Skip to content

Matt Adam

Tech Blog

Menu
  • Home
  • Home Lab
    • Home Lab
    • Home Lab with NSX-T
  • Kubernetes
    • Openshift
    • K3s
    • Tanzu
      • Tanzu – TKGs (WCP)
      • Tanzu – TKG (TKGm)
    • Avi Kubernetes Operator (AKO)
  • About
  • Privacy Policy
Menu

Tanzu Kubernetes Grid – Create an L4 Type LoadBalancer with Avi

Posted on September 7, 2022September 14, 2022 by Matt Adam

At this point in the guides, we’ve deployed TKGm. Also we’ve deployed a management cluster, and a single guest cluster. Now it’s time to create some applications and test it out!

Table of Contents

  • K8s housekeeping
    • Create a K8s secret for Docker login
  • Deploy the Hackazon Application
    • Create the l4-lb.yaml file
    • Apply the l4-lb.yaml file
    • Validate the Hackazon Application

K8s housekeeping

Create a K8s secret for Docker login

If you are running this cluster in your own personal lab, you might be ok. But in my experience ever since docker started rate limiting the pull requests, I eventually hit a rate limiting pull error and my pods start failing to deploy. You can avert this problem by simply signing up for a free docker registry account, and creating a secret in your k8s cluster. Use the following command to create the k8s secret:

kubectl create secret docker-registry regcred --docker-server=https://index.docker.io/v1/ --docker-username=USERNAME--docker-password='SUPERSECRET123!' --docker-email=EMAIL@COMPANY.com

Deploy the Hackazon Application

Create the l4-lb.yaml file

You’re welcome to create any deployment/pod that you would like and create a service to use. Or you can use the example below to deploy the hackazon application. As you can see we are referencing “imagePullSecrets” to utilize the docker secret we had created in the above step. This will deploy a simple hackazon application and expose the pod on port 80. The actual port exposed on the k8s node via the service will be in the range of 30000 – 32767.

---

apiVersion: apps/v1
kind: Deployment
metadata:
  name: hackazon
spec:
  selector:
    matchLabels:
      app: hackazon
  replicas: 1
  template:
    metadata:
      labels:
        app: hackazon
    spec:
      containers:
      - name: hackazon
        image: ianwijaya/hackazon
        ports:
        - containerPort: 80
        - containerPort: 443
      imagePullSecrets:
      - name: regcred

---

apiVersion: v1
kind: Service
metadata:
  name: hackazon
spec:
  type: LoadBalancer
  ports:
  - name: http
    port: 80
    targetPort: 80
    protocol: TCP
  selector:
    app: hackazon

Apply the l4-lb.yaml file

Save the above to a file called l4-lb.yaml and run the following command to apply it:

kubectl apply -f l4-lb.yaml

Validate the Hackazon Application

My hackazon pod is now up and running.

Run the following command to see the port that is exposed via the LoadBalancer service.

kubectl get svc -o wide
As you can see the port is 30816, which is the same port we would expect to see in the Avi load balancer.
Validate the configuration in Avi. You can see the 2 pool members (the pool members are the node IPs to your guest cluster) are listening on port 30816

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Setting up the Kubernetes Dashboard
  • Running a DNS server in K3s
  • Raspberry Pi Kubernetes Cluster
  • Pod Routing: NodePort, ClusterIP, NodePortLocal
  • Configure Bootstrap VM for OpenShift and Install OpenShift with vSphere

About

My name is Matt Adam and I’m a Product Line Manager at VMware.

I support the NSX Advanced Load Balancer (Avi Networks) with a focus on containers and Kubernetes. I have a background in load balancing, automation, development, and public cloud.

© 2023 Matt Adam | Powered by Minimalist Blog WordPress Theme