Application Load Balancer (ALB) Ingress Controller uses Yandex Application Load Balancer for load balancing and traffic distribution across Kubernetes applications.
In Yandex Managed Service for Kubernetes, ALB Ingress Controller runs Yandex Application Load Balancer and all required supporting resources whenever a Kubernetes user declares an Ingress resource in the cluster.
Warning
Updating ALB Ingress Controller from 0.1.x to 0.2.0 or higher implies certain restrictions. You can find out whether they apply to your infrastructure here. Make sure to check this out; otherwise, there might be a risk of conflicts.
-
Create a service account for the Ingress controller to run properly.
-
Assign the following roles to it:
alb.editor
: To create the required resources.vpc.publicAdmin
: To manage external connectivity.certificate-manager.certificates.downloader
: To work with certificates registered in Yandex Certificate Manager.compute.viewer
: To use Managed Service for Kubernetes cluster nodes in load balancer target groups.smart-web-security.editor
: (Optional) To connect your Yandex Smart Web Security security profile to a virtual host of the L7 load balancer.
-
Create a static key and save it to a file named
sa-key.json
:yc iam key create \ --service-account-name <name of service account for Ingress controller> \ --output sa-key.json
-
Configure the application:
-
Namespace: Select a namespace other than default or create a new one. If you select the
default
namespace, ALB Ingress Controller may not work correctly. -
Application name: Enter a name for the application.
-
Folder ID: Specify a folder ID.
-
Cluster ID: Specify a cluster ID.
-
Service account key: Paste the contents of the
sa-key.json
file. -
Enable default health checks: Select this option to install the DaemonSet resource in the node group network for application health checks.
The resource adds pods with traffic monitoring agents to each node. As a result, node and namespace isolation does not affect monitoring, which means you get accurate traffic monitoring info. DaemonSet adds or removes monitoring agents as the number of cluster nodes goes up or down, respectively.
You can omit this option if you do not need to run cluster health checks or if you are using your own checks. For more information on setting up health checks manually, see Health checking your applications in a Yandex Managed Service for Kubernetes cluster with the Yandex Application Load Balancer Ingress controller.
-
-
Click Install.
-
Wait for the application to change its status to
Deployed
.
- Routing traffic between applications.
- Managing external and internal access to clusters over HTTP (S).
Yandex Cloud technical support responds to requests 24/7. The types of requests available and their response time depend on your pricing plan. You can activate paid support in the management console. Learn more about requesting technical support.
Helm chart | Version | Pull-command | Documentation |
---|---|---|---|
yandex-cloud/yc-alb-ingress/yc-alb-ingress-controller-chart | v0.2.17 | Open |
Docker image | Version | Pull-command |
---|---|---|
yandex-cloud/yc-alb-ingress/yc-alb-ingress-controller1737049724528505924565813089453669412445966642665 | v0.2.16 | |
yandex-cloud/yc-alb-ingress/alpine/socat1737049724528505924565813089453669412445966642665 | 1.7.4.2-r0 | |
yandex-cloud/yc-alb-ingress/bitnami/kubectl1737049724528505924565813089453669412445966642665 | 1.27.2 |