Agents run a client load-balancer that can connect them to any of the servers. The registration endpoint (--server flag/config value) is only used for the initial connection to the cluster. Once it’s joined it monitors the apiserver endpoint list and maintains connections to all of the servers. You can see this occurring in the agent logs.
creamy-pencil-82913
09/08/2022, 6:25 PM
there’s no real point to putting a real load-balancer in front of the control plane. For the purposes of registering new nodes to the cluster, a simple DNS record that points at all the active servers is sufficient.
b
best-microphone-20624
09/08/2022, 11:39 PM
What about loadbalancing external access to the kube-apiserver, say from a non-rancher gitops mgmt server like argocd or fluxcd running in a separate mgmt cluster?
c
creamy-pencil-82913
09/09/2022, 7:47 AM
the same thing would work fine with a round-robin DNS record pointing at the control plane. The load-balancer provides very little value.
p
polite-breakfast-84569
09/09/2022, 8:54 AM
the only thing is that with DNS you cannot know if one of the masters is down. But yeah now i understand more, thank you very much!
Do you know where I can find more info on how the rke2-agent keeps track of the master nodes, I suppose if one master is not available the rke2-agent will also notice it right?
Is the registration endpoint then after the node is added into the cluster not used anymore then? or it is also used to keep track of the masters?