The ULB comprises the following components which run as pods in the Kubernetes cluster:

• Operator: This is a controller pod. It can run or get spawned on any of the K8s nodes. The Operator manages the necessary Kubernetes and Cilium resources associated with the Load Balancer and Egress Management Policy Custom Resources (CRs). The Operator automates deployment, scaling, and operational tasks for the resources it manages, ensuring that the state of the system matches the desired state expressed by the CRs.

• Agent: The ULB Agent is a DaemonSet that runs on each node in the K8s cluster. The ULB Agent manages the NAT table and RAW table entries on each node for the corresponding pods on that node that are subject to the Egress Management Policy. It ensures that traffic routing and policy enforcement are correctly applied at the node level.

• Ops Center: The ULB Operations (Ops) Center serves as the central point for configuration and upgrades of ULB components within the cluster. It helps to manage the lifecycle of ULB components, including deployment, monitoring, and maintenance activities.

• Load Balancer API: Implemented as a Kubernetes Custom Resource Definition (CRD), facilitating the creation, configuration, and management of load balancer instances within the Kubernetes cluster.

• Egress Management Policy API: Also implemented as a Kubernetes CRD, this API enables the definition and enforcement of egress policies for pods, ensuring that outbound traffic is controlled and adheres to specified rules.

ULB Operator and Agent contain Helm charts and Docker files (images), which allow conformance to industry standards for installing and managing products within Kubernetes. ULB Ops Center provides a stable CLI/API for operators to manage the product holistically. ULB Ops Center uses helm v3 to communicate directly to the Kubernetes API server to install, upgrade, query, and remove Kubernetes resources.