Yandex Cloud
  • Services
  • Solutions
  • Why Yandex Cloud
  • Blog
  • Pricing
  • Documentation
  • Contact us
Get started
Language / Region
Yandex project
© 2023 Yandex.Cloud LLC
Yandex Application Load Balancer
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Target groups
      • Create a target group
      • Edit a target group
      • Delete a target group
    • Backend groups
      • Create a backend group
      • Edit a backend group
      • Delete a backend group
    • HTTP routers
      • Create HTTP router for HTTP traffic
      • Create HTTP router for gRPC traffic
      • Edit an HTTP router
      • Delete an HTTP router
    • L7 load balancers
      • Create an L7 load balancer
      • Edit an L7 load balancer
      • View L7 load balancer statistics
      • View the L7 load balancer logs
      • Get the ID of the log group of the L7 load balancer
      • Stopping and restarting an L7 load balancer
      • Delete an L7 load balancer
    • Tools for Managed Service for Kubernetes
      • Install an Ingress controller
      • Install a Gateway API
      • Create or update resources based on configuration
  • Practical guidelines
    • All practical guidelines
    • Setting up a virtual hosting
    • Creating a load balancer with DDoS protection
    • Integrating an L7 load balancer with the CDN and Object Storage
    • Blue-green and canary deployment of service versions
    • Terminating TLS connections
    • Writing load balancer logs to PostgreSQL
    • Deploying and load testing a gRPC service with scaling
  • Concepts
    • Overview
    • Load balancers
    • HTTP routers
    • Backend groups
    • Target groups
    • Quotas and limits
  • Tools for Managed Service for Kubernetes
    • Ingress controller
      • Overview
      • How it works
    • Gateway API
    • Required settings
      • Security groups
      • Service accounts
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • BackendGroupService
      • HttpRouterService
      • LoadBalancerService
      • TargetGroupService
      • VirtualHostService
      • OperationService
    • REST
      • Overview
      • BackendGroup
        • Overview
        • addBackend
        • create
        • delete
        • get
        • list
        • listOperations
        • removeBackend
        • update
        • updateBackend
      • HttpRouter
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • update
      • LoadBalancer
        • Overview
        • addListener
        • addSniMatch
        • create
        • delete
        • get
        • getTargetStates
        • list
        • listOperations
        • removeListener
        • removeSniMatch
        • start
        • stop
        • update
        • updateListener
        • updateSniMatch
      • TargetGroup
        • Overview
        • addTargets
        • create
        • delete
        • get
        • list
        • listOperations
        • removeTargets
        • update
      • VirtualHost
        • Overview
        • create
        • delete
        • get
        • list
        • removeRoute
        • update
        • updateRoute
  • Managed Service for Kubernetes tool references
    • Overview
    • Ingress controller
      • Ingress
      • HttpBackendGroup
    • Gateway API
      • Gateway
      • HTTPRoute
    • Service
  • Log reference
  1. Step-by-step instructions
  2. Tools for Managed Service for Kubernetes
  3. Install a Gateway API

Installing Application Load Balancer Gateway API for Managed Service for Kubernetes

Written by
Yandex Cloud
,
improved by
Dmitry A.
  • Before you begin
  • Installation using Yandex Cloud Marketplace
  • Installation using a Helm chart
  • See also

Gateway API Application Load Balancer for Yandex Managed Service for Kubernetes is provided as a Cloud Marketplace product or a chart of the Helm package manager for Kubernetes.

Before you begin

  1. Create a Managed Service for Kubernetes cluster with the Public address setting : Auto.

  2. Create a node group in any suitable configuration.

  3. Create and configure a service account for working with the Gateway API:

    1. If you don't have the Yandex Cloud command line interface yet, install and initialize it.

      The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

    2. Create a service account, which is required for Gateway API:

    3. Assign it the roles:

      • alb.editor: To create the required resources.
      • vpc.publicAdmin: To manage external connectivity.
      • certificate-manager.certificates.admin: To manage certificates registered in Yandex Certificate Manager.
      • compute.viewer: To use Managed Service for Kubernetes cluster nodes in balancer target groups.
    4. Create an authorized key for the service account and save it to a file named sa-key.json:

      yc iam key create \
        --service-account-name <name_of_ service_account_for__Gateway_API> \
        --output sa-key.json
      

Installation using Yandex Cloud Marketplace

  1. Go to the folder page and select Managed Service for Kubernetes.
  2. Click the name of the desired cluster and select the Marketplace tab.
  3. Under Applications available for installation, select Gateway API and click Use.
  4. Configure the application:
    • Namespace: Select a namespace or create a new one.
    • Application name: Enter an application name.
    • Folder ID: Select the folder to create load balancers in.
    • Network ID: Select the network to host the load balancers.
    • Subnet ID: Select the subnet to host the load balancers. Currently, load balancers created through the Gateway API can only be placed in the same subnet.
    • Secret Key: Paste the contents of the sa-key.json file.
  5. Click Install.

Installation using a Helm chart

  1. Install the Kubernetes package manager Helm 3.

  2. Install the kubectl and configure it to work with the created cluster.

  3. Install the jq utility for JSON filtering:

    sudo apt update && sudo apt install jq
    
  4. Create a namespace:

    kubectl create namespace yc-alb-ingress
    
  5. To install a Helm chart with the Ingress controller, run the commands:

    export HELM_EXPERIMENTAL_OCI=1 && \
    cat sa-key.json | helm registry login cr.yandex --username 'json_key' --password-stdin && \
    helm pull oci://cr.yandex/yc-marketplace/yandex-cloud/gateway-api/gateway-api-helm/gateway-api \
      --version 0.4.16 \
      --untar && \
    helm install \
      --namespace <namespace> \
      --set folderId=<folder_ID> \
      --set networkId=<network_ID> \
      --set subnetId=<subnet_ID> \
      --set-file saKeySecretKey=sa-key.json \
      yc-alb-gateway-api ./yc-alb-gateway-api-chart/
    

See also

  • Gateway API project description.
  • Reference of Application Load Balancer tools for Managed Service for Kubernetes.

Was the article helpful?

Language / Region
Yandex project
© 2023 Yandex.Cloud LLC
In this article:
  • Before you begin
  • Installation using Yandex Cloud Marketplace
  • Installation using a Helm chart
  • See also