Internal load balancers (ILB) expose services within the organization from an internal IP pool assigned to the organization. An ILB service is never accessible from any endpoint outside of the organization.
By default, you can access ILB services within the same project from any cluster in the organization. The default project network policy doesn't let you access any project resources from outside the project, and this restriction applies to ILB services as well. If the Platform Administrator (PA) configures project network policies that allow access to your project from other projects, then the ILB service is also accessible from those other projects in the same organization.
Before you begin
To configure ILBs, you must have the following:
- Own the project you are configuring the load balancer for. For more information, see Create a project.
The necessary identity and access roles:
- Ask your Organization IAM Admin to grant you the Load Balancer Admin (
load-balancer-admin) role.
- Ask your Organization IAM Admin to grant you the Load Balancer Admin (
Create an internal load balancer
Create ILBs using three different methods in GDC:
- Use the gdcloud CLI to create ILBs.
- Use the Networking Kubernetes Resource Model (KRM) API to create ILBs
You can target pod or VM workloads using the KRM API and gdcloud CLI. You can only target workloads in the cluster where the Service object is created when you use the Kubernetes Service directly from the Kubernetes cluster.