Setting up load balancers and DNS
You must set up load balancers and DNS for the Acceptor and Gateway components so that these components can be exposed to the public Internet and allow you to access the Instana UI. Depending on your setup, steps can be different for an Instana backend on Kubernetes and an Instana backend on Red Hat OpenShift.
For Kubernetes, you must either define Ingresses or create Services of type LoadBalancer
. For Red Hat OpenShift, you must either define Routes or create Services of type LoadBalancer
.
Domain configuration
For both Instana backend on Kubernetes and Instana backend on Red Hat OpenShift, you must set up A records in
your DNS for the base_domain
, for the Acceptor subdomain domain (usually ingress
), for the OTLP Acceptor subdomains (otlp-http
and otlp-grpc
), and for all tenant unit subdomains:
<base_domain>
ingress.<base_domain>
otlp-http.<base_domain>
otlp-grpc.<base_domain>
<unit-name>-<tenant-name>.<base_domain>
Then, configure the domains in the CoreSpec as follows:
spec:
agentAcceptorConfig:
host: ingress.<base_domain>
port: 443
baseDomain: <base_domain>
Instana backend on Kubernetes
To set up load balancers for your Instana backend on Kubernetes, use Services of type LoadBalancer
as follows:
Acceptor
-
Create a YAML file such as
service.yaml
as follows:-
For Azure Kubernetes Service (AKS):
apiVersion: v1 kind: Service metadata: namespace: instana-core annotations: # For additional Loadbalancer annotations, kindly refer: https://cloud-provider-azure.sigs.k8s.io/topics/loadbalancer/#loadbalancer-annotations service.beta.kubernetes.io/azure-load-balancer-resource-group: <your-resource-group> service.beta.kubernetes.io/azure-load-balancer-internal: "false" #if internet facing service.beta.kubernetes.io/azure-dns-label-name: <dns-label-name> name: loadbalancer-acceptor spec: type: LoadBalancer externalTrafficPolicy: Local ports: - name: http-service port: 443 protocol: TCP targetPort: http-service selector: app.kubernetes.io/name: instana app.kubernetes.io/component: acceptor instana.io/group: service
-
For Amazon Elastic Kubernetes Service (Amazon EKS):
apiVersion: v1 kind: Service metadata: namespace: instana-core annotations: # To explore on more service annotations, kindly refer the documentation - https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.8/guide/service/annotations/ service.beta.kubernetes.io/aws-load-balancer-name: <your-load-balancer-name> service.beta.kubernetes.io/aws-load-balancer-subnets: <subnet1-name>,<subnet2-name>,<subnet3-name> service.beta.kubernetes.io/aws-load-balancer-ip-address-type: ipv4 service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing" name: loadbalancer-acceptor spec: type: LoadBalancer externalTrafficPolicy: Local ports: - name: http-service port: 443 protocol: TCP targetPort: http-service selector: app.kubernetes.io/name: instana app.kubernetes.io/component: acceptor instana.io/group: service
-
For Google Kubernetes Engine (GKE):
apiVersion: v1 kind: Service metadata: namespace: instana-core annotations: # To explore on more service annotations, kindly refer the documentation https://cloud.google.com/kubernetes-engine/docs/concepts/service-load-balancer cloud.google.com/l4-rbs: "enabled" name: loadbalancer-acceptor spec: type: LoadBalancer loadBalancerIP: <your_loadbalancer_IP> externalTrafficPolicy: Local ports: - name: http-service port: 443 protocol: TCP targetPort: http-service selector: app.kubernetes.io/name: instana app.kubernetes.io/component: acceptor instana.io/group: service
Replace <your_loadbalancer_IP> with the IP address of your load balancer.
-
-
Apply the YAML file by running the following command:
kubectl apply -f service.yaml -n <CORE_NAMESPACE>
Replace <CORE_NAMESPACE> with the namespace of the Core object.
Gateway
-
Create a YAML file such as
service.yaml
, complete one of the following steps:-
For Azure Kubernetes Service (AKS):
apiVersion: v1 kind: Service metadata: namespace: instana-core name: loadbalancer-gateway annotations: # For additional Loadbalancer annotations, kindly refer: https://cloud-provider-azure.sigs.k8s.io/topics/loadbalancer/#loadbalancer-annotations service.beta.kubernetes.io/azure-load-balancer-resource-group: <your-resource-group> service.beta.kubernetes.io/azure-load-balancer-internal: "false" #internet facing service.beta.kubernetes.io/azure-dns-label-name: <dns-label-name> spec: type: LoadBalancer externalTrafficPolicy: Local ports: - name: https port: 443 protocol: TCP targetPort: https - name: http port: 80 protocol: TCP targetPort: http selector: app.kubernetes.io/name: instana app.kubernetes.io/component: gateway instana.io/group: service
-
For Amazon Elastic Kubernetes Service (Amazon EKS):
apiVersion: v1 kind: Service metadata: namespace: instana-core name: loadbalancer-gateway annotations: # To explore on more service annotations, kindly refer the documentation - https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.8/guide/service/annotations/ service.beta.kubernetes.io/aws-load-balancer-name: <your-gateway-name> service.beta.kubernetes.io/aws-load-balancer-ip-address-type: ipv4 service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing" service.beta.kubernetes.io/aws-load-balancer-subnets: <subnet1-name>,<subnet2-name>,<subnet3-name> spec: type: LoadBalancer externalTrafficPolicy: Local ports: - name: https port: 443 protocol: TCP targetPort: https - name: http port: 80 protocol: TCP targetPort: http selector: app.kubernetes.io/name: instana app.kubernetes.io/component: gateway instana.io/group: service
- For Google Kubernetes Engine (GKE):
apiVersion: v1 kind: Service metadata: namespace: instana-core name: loadbalancer-gateway annotations: # To explore on more service annotations, kindly refer the documentation https://cloud.google.com/kubernetes-engine/docs/concepts/service-load-balancer cloud.google.com/l4-rbs: "enabled" spec: type: LoadBalancer loadBalancerIP: <your_loadbalancer_IP> externalTrafficPolicy: Local ports: - name: https port: 443 protocol: TCP targetPort: https - name: http port: 80 protocol: TCP targetPort: http selector: app.kubernetes.io/name: instana app.kubernetes.io/component: gateway instana.io/group: service
Replace <your_loadbalancer_IP> with the IP address of your load balancer.
-
-
Apply the YAML file by running the following command:
kubectl apply -f service.yaml -n <CORE_NAMESPACE>
Replace <CORE_NAMESPACE> with the namespace of the Core object.
Instana backend on Red Hat OpenShift
To set up load balancers for your Instana backend on Red Hat OpenShift, create Routes by running the following commands:
Acceptor
oc create route passthrough acceptor --hostname=<acceptor_subdomain> --service=acceptor --port=8600 -n instana-core
OTLP Acceptor
oc create route passthrough otlp-http-acceptor --hostname=otlp-http.<base_domain> --service=gateway --port=https -n instana-core
oc create route passthrough otlp-grpc-acceptor --hostname=otlp-grpc.<base_domain> --service=gateway --port=https -n instana-core
Gateway
oc create route passthrough base-domain --hostname=<base_domain> --service=gateway --port=https -n instana-core
oc create route passthrough <unitName>-<tenantName>-ui --hostname=<unitName>-<tenantName>.<base_domain> --service=gateway --port=https -n instana-core