This won't directly help answer your questions, since I don't know the answers. However, I found this talk about Kubernetes networking to be extremely helpful to understand the basics. Whenever I'm running into weirdness I end up reviewing it: https://www.youtube.com/watch?v=y2bhV81MfKQ
Hopefully it will help with the basics. For example, I *think* one of the reasons an "external" load balancer may not work correctly is that it may not see the actual state of services inside the cluster. E.g. it doesn't know what nodes are running the actual pods. According to what I seem to recall from this talk: one of the ways services can work is that external processes connect to any node in the cluster, and that node forwards it to a pod that is actually running the service. However, this may be completely inaccurate since I am far from an expert here, so I'm looking forward to seeing the real answers :) Evan On Sunday, May 14, 2017 at 1:28:45 PM UTC-4, Joe Auty wrote: > > Sorry for such a vague subject, but I think I need some help breaking > things down here. > > I think I understand how the Google layer 7 LBs work (this diagram helped > me: > https://storage.googleapis.com/static.ianlewis.org/prod/img/750/gcp-lb-objects2.png) > > , I understand NGinx and HAProxy LBs independently, and I believe I also > understand the concepts of NodePort, Ingress controllers, services, etc. > > What I don't understand is why when I research things like socket.io > architectures in Kubernetes (for example), or features like IP > whitelisting, session affinity, etc. I see people putting NGinx or HAProxy > into their clusters. It is hard for me to keep straight all of the > different levels of load balancing and their controls: > > > - Google backend services (i.e. Google LB) > - Kubernetes service LB > - HAProxy/NGinx > > > The rationale for HAProxy and NGinx seems to involve compensating for > missing features and/or bugs (kube-proxy, etc.) and it is hard to keep > straight what is a reality today and what the best path is? > > Google's LBs support session affinity, and there are session affinity > Kubernetes service settings, so for starters, when and why is NGinx or > HAProxy necessary, and are there outstanding issues with tracking source > IPs and setting/respecting proper headers? > > I'm happy to get into what sort of features I need if this will help steer > the discussion, but at this point I'm thinking maybe it is best to start at > a more basic level where you treat me like I'm 6 years old :) > > Thanks in advance! > -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
