I have been trying to expose MySQL InnoDB Cluster setup on OCI OKE to Internet. This cluster was installed using MySQL Operator and the pods are listening on to port 6446 and 6447. I have ClusterIP to connect to pods by exec'ing into the pod. However, I have failed to find any best way to expose this cluster to internet using OCI Loadbalancer. As I am pretty new to OCI, trying to get some understanding on how to get this to work.
Cluster was installed using this repo
you can install the ingress controller and expose it with a TCP port opening with the controller or you can change the service type to LB instead clusterIP which will expose the service directly however you might have to take care about the type of LB coz MySQL will be using TCP maybe so HTTP LB may not work.
Doc for ref : https://kubernetes.github.io/ingress-nginx/user-guide/exposing-tcp-udp-services/
With doc, you will get the idea to expose the TCP or UDP service with Nginx ingress controller which is more or like port opening and exposing service.
Using a generation tool like Pulumi, you can generate a load balancer meeting your criteria (at least for testing, as a starting point).
Here is one written in Go:
package main
import (
"fmt"
"github.com/pulumi/pulumi-oci/sdk/v4/go/oci/core"
"github.com/pulumi/pulumi-oci/sdk/v4/go/oci/loadbalancer"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Get the current compartment ID from the OCI configuration
compartmentID := ctx.GetConfig("oci").Require("compartment")
// Replace with your OKE cluster's corresponding VCN (Virtual Cloud Network) ID and subnet ID
vcnID := "your-vcn-id"
subnetID := "your-subnet-id"
// Create Load Balancer
lb, err := loadbalancer.NewLoadBalancer(ctx, "mylb", &loadbalancer.LoadBalancerArgs{
DisplayName: pulumi.String("MySQL-InnoDB-Cluster-LB"),
ShapeName: pulumi.String("100Mbps"),
CompartmentId: pulumi.String(compartmentID),
IsPrivate: pulumi.Bool(false),
LoadBalancerSubnets: pulumi.StringArray{
pulumi.String(subnetID),
// Add additional subnet ID(s) if required
},
})
if err != nil {
return err
}
// Create backend sets for ports 6446 and 6447
backendPortMappings := []struct {
name string
port int
}{
{name: "mysql1", port: 6446},
{name: "mysql2", port: 6447},
}
for _, portMapping := range backendPortMappings {
backendSetName := fmt.Sprintf("backend-set-%s", portMapping.name)
_, err = loadbalancer.NewBackendSet(ctx, backendSetName, &loadbalancer.BackendSetArgs{
LoadBalancerId: lb.ID(),
Name: pulumi.String(backendSetName),
Policy: pulumi.String("LEAST_CONNECTIONS"),
HealthChecker: &loadbalancer.BackendSetHealthCheckerArgs{
Protocol: pulumi.String("TCP"),
Port: pulumi.Int(portMapping.port),
},
})
if err != nil {
return err
}
listenerName := fmt.Sprintf("listener-%s", portMapping.name)
_, err = loadbalancer.NewListener(ctx, listenerName, &loadbalancer.ListenerArgs{
LoadBalancerId: lb.ID(),
Name: pulumi.String(listenerName),
DefaultBackendSetName: pulumi.String(backendSetName),
Port: pulumi.Int(portMapping.port),
Protocol: pulumi.String("TCP"),
})
if err != nil {
return err
}
}
// Export the Load Balancer IP address
publicIpAddress := lb.IpAddresses.Index(0).IpAddress
ctx.Export("lbPublicIP", publicIpAddress)
return nil
})
}
It creates an OCI Load Balancer, a backend set for each port (6446 and 6447), and corresponding listeners.
(Replace the vcnID and subnetID with the appropriate values for your OKE cluster).
To run this Pulumi Go program:
pulumi new go.main.go with the provided code.pulumi up to deploy the resources.This is not the only approach, and you can use YAML config files instead:
---
description: Pulumi YAML to create OCI Load Balancer for MySQL InnoDB Cluster
imports:
- pulumi
- pulumi_oci as oci
config:
oci:compartment: {}
vcnID: {}
subnetID: {}
resources:
- name: mylb
type: oci:loadbalancer/loadBalancer:LoadBalancer
args:
displayName: MySQL-InnoDB-Cluster-LB
shapeName: 100Mbps
compartmentId: !config:oci:compartment
isPrivate: false
loadBalancerSubnets:
- !config:subnetID
- name: backend-set-mysql1
type: oci:loadbalancer/backendSet:BackendSet
args:
loadBalancerId: !ref:mylb
name: backend-set-mysql1
policy: LEAST_CONNECTIONS
healthChecker:
protocol: TCP
port: 6446
- name: listener-mysql1
type: oci:loadbalancer/listener:Listener
args:
loadBalancerId: !ref:mylb
name: listener-mysql1
defaultBackendSetName: !ref:backend-set-mysql1
port: 6446
protocol: TCP
- name: backend-set-mysql2
type: oci:loadbalancer/backendSet:BackendSet
args:
loadBalancerId: !ref:mylb
name: backend-set-mysql2
policy: LEAST_CONNECTIONS
healthChecker:
protocol: TCP
port: 6447
- name: listener-mysql2
type: oci:loadbalancer/listener:Listener
args:
loadBalancerId: !ref:mylb
name: listener-mysql2
defaultBackendSetName: !ref:backend-set-mysql2
port: 6447
protocol: TCP
outputs:
lbPublicIP:
value: !index:.resources[!ref:mylb].outputs.ipAddresses 0
In that case:
Set up the OCI configuration (API keys and region) for Pulumi.
Create a new Pulumi project with pulumi new pulumi-yaml.
Replace the content of Pulumi.yaml with the provided YAML code.
Set required configuration using pulumi config set:
pulumi config set oci:compartment <compartment-id>
pulumi config set vcnID <your-vcn-id>
pulumi config set subnetID <your-subnet-id>
Run pulumi up to deploy the resources.
After the deployment, the program will output the public IP address of the Load Balancer, which you can use to access your MySQL InnoDB Cluster on the internet.
Both implementations would follow what Oracle describes in its article "Comparing OCI Load Balancers: Quickly and Easily":
It refers to the Oracle Cloud Infrastructure (OCI) documentation "https://docs.oracle.com/en-us/iaas/Content/Balance/Concepts/balanceoverview.htm"
The Oracle Cloud Load Balancer service provides a Layer 7 load balancer that routes network traffic in a more complex manner, applicable to TCP-based traffic like HTTP.
- First, the load balancer terminates the network traffic and reads the message within.
- Then, it makes a decision based on the content of the message or header.
In addition, it offers an elastically scalable regional VIP address that can scale up or down using a flexible shape up to 8000 Mbps.
Layer 7 load balancing operates at the high‑level application layer of the OSI Model, which deals with the actual content of each message.
HTTP is the predominant Layer 7 protocol for website traffic on the Internet.
A Layer 7 load balancer terminates the network traffic and reads the message within. It can make a load‑balancing decision based on the content of the message (the URL or cookie, for example). It then creates a new TCP connection to the selected backend server or reuses an existing one, by means of keepalives and processes the request.
