Installing Application Load Balancer Gateway API for Managed Service for Kubernetes
Gateway API Application Load Balancer for Yandex Managed Service for Kubernetes is provided as a Cloud Marketplace product or a chart of the Helm package manager for Kubernetes.
Before you begin
-
Create a Managed Service for Kubernetes cluster with the Public address setting :
Auto
. -
Create a node group in any suitable configuration.
-
Create and configure a service account for working with the Gateway API:
-
If you don't have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the
--folder-name
or--folder-id
parameter. -
Create a service account, which is required for Gateway API:
-
alb.editor
: To create the required resources.vpc.publicAdmin
: To manage external connectivity.certificate-manager.certificates.admin
: To manage certificates registered in Yandex Certificate Manager.compute.viewer
: To use Managed Service for Kubernetes cluster nodes in balancer target groups.
-
Create an authorized key for the service account and save it to a file named
sa-key.json
:yc iam key create \ --service-account-name <name_of_ service_account_for__Gateway_API> \ --output sa-key.json
-
Installation using Yandex Cloud Marketplace
- Go to the folder page and select Managed Service for Kubernetes.
- Click the name of the desired cluster and select the Marketplace tab.
- Under Applications available for installation, select Gateway API and click Use.
- Configure the application:
- Namespace: Select a namespace or create a new one.
- Application name: Enter an application name.
- Folder ID: Select the folder to create load balancers in.
- Network ID: Select the network to host the load balancers.
- Subnet ID: Select the subnet to host the load balancers. Currently, load balancers created through the Gateway API can only be placed in the same subnet.
- Secret Key: Paste the contents of the
sa-key.json
file.
- Click Install.
Installation using a Helm chart
-
Install the Kubernetes package manager Helm 3.
-
Install kubectl and configure it to work with the created cluster.
-
Install the
jq
utility for JSON filtering:sudo apt update && sudo apt install jq
-
Create a namespace:
kubectl create namespace yc-alb-ingress
-
To install a Helm chart with the Ingress controller, run the commands:
export HELM_EXPERIMENTAL_OCI=1 && \ cat sa-key.json | helm registry login cr.yandex --username 'json_key' --password-stdin && \ helm pull oci://cr.yandex/yc-marketplace/yandex-cloud/gateway-api/gateway-api-helm/gateway-api \ --version 0.4.16 \ --untar && \ helm install \ --namespace <namespace> \ --set folderId=<folder_ID> \ --set networkId=<network_ID> \ --set subnetId=<subnet_ID> \ --set-file saKeySecretKey=sa-key.json \ yc-alb-gateway-api ./yc-alb-gateway-api-chart/