KubeLB is a Kubernetes native tool, responsible for centrally managing load balancers for Kubernetes clusters across multi-cloud and on-premise environments.
KubeLB comprises two main components:
The KubeLB CCM is deployed in the consumer clusters that require load balancer services. Its main responsibility is to propagate the load balancer configurations to the manager.
It watches for changes in Kubernetes services, and nodes, and then generates the load balancer configuration for the manager. It then sends the configuration to the manager in the form of the LoadBalancer CRD.
The KubeLB manager is responsible for deploying and configuring the actual load balancers. The manager registers the consumer clusters as tenants, and then it receives the load balancer configurations from the CCM(s) in the form of the LoadBalancer CRD. It then deploys the load balancer and configures it according to the configuration.
At its core, the KubeLB manager hosts the envoy xDS server and implements the envoy-control-plane APIs to configure the xDS services. Based on the envoy proxy deployment topology, it then installs the envoy proxy and configures it to use the xDS services to load balance the traffic.
KubeLB manager supports three different deployment topologies for envoy proxy:
In this topology, the envoy proxy is deployed per load balancer service.
In this topology, a single envoy proxy is deployed per tenant cluster. All the load balancer services in the tenant cluster are configured to use this envoy proxy. This is the default topology.
In this topology, a single envoy proxy is deployed per KubeLB manager. All the load balancer services in all the tenant clusters are configured to use this envoy proxy.
- Registered as a tenant in the KubeLB manager cluster.
- KubeLB manager cluster API access.
- Service type "LoadBalancer" implementation. This can be a cloud solution or a self-managed implementation like MetalLB.
- Network access to the consumer cluster nodes with node port range (default: 30000-32767). This is required for the envoy proxy to be able to connect to the consumer cluster nodes.