Production grade load balancers

[fsundermeyer]

@cornelius reported in bsc 1079611:

Document how to setup a 'production grade' load-balancer and then updating the configuration with the routers for the CF cluster. Listing the links for quick look up for 'production grade' load-balancers (e.g F5 and all common ones)

This might be related to setting up load balancers via helm bsc 1073096

[cjschroder]

I'm getting conflicting information on this. It seems the original bug report is about connecting CAP to external load balancers such as F5, Cisco, Citrix, Radware...then there is the internal Kubernetes load balancer, which nobody should have to touch. Then there are software load balancers in Azure, VMWare, and SOC. NEEDINFO.

[cjschroder]

Resources: https://trello.com/c/joEXwGjf/540-p3-8-build-demo-instance-of-cap-on-azure-container-service https://bugzilla.suse.com/show_bug.cgi?id=1073096 https://trello.com/c/yrZpYjGn/351-p16-5-loadbalancer-setting-in-scf-helm-charts-does-not-work

[cjschroder]

document Azure first

[gaktive]

NA Trello work tied to making the AKS LB work: https://trello.com/c/sQGhnAwJ/670-make-the-azure-load-balancer-work

[troytop]

Load balancers are provided by Cloud Providers: https://kubernetes.io/docs/concepts/cluster-administration/cloud-providers/

After Azure, we should document configuring LBs on AWS and OpenStack. Hopefully the steps will be very similar.

[gaktive]

For AWS (EKS), we have LB information here, which Troy has used successfully: https://trello.com/c/4LG5boH6/763-5-figure-out-amazon-load-balancer#comment-5b7b11d61619602fd191b33c

One point that I'll highlight: on the AKS side, there are Ruby & bash scripts attached to that AKS-related Trello card to help get DNS setup quickly for Devs. We'll need to translate those scripts into instructions, so let me know if you need assistance on deciphering what's done. It's possible that we look at including a sample script in the docs but I'll defer to you on making that call.

[gaktive]

I moved the Trello comment into the internal wiki as is: https://github.com/SUSE/cloudfoundry/wiki/Load-balancers-in-AWS-EKS

I'm working on cleaning up any internal references and then figuring out where to put the scripts inline.

[troytop]

Need to also describe in general terms how to manually configure a (hardware) load balancer to forward connections to the external_ips defined in values.yaml (when no K8s-managed load balancer is available).

[cjschroder]

https://trello.com/c/rEQ2SmHi/796-load-balancer-improve-docs

[gaktive]

We've updated the public cloud wiki pages associated with setting up LBs.

• EKS: https://github.com/SUSE/cloudfoundry/wiki/Load-balancers-in-AWS-EKS
• AKS: https://github.com/SUSE/cloudfoundry/wiki/Load-balancers-in-Azure-AKS

[troytop]

This is also possible with Open Stack, but currently not working on ECP because of cert chain issues.

[gaktive]

As mentioned during this week's docs call, we should highlight the helm parameter for setting load balancers to true. This works on EKS, should work on AKS.

[satadruroy]

I can confirm the services:loadBalanced=true param works for AKS as well.

[cjschroder]

I am closing this & breaking it into several issues.