FAQ ALB ip vs instance mode rationale incorrect? #2171
Comments
|
Hey Gus! Feel free to cut a PR. I can check in with @chrisnegus on where this information came from. |
|
@anguslees it probably depends on how pods are distributed across the nodes in the cluster. If you don't have a pod anti-affinity policy or are not using topology spread constraints, multiple pods in a Deployment can wind up running on a small number of instances. IP targets are generally recommended because it avoids routing traffic through kube-proxy (> overhead). Unless you're using IPVS, kube-proxy will always default to RR for routing traffic so, assuming an even distribution of pods and a traffic policy of |
Curious if we have benchmarks on this. IPTables should be pretty fast at most scales. |
|
Using IP targets can preserve the source IP in the HTTP header, making it easier to trace back to the source of the traffic. While I think the recommendation is sound (use IP targets) the rationale might need to be updated. |
And just to be clear, I'm saying instance mode (without internalTrafficPolicy=Local) will send an equal number of queries to pods even when those pods are packed unevenly onto nodes. (Because the pod-level assignment is actually done by kube-proxy and iptables RR as you described) |
|
We decided that this type of content is best suited for the AWS load balancer documentation. So I removed the content from the Karpenter FAQ (see PR #2245). I then opened an issue for the ALB docs (see Issue 2747). |
This sounds incorrect? I think instance-mode will send traffic equally to all nodes (to a NodePort), and thence equally to all pods (that are ready and match the service selector).
Maybe this section is confusing instance-mode with
internalTrafficPolicy=Local?The text was updated successfully, but these errors were encountered: