Help Center/ Cloud Container Engine/ User Guide/ Networking/ Ingresses/ LoadBalancer Ingresses/ Advanced Setting Examples of LoadBalancer Ingresses/ Configuring IP Addresses as Backend Servers for a LoadBalancer Ingress
Updated on 2025-08-19 GMT+08:00
View PDF
Share

Configuring IP Addresses as Backend Servers for a LoadBalancer Ingress

By default, when you create a LoadBalancer Service or ingress in a CCE cluster, CCE automatically associates backend servers with the listeners of the associated load balancer. The details are as follows:
  • For a shared load balancer, backend servers are ECSs. In CCE standard and CCE Turbo clusters, nodes are also ECSs.
  • For a dedicated load balancer, backend servers can be ECSs, supplementary network interfaces, or IP addresses. For CCE standard clusters, only ECSs can be added. For CCE Turbo clusters, only supplementary network interfaces (pod IP addresses) can be added.

    In clusters of v1.25.16-r30, v1.27.16-r30, v1.28.15-r20, v1.29.13-r0, v1.30.10-r0, v1.31.6-r0, and v1.32.1-r0, backend servers can be associated with a dedicated load balancer using their IP addresses. Node IP addresses or pod IP addresses can be used as backend servers.

As shown in Figure 1, if a backend server is associated with multiple load balancers, the backend server receives requests from the same source IP address and port number when a client accesses the backend server through these load balancers. As a result, the access may fail or time out. For details, see Why Does a Server Occasionally Time Out When a Client Access It Through Different Load Balancers or Different Listeners of a Load Balancer? If the backend server is configured as an IP address, the access will succeed.
Figure 1 Application scenario

Prerequisites

  • A Kubernetes cluster is available, and the cluster version meets the following requirements:
    • v1.25: v1.25.16-r30 or later
    • v1.27: v1.27.16-r30 or later
    • v1.28: v1.28.15-r20 or later
    • v1.29: v1.29.13-r0 or later
    • v1.30: v1.30.10-r0 or later
    • v1.31: v1.31.6-r0 or later
    • v1.32: v1.32.1-r0 or later
    • Other clusters of later versions
  • To create a cluster using commands, ensure kubectl is used. For details, see Accessing a Cluster Using kubectl.

Using kubectl

  1. Use kubectl to access the cluster. For details, see Accessing a Cluster Using kubectl.
  2. Create a YAML file named ingress-test.yaml. You can change the file name as needed. 

    vi ingress-test.yaml
    The following is an example YAML file of an ingress associated with an existing load balancer: 
    apiVersion: networking.k8s.io/v1
kind: Ingress 
metadata: 
  name: ingress-test
  annotations: 
    kubernetes.io/elb.id: <your_elb_id>                 # Replace it with the ID of your existing load balancer.
    kubernetes.io/elb.class: performance                # Load balancer type. You need to specify a dedicated load balancer.
    kubernetes.io/elb.port: '80'
    kubernetes.io/elb.ip-target-enabled: 'true'       # Configure IP addresses as backend servers.
spec:
  rules: 
  - host: ''
    http: 
      paths: 
      - path: '/'
        backend: 
          service:
            name: <your_service_name>  # Replace it with the name of your target Service.
            port: 
              number: 8080             # Replace it with the port number of your target Service.
        property:
          ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
        pathType: ImplementationSpecific
  ingressClassName: cce

    Table 1 Parameters for configuring IP addresses as backend servers

    Parameter

    Type

    Description

    kubernetes.io/elb.ip-target-enabled

    String
    Enable IP addresses as backend servers for a load balancer. After this function is enabled, the backend IP addresses added to the associated Service or ingress are all IP addresses in VPC subnets. For a CCE Turbo cluster, the backend is <pod-IP-address>:<target-port>. For a CCE standard cluster, the backend is <node-IP-address>:<NodePort>.
    • true: Enable IP addresses as backend servers.
    • Other values are not supported.
    CAUTION:
    • Only dedicated load balancers support this function.
    • This function can only be enabled during Service or ingress creation. The annotation cannot be added to or removed from an existing Service or ingress. To use this function, you must create a Service or an ingress.
    • If the load balancer associated with a Service or ingress does not have IP as a backend enabled, CCE will automatically enable it after the annotation is added. Once enabled, IP as a backend cannot be disabled.
    • Ensure that the backend subnets of the load balancer associated with the Service or ingress have sufficient IP addresses, or this function cannot be used. If the IP addresses are not enough, you can add more backend subnets on the Summary page of the load balancer.
    • For more details, see Using IP as a Backend to Route Traffic Across Backend Servers.

  3. Create an ingress. 

    kubectl create -f ingress-test.yaml

    If information similar to the following is displayed, the ingress is created:

    ingress/ingress-test created

  4. Check the created ingress. 

    kubectl get ingress

    If information similar to the following is displayed, the ingress is successfully created:

    NAME          CLASS    HOSTS     ADDRESS          PORTS   AGE
ingress-test  cce      *         121.**.**.**     80      10s

Verifying that IP Addresses Are Configured as Backend Servers

  1. Log in to the ELB console.
  2. Locate the load balancer associated with the ingress and click the load balancer name.
  3. On the Summary tab, verify that IP as a Backend has been enabled for the load balancer.

  4. On the Listeners tab, verify that IP addresses are added as backend servers.

Parent Topic: Advanced Setting Examples of LoadBalancer Ingresses