Help Center/ Cloud Container Engine/ User Guide/ Networking/ Services/ LoadBalancer/ Configuring IP Addresses as Backend Servers for a LoadBalancer Service
Updated on 2025-08-19 GMT+08:00
View PDF
Share

Configuring IP Addresses as Backend Servers for a LoadBalancer Service

By default, when you create a LoadBalancer Service or ingress in a CCE cluster, CCE automatically associates backend servers with the listeners of the associated load balancer. The details are as follows:
  • For a shared load balancer, backend servers are ECSs. In CCE standard and CCE Turbo clusters, nodes are also ECSs.
  • For a dedicated load balancer, backend servers can be ECSs, supplementary network interfaces, or IP addresses. For CCE standard clusters, only ECSs can be added. For CCE Turbo clusters, only supplementary network interfaces (pod IP addresses) can be added.

    In clusters of v1.25.16-r30, v1.27.16-r30, v1.28.15-r20, v1.29.13-r0, v1.30.10-r0, v1.31.6-r0, and v1.32.1-r0, backend servers can be associated with a dedicated load balancer using their IP addresses. Node IP addresses or pod IP addresses can be used as backend servers.

As shown in Figure 1, if a backend server is associated with multiple load balancers, the backend server receives requests from the same source IP address and port number when a client accesses the backend server through these load balancers. As a result, the access may fail or time out. For details, see Why Does a Server Occasionally Time Out When a Client Access It Through Different Load Balancers or Different Listeners of a Load Balancer? If the backend server is configured as an IP address, the access will succeed.
Figure 1 Application scenario

Prerequisites

  • A Kubernetes cluster is available, and the cluster version meets the following requirements:
    • v1.25: v1.25.16-r30 or later
    • v1.27: v1.27.16-r30 or later
    • v1.28: v1.28.15-r20 or later
    • v1.29: v1.29.13-r0 or later
    • v1.30: v1.30.10-r0 or later
    • v1.31: v1.31.6-r0 or later
    • v1.32: v1.32.1-r0 or later
    • Other clusters of later versions
  • To create a cluster using commands, ensure kubectl is used. For details, see Accessing a Cluster Using kubectl.

Using kubectl

  1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
  2. Create a YAML file named service-test.yaml. You can change the file name as needed. 

    vi service-test.yaml
    The following is an example YAML file of a Service associated with an existing load balancer: 
    apiVersion: v1
kind: Service
metadata:
  name: service-test
  labels:
    app: test
    version: v1
  namespace: default
  annotations:
    kubernetes.io/elb.class: performance  # A dedicated load balancer is required.
    kubernetes.io/elb.id: <your_elb_id>  # Replace it with the ID of an existing load balancer.
    kubernetes.io/elb.ip-target-enabled: 'true'  #Configure IP addresses as backend servers.
spec:
  selector:
    app: test
    version: v1
  externalTrafficPolicy: Cluster
  ports:
    - name: cce-service-0
      targetPort: 80          # Replace it with your container port.
      nodePort: 0
      port: 80   
      protocol: TCP  
  type: LoadBalancer
  loadBalancerIP: <your_elb_ip>  # Replace it with the private IP address of the existing load balancer.
    Table 1 Parameters for configuring IP addresses as backend servers

    Parameter

    Type

    Description

    kubernetes.io/elb.ip-target-enabled

    String
    Enable IP addresses as backend servers for a load balancer. After this function is enabled, the backend IP addresses added to the associated Service or ingress are all IP addresses in VPC subnets. For a CCE Turbo cluster, the backend is <pod-IP-address>:<target-port>. For a CCE standard cluster, the backend is <node-IP-address>:<NodePort>.
    • true: Enable IP addresses as backend servers.
    • Other values are not supported.
    CAUTION:
    • Only dedicated load balancers support this function.
    • This function can only be enabled during Service or ingress creation. The annotation cannot be added to or removed from an existing Service or ingress. To use this function, you must create a Service or an ingress.
    • If the load balancer associated with a Service or ingress does not have IP as a backend enabled, CCE will automatically enable it after the annotation is added. Once enabled, IP as a backend cannot be disabled.
    • Ensure that the backend subnets of the load balancer associated with the Service or ingress have sufficient IP addresses, or this function cannot be used. If the IP addresses are not enough, you can add more backend subnets on the Summary page of the load balancer.
    • For more details, see Using IP as a Backend to Route Traffic Across Backend Servers.

  3. Create the Service. 

    kubectl create -f service-test.yaml

    If information similar to the following is displayed, the Service has been created:

    service/service-test created

Verifying that IP Addresses Are Configured as Backend Servers

  1. Log in to the ELB console.
  2. Locate the load balancer associated with the Service and click the load balancer name.
  3. On the Summary tab, verify that IP as a Backend has been enabled for the load balancer.

  4. On the Listeners tab, verify that IP addresses are added as backend servers.

Parent Topic: LoadBalancer