以前的 Service 如果要透過 native GKE Ingress 給外部使用,需要設定為 NodePort, 但這麼做就需要多經過一個節點。每經過一個節點就會增加延遲時間或著故障的機率。
在 GKE 1.17.6-gke.7 以後並且符合下列條件,Service 就會自動啟用 NEG.
For Services created in GKE clusters 1.17.6-gke.7 and up
Using VPC-native clusters
Not using a Shared VPC
Not using GKE Network Policy
在 GKE document 中也建議如果非需要,使用 ClusterIP 就好。
It’s also possible to use a Service of type NodePort with container-native load balancing. That is, GKE will still create NEG(s) as long as the
cloud.google.com/negannotation is present. A Service of type ClusterIP is recommended unless you explicitly need the nodePort provided by a NodePort Service.
ref: https://cloud.google.com/kubernetes-engine/docs/how-to/container-native-load-balancing#create_service
如果將 NEG 關掉
cloud.google.com/neg: ‘{“ingress”: false}’
則會看到只支援 NodePort/LoadBalancer
