Prerequisites
- The Load Balancer IP sharing feature applies to NextGen Gateway versions 19.1.0 and later when installed using the Gateway ISO.
- Other installation types may not support the single IP sharing functionality with Load Balancer.
Service Disruption and Expected Downtime
Changing the Load Balancer configuration will restart multiple services and their associated ports, causing temporary downtime for various components.
Expected Downtime for Key Components
| Version | Mode of Operation | Details |
|---|---|---|
| nextgen-gw-0 | Main Gateway StatefulSet pod | 3-5 minutes |
| nextgen-gw-tcp service | TCP services (SNMP traps, Syslog) | 2-3 minutes |
| nextgen-gw-udp service | UDP services (SNMP traps, Syslog) | 2-3 minutes |
| npm-collector-[hash] | NPM Collector pods | 2-4 minutes |
| npm-collector service | NPM Collector service (replaced) | 2-3 minutes |
| npm-collector-external | New external-facing NPM Collector | 1-3 minutes |
| npm-collector-internal | New internal ports NPM Collector | 1-3 minutes |
| squidproxy-[hash] | Squid proxy deployment pods | 2-4 minutes |
| squidproxy service | Original Squid proxy service | 1-2 minutes |
| squidproxy-ext service | Extension Squid proxy service | 1-2 minutes |
| nextgen-gw-lb-controller-[hash] | Load Balancer controller pod | 1-2 minutes |
| nextgen-updater-[hash] | Updater cronjob pod (if running) | No impact if not running |
| MetalLB components | Load balancer IP allocation | 2-3 minutes |
Tip
For production environments, perform this operation during a scheduled maintenance window to minimize impact.Pods and Services: Before and After Load Balancer
- Before LB Enabled: Services such as Gateway, Squid Proxy, and Redis run with separate IPs and independent pods.
- After LB Enabled:
- Introduction of
nextgen-gw-lb-controllerpod. - Squid Proxy runs in two modes initially:
squid-proxy: Original service with a separate IP.squid-proxy-ext: New service sharing Gateway IP.
- Over time, only
squid-proxy-extwill remain active.
- Introduction of
Example: Pod Status Before Load Balancer Enabled
root@gateway-admin:/home/gateway-admin# kubectl get pods
NAME READY STATUS RESTARTS AGE
nextgen-gw-0 3/3 Running 0 40m
nextgen-gw-redis-master-0 1/1 Running 0 40m
opsramp-agent-4jm9c 1/1 Running 0 40m
squid-proxy-7549c5477f-gzqs5 1/1 Running 0 40m
stan-0 2/2 Running 0 40mExample: Service Status Before Load Balancer Enabled
root@gateway-admin:/home/gateway-admin# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.43.0.1 <none> 443/TCP 50m
nextgen-gw ClusterIP 10.43.217.215 <none> 25000/TCP 39m
nextgen-gw-redis-headless ClusterIP None <none> 6379/TCP 39m
nextgen-gw-redis-master ClusterIP 10.43.31.37 <none> 6379/TCP 39m
nextgen-gw-tcp LoadBalancer 10.43.133.248 172.25.250.63 514/TCP 39m
nextgen-gw-udp LoadBalancer 10.43.42.125 172.25.250.63 162/UDP,514/UDP 39m
squid-proxy LoadBalancer 10.43.212.152 172.25.250.63 3128/TCP 39m
stan ClusterIP None <none> 7777/TCP,8222/TCP,4222/TCP 39mExample: Pod Status After Load Balancer Enabled
NAME READY STATUS RESTARTS AGE
conntrack-handler-job-nextgen-gw-tcp-6ssq5 1/1 Running 0 4s
conntrack-handler-job-nextgen-gw-udp-svbm6 1/1 Running 0 4s
conntrack-handler-job-squid-proxy-ext-r777g 1/1 Running 0 3s
nextgen-gw-0 1/4 Running 0 23s
nextgen-gw-lb-controller-5475cb8f86-jp6pm 1/1 Running 0 23s
nextgen-gw-redis-master-0 1/1 Running 0 43m
opsramp-agent-4jm9c 1/1 Running 0 43m
squid-proxy-6b8f646d89-9skg2 2/2 Running 0 23s
stan-0 2/2 Running 0 43mExample: Service Status After Load Balancer Enabled
root@gateway-admin:/home/gateway-admin# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.43.0.1 <none> 443/TCP 54m
nextgen-gw ClusterIP 10.43.217.215 <none> 25000/TCP 44m
nextgen-gw-lb-controller ClusterIP 10.43.237.12 <none> 8080/TCP 62s
nextgen-gw-redis-headless ClusterIP None <none> 6379/TCP 44m
nextgen-gw-redis-master ClusterIP 10.43.31.37 <none> 6379/TCP 44m
nextgen-gw-tcp LoadBalancer 10.43.133.248 172.25.250.63 514/TCP 44m
nextgen-gw-udp LoadBalancer 10.43.42.125 172.25.250.63 162/UDP,514/UDP 44m
squid-proxy-ext LoadBalancer 10.43.74.107 172.25.250.63 3128/TCP 62s
stan ClusterIP None <none> 7777/TCP,8222/TCP,4222/TCP 44mPoint to be Noted
- Squid Proxy will continue to run in a Load Balancer (LB) configuration but will now share its IP address with the Gateway service.
- If you already have Squid Proxy running, it uses a separate IP address from the Gateway service. To allow customers enough time to update their agents on their own schedule, the existing Squid Proxy service will remain active with its current IP. Alongside the existing service, a new service called squid-proxy-ext will be introduced, which shares the IP address with the Gateway service.
- If you will have two Squid Proxy services running in the Load Balancer setup:
- squid-proxy: Uses the original, separate IP address.
- squid-proxy-ext: Shares the Gateway’s IP address.
- Only the new squid-proxy-ext service will be deployed once the Load Balancer mode is enabled.