Balancing

Currently, Balancing is in the development and testing phase and is not suitable for production environments.

Introduction to Balancing

Balancing is a layer 4 load balancing component implemented with eBPF on the Kubernetes platform. It references the functionalities of projects like cilium, calico, and KPNG. Balancing supports running in a containerized manner within a Kubernetes cluster and also supports running in binary form on bare metal, providing CNI-independent load balancing access capabilities for applications inside and outside the Kubernetes cluster.

Current Features

CNI-independent cluster service resolution
- Implements service resolution initiated by Pods and Nodes on cluster nodes based on cGroup eBPF, achieving kube-proxy replacement.
- Implements client-side load balancing resolution on external bare metal and virtual machines to support access to services within the Kubernetes cluster.
- Future versions will support north-south nodePort resolution on node network cards based on TC eBPF.
- For more information, please refer to service resolution
Local redirection layer 4 load balancing resolution:
- Provides service redirection resolution initiated by Pods and Nodes based on cGroup eBPF to services on the same node, typical scenarios include local coreDns.
- For more information, please refer to LocalRedirect Policy
Global and external service layer 4 load balancing resolution:
- Supports more flexible policy definitions, providing global load balancing strategies for applications inside and outside the cluster.
- Application scenarios include client-side load balancing resolution for external hosts and load balancing within Kubernetes clusters.
- For more information, please refer to Balancing Policy
Event logging for resolution metrics:
- Records load balancing resolution events and associates related container information to form complete load balancing resolution metrics.

Typical Use Cases

Replacing kube-proxy service resolution in CNI-independent clusters:
- Suitable for underlay CNI that cannot implement service, such as Macvlan, SR-IOV CNI, etc.
- Suitable for CNIs that do not implement eBPF functionality, such as Antrea, Kube-ovn, Flannel, and public cloud clusters.
Service access redirection to local proxies:
- Implements high-availability redirection, directing coreDns services to Node-local DNS.
- Implements node api-server proxy for clusterpedia.
Implementing eBPF layer 4 load balancing on the client side of external applications to access services in Kubernetes clusters:
- Applications in bare metal, virtual machines.
- Applications in kubevirt virtual machines.
- Edge nodes in kubeedge accessing cloud services (in progress).
Layer 4 load balancing access between multiple clusters:
- Cross-cluster service access (in progress).
Providing high-availability load balancing access entry for external bare metal services:
- Provides cluster internal load balancing access addresses for external applications through custom load balancing strategies and implements health checks (in progress).

Architecture

arch

The Balancing component consists of an agent and a controller: - controller deployment: Performs webhook validation and modification of various CRD objects. - agent daemonset: Loads eBPF programs and distributes forwarding rules.

eBPF

Quick Start

Refer to Installation for quick deployment.
Refer to Service Resolution for usage experience.
Refer to LocalRedirect Policy for usage experience.
Refer to Balancing Policy for usage experience.

Roadmap

License

Balancing follows the Apache License, Version 2.0. For details, see LICENSE.