tencent cloud

Enabling CLB Direct Connection
Download PDF
Last updated:2024-08-12 17:48:23
Enabling CLB Direct Connection
Last updated: 2024-08-12 17:48:23
Download PDF

Overview

Traffic from CLB to Nginx Ingress can be directly connected, bypassing NodePort communication. This method offers better performance and allows obtaining the real source IP address.
If you are using a TKE Serverless cluster, or you can ensure that all Nginx Ingress Pods are scheduled on the super node, then this link is already directly connected and requires no additional action.
In other cases, the link will default to NodePort communication. If you wish to enable direct connection, you can refer to the following steps (choose steps applicable to your cluster environment).
Note:

Enable direct connection in GlobalRouter+VPC-CNI Network Mode

If the cluster network mode is GlobalRouter and VPC-CNI is enabled:




It is recommended to declare the use of VPC-CNI network for Nginx Ingress and enable CLB direct connection, values.yaml configuration method:
controller:
  podAnnotations:
    tke.cloud.tencent.com/networks: tke-route-eni # Declare the use of VPC-CNI network
  resources: # Declare the use of ENI in resources
    requests:
      tke.cloud.tencent.com/eni-ip: "1"
    limits:
      tke.cloud.tencent.com/eni-ip: "1"
  service:
    annotations:
      service.cloud.tencent.com/direct-access: "true" # Enable CLB Direct Access

Enable direct connection in GlobalRouter network mode

If the cluster network is GlobalRouter but VPC-CNI is not enabled, it is recommended to enable VPC-CNI for the cluster. For details, see GlobalRouter + VPC-CNI Network Mode Enable Direct Connection to enable CLB direct connection.
If you do not wish to enable VPC-CNI, you can enable direct connection according to the steps below but must accept the use limit.
Note:
Please confirm that your account meets the above conditions and accepts the use limit.
1. Modify the configmap to enable direct connection capability in GlobalRouter cluster dimensions:
kubectl edit configmap tke-service-controller-config -n kube-system
Set GlobalRouteDirectAccess to true:



2. Configure values.yaml to enable CLB direct connection:
controller:
  service:
    annotations:
      service.cloud.tencent.com/direct-access: "true" # Enable CLB Direct Access

Enable direct connection in VPC-CNI Network Mode

If the cluster network is already VPC-CNI, directly configure values.yaml to enable CLB direct connection:
controller:
  service:
    annotations:
      service.cloud.tencent.com/direct-access: "true" # Enable CLB Direct Access


Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback