Existing Application Load Balancer

Last updated 2 years ago

Existing Application Load Balancer

1. Deploy ingress-nginx-controller

We'll use ingress-nginx as ingress in the cluster, if you are already using ingress-nginx then it would only update the existing one without making any changes

Latest version of ingress-nginx-controller can be found . This guide assumes version 1.3.0

curl -L https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.0/deploy/static/provider/aws/deploy.yaml > ingress-nginx-deployment.yaml

Once deployed check if the namespace “ingress-nginx” has been deployed by running kubectl get ns

2. Create Target Group

Create a target group from Amazon UI with below details:

Name: hypertest-ingress-nginx-controller
Target Type: IP Address
Protocol: HTTP
Port: 1
VPC: Select your VPC
Protocol Version: HTTP1
Health Check Protocol: HTTP, Path: /healthz
Go to next page, then create target group

3. Attach Load Balancer to target group

Go to your load balancer -> Listener
Edit rules for HTTP 80
Add a new rule
- Add condition: Host header is *.hypertest.<your domain>
- Add action: Select your target group

4. Create Target Group Binding

Create a file ht-nginx-target-group.yaml as shown below:

ht-nginx-target-group.yaml

apiVersion: elbv2.k8s.aws/v1beta1
kind: TargetGroupBinding
metadata:
  name: hypertest
  namespace: ingress-nginx
spec:
  serviceRef:
    name: ingress-nginx-controller
    port: 80
  targetGroupARN: <your tagret-group ARN>
  targetType: ip

Create the target group binding using the following command

kubectl apply -f ht-nginx-target-group.yaml

Verify the targets are registered in target group, the health check will be failing right now. We will have to attach our security group to cluster's security group for it.

5. Attach Load balancer's Security Group to cluster's Security Group

We need to allow incoming request from load balancer in cluster. To do this an inbound rule should be added allowing request from Load balancer's SG.

The load Balancer SG should have below inbound rules and outbound rules

Copy the load balancer's security group's id
Find your cluster's security group
Create an inbound rule in cluster's security group
- Type: HTTP
- Source: Custom
- In field box, enter <your security group>
- Description: enter your load balancer name
- Save rule

Verify the health check of targets

6. Creating storage and ingress classes

Create a file ht-ingress-storage-classes.yaml as shown below

ht-ingress-storage-classes.yaml

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: hypertest-storage-class
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer
provisioner: ebs.csi.aws.com #specify your provisioner name here. eg: microk8s.io/hostpath
parameters: # specify parameters for your storage class here
  type: gp3
allowVolumeExpansion: true # set this to true if your provisioner supports expanding volume, otherwise remove this
---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: hypertest-ingress-class
spec:
  controller: k8s.io/ingress-nginx  #specify your controller name here. eg: k8s.io/ingress-nginx for nginx-ingress-controller https://kubernetes.github.io/ingress-nginx/

Create the ingress and storage class using the following command

kubectl apply -f ht-ingress-storage-classes.yaml

After creating ingress and storage classes, we will now deploy HyperTest controller. Please refer the below guide for the same.

PreviousEKS NextGCP