Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Contrail] Understanding 'native' loadbalancer for implementing Kubernetes service

0

0

Article ID: KB35142 KB Last Updated: 10 Oct 2019Version: 1.0
Summary:

According to the technical document on Contrail Integration with Kubernetes, a Kubernetes service is implemented as 'ECMP-based native Loadbalancer' in Contrail.

This article will show what the loadbalancer looks like and explain why it is called an 'native' loadbalancer.

Solution:

In Contrail setup you can pull the object data either from Contrail UI, CLI (curl), or a third party UI tools based on restapi. In production, depending on which one is available and handy, you can select your favorite. With a curl tool, you just need an FQDN of the URL pointing to the object.

Example:

To find the loadbalancer object URL for the service 'service-web-clusterip' from loadbalancers list:

 $ curl http://<CONTRAIL UI IP>:8082/loadbalancers | \
    python -mjson.tool | grep -C4 `service-web-clusterip`
        {
            "fq_name": [
                "default-domain",
                "k8s-ns-user-1",
                "service-web-clusterip__99fe8ce7-9e75-11e9-b485-0050569e6cfc"
            ],
            "href": "http://10.85.188.19:8082/loadbalancer/99fe8ce7-9e75-11e9-b485-0050569e6cfc",
            "uuid": "99fe8ce7-9e75-11e9-b485-0050569e6cfc"
        },

With one specific loadbalancer URL, you can pull the specific LB object details:

$ curl \
    http://<CONTRAIL UI IP>:8082/loadbalancer/99fe8ce7-9e75-11e9-b485-0050569e6cfc \
    | python -mjson.tool
{
    "loadbalancer": {
        "annotations": {
            "key_value_pair": [
                {
                    "key": "namespace",
                    "value": "ns-user-1"
                },
                {
                    "key": "cluster",
                    "value": "k8s"
                },
                {
                    "key": "kind",
                        "value": "Service"
                    },
                    {
                    "key": "project",
                    "value": "k8s-ns-user-1"
                },
                {
                    "key": "name",
                    "value": "service-web-clusterip"
                },
                {
                    "key": "owner",
                    "value": "k8s"
                }
            ]
        },
        "display_name": "ns-user-1__service-web-clusterip",
        "fq_name": [
            "default-domain",
            "k8s-ns-user-1",
            "service-web-clusterip__99fe8ce7-9e75-11e9-b485-0050569e6cfc"
        ],
        "href": "http://10.85.188.19:8082/loadbalancer/99fe8ce7-9e75-11e9-b485-0050569e6cfc",
        "id_perms": {
            ...<snipped>...
        },
        "loadbalancer_listener_back_refs": [    #<---
            {
                "attr": null,
                "href": "http://10.85.188.19:8082/loadbalancer-listener/3702fa49-f1ca-4bbb-87d4-22e1a0dc7e67",
                "to": [
                    "default-domain",
                    "k8s-ns-user-1",
                    "service-web-clusterip__99fe8ce7-9e75-11e9-b485-0050569e6cfc-TCP-8888-3702fa49-f1ca-4bbb-87d4-22e1a0dc7e67"
                ],
                "uuid": "3702fa49-f1ca-4bbb-87d4-22e1a0dc7e67"
            }
        ],
        "loadbalancer_properties": {
            "admin_state": true,
            "operating_status": "ONLINE",
            "provisioning_status": "ACTIVE",
            "status": null,
            "vip_address": "10.105.139.153",    #<---
            "vip_subnet_id": null
        },
        "loadbalancer_provider": "native",      #<---
        "name": "service-web-clusterip__99fe8ce7-9e75-11e9-b485-0050569e6cfc",
        "parent_href": "http://10.85.188.19:8082/project/86bf8810-ad4d-45d1-aa6b-15c74d5f7809",
        "parent_type": "project",
        "parent_uuid": "86bf8810-ad4d-45d1-aa6b-15c74d5f7809",
        "perms2": {
            ...<snipped>...
        },
        "service_appliance_set_refs": [
            ...<snipped>...
        ],
        "uuid": "99fe8ce7-9e75-11e9-b485-0050569e6cfc",
        "virtual_machine_interface_refs": [
            {
                "attr": null,
                "href": "http://10.85.188.19:8082/virtual-machine-interface/8d64176c-9fc7-491a-a44d-430e187d6b52",
                "to": [
                    "default-domain",
                    "k8s-ns-user-1",
                    "k8s__Service__service-web-clusterip__99fe8ce7-9e75-11e9-b485-0050569e6cfc"
                ],
                "uuid": "8d64176c-9fc7-491a-a44d-430e187d6b52"
            }
        ]
    }
}


The output is very extensive and includes a lot of details that is beyond the scope of this KB. However, it does tell the following:

  • In 'loadbalancer_properties', the LB use service IP as its VIP
  • The LB is connected to a listener by a reference
  • The 'loadbalancer_provider' attribute is 'native'. This is a new extension to implement layer 4 (transport layer)  ECMP for kubernetes service.


That explains why the Juniper technical document says Contrail use 'ECMP-based native Loadbalancer' to implement Kubernetes service.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search