
versioned_docs/version-2.14/how-to-guides/new-user-guides/kubernetes-resources-setup/load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md
+5 -17
View File
@@ -11,13 +11,11 @@ Kubernetes supports load balancing in two ways: Layer-4 Load Balancing and Layer
## Layer-4 Load Balancer
Layer-4 load balancer (or the external load balancer) forwards traffic to Nodeports. Layer-4 load balancer allows you to forward both HTTP and TCP traffic.
Often, the Layer-4 load balancer is supported by the underlying cloud provider, so when you deploy RKE clusters on bare-metal servers and vSphere clusters, Layer-4 load balancer is not supported. However, a single [globally managed config-map](https://kubernetes.github.io/ingress-nginx/user-guide/exposing-tcp-udp-services/) can be used to expose services on NGINX or third-party ingress.
Layer-4 load balancer (or the external load balancer) forwards traffic to NodePorts. Layer-4 load balancer allows you to forward both HTTP and TCP traffic.
:::note
It is possible to deploy a cluster with a non-cloud load balancer, such as [MetalLB.](https://metallb.universe.tf/) However, that use case is more advanced than the Layer-4 load balancer supported by a cloud provider, and it is not configurable in Rancher or RKE.
It is possible to deploy a cluster with a non-cloud load balancer, such as [MetalLB.](https://metallb.universe.tf/) However, that use case is more advanced than the Layer-4 load balancer supported by a cloud provider, and it is not configurable in Rancher.
:::
@@ -30,17 +28,11 @@ Cluster Deployment | Layer-4 Load Balancer Support
Amazon EKS | Supported by AWS cloud provider
Google GKE | Supported by GCE cloud provider
Azure AKS | Supported by Azure cloud provider
RKE on EC2 | Supported by AWS cloud provider
RKE on DigitalOcean | Limited NGINX or third-party Ingress*
RKE on vSphere | Limited NGINX or third party-Ingress*
RKE on Custom Hosts<br/>(e.g. bare-metal servers) | Limited NGINX or third-party Ingress*
Third-party MetalLB | Limited NGINX or third-party Ingress*
\* Services can be exposed through a single [globally managed config-map.](https://kubernetes.github.io/ingress-nginx/user-guide/exposing-tcp-udp-services/)
Third-party MetalLB | third-party Ingress*
## Layer-7 Load Balancer
Layer-7 load balancer (or the ingress controller) supports host and path-based load balancing and SSL termination. Layer-7 load balancer only forwards HTTP and HTTPS traffic and therefore they listen on ports 80 and 443 only. Cloud providers such as Amazon and Google support layer-7 load balancer. In addition, RKE clusters deploys the Nginx Ingress Controller.
Layer-7 load balancer (or the ingress controller) supports host and path-based load balancing and SSL termination. Layer-7 load balancer only forwards HTTP and HTTPS traffic and therefore they listen on ports 80 and 443 only. Cloud providers such as Amazon and Google support layer-7 load balancer.
### Support for Layer-7 Load Balancing
@@ -51,16 +43,12 @@ Cluster Deployment | Layer-7 Load Balancer Support
Amazon EKS | Supported by AWS cloud provider
Google GKE | Supported by GKE cloud provider
Azure AKS | Not Supported
RKE on EC2 | Nginx Ingress Controller
RKE on DigitalOcean | Nginx Ingress Controller
RKE on vSphere | Nginx Ingress Controller
RKE on Custom Hosts<br/>(e.g. bare-metal servers) | Nginx Ingress Controller
### Host Names in Layer-7 Load Balancer
Some cloud-managed layer-7 load balancers (such as the ALB ingress controller on AWS) expose DNS addresses for ingress rules. You need to map (via CNAME) your domain name to the DNS address generated by the layer-7 load balancer.
Other layer-7 load balancers, such as the Google Load Balancer or Nginx Ingress Controller, directly expose one or more IP addresses. Google Load Balancer provides a single routable IP address. Nginx Ingress Controller exposes the external IP of all nodes that run the Nginx Ingress Controller. You can do either of the following:
Other layer-7 load balancers, such as the Google Load Balancer, directly expose one or more IP addresses. Google Load Balancer provides a single routable IP address. You can do either of the following:
1. Configure your own DNS to map (via A records) your domain name to the IP addresses exposes by the Layer-7 load balancer.
2. Ask Rancher to generate an xip.io host name for your ingress rule. Rancher will take one of your exposed IPs, say `a.b.c.d`, and generate a host name `<ingressname>.<namespace>.a.b.c.d.xip.io`.