Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

EKS in private Subnet , Load Balancer in public subnet

Tags:

kubernetes-ingress

aws-load-balancer

amazon-eks

internal-load-balancer

I am running EKS in private subnet and thus unable to create an internet facing load balancer but was able to create Internal LoadBalancer.

Is there any way I can create Loadbalancer(probably Manually) in public subnet and point to the pods running in EKS in the private subnet.

I was thinking of creating the chain of load balancer in which External load balancer will point to internal load balancer but that too is not possible as the IP address of the internal load balancer is reserved IP.

Can I try some other way to route the traffic from the internet to pod?

like image 370
R-JANA Avatar asked Jan 03 '19 17:01

R-JANA

People also ask

Can public subnet talk to private subnet AWS?

The instances in the public subnet can send outbound traffic directly to the internet, whereas the instances in the private subnet can't. Instead, the instances in the private subnet can access the internet by using a network address translation (NAT) gateway that resides in the public subnet.

How do I connect to AWS private subnet from a public subnet?

If you want to access your private subnet from outside of the VPC you need to add a bastion host to the public subnet. The bastion host should have a security group which only allows connections from the IP of your personal machine (if this is where your accessing from).

Do you need load balancer with EKS?

If your pods run on Windows in an Amazon EKS cluster, a single service with a load balancer can support up to 1024 back-end pods. Each pod has its own unique IP address. We recommend only creating new Network Load Balancers with the AWS Load Balancer Controller.

Can I deploy EKS to a dedicated VPC?

However, if you have them in your VPC, you can deploy self-managed nodes and Kubernetes resources to these types of subnets. The subnets must use IP address based naming. Amazon EC2 resource-based naming isn't supported with Amazon EKS. The subnets can be a public or private.

1 Answers

I had the same issue and it was because I did not tag the VPC subnets properly: https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html

I had to add the key: kubernetes.io/cluster/{eks-cluster-name} value: shared tag to the VPC

Then you can create a LB using a service with the type LoadBalancer

apiVersion: v1
kind: Service
metadata:
  name: helloworld
  labels:
    app: helloworld
spec:
  ports:
  - port: 80
    targetPort: 8080
  selector:
    app: helloworld
  type: LoadBalancer

This might help during the service creation: https://blog.giantswarm.io/load-balancer-service-use-cases-on-aws/

like image 193
aovelhanegra Avatar answered Oct 04 '22 19:10

aovelhanegra
Sign in to Comment

Related questions

denied the request: rejecting admission review because the request does not contains an Ingress resource but networking.k8s.io/v1
How to Route to specific pod through Kubernetes Service (like a Gateway API)
how to redirect http to https using a kubernetes ingress controller on Amazon EKS
GKE Ingress with container-native load balancing does not detect health check (Invalid value for field 'resource.httpHealthCheck')
How to rewrite target url within an AWS ALB Ingress Controller?
Terraform AWS Kubernetes EKS resources with ALB Ingress Controller won't create load balancer
Minikube with ingress example not working
How to serve static contents in a kubernetes application
how to setup basic rabbitmq on kubernetes
Nginx ingress controller websocket support
Kubernetes apiVersion: networking.k8s.io/v1 Issue with 'Ingress'
Kubernetes basic authentication with Traefik
How to set up a custom HTTP error in Kubernetes
Terraform AWS EKS ALB Kubernetes Ingress won't create Listeners or Target Groups
Exposing a service in Kubernetes using nginx reverse proxy
Minikube Kubernetes won't allow ingress on Mac despite running as a VM
How to get Kubernetes Ingress Port 80 working on baremetal single node cluster
How to access MySql hosted with Nginx Ingress+Kubernetes from client
Does GKE support nginx-ingress with static ip?
How to debug failed requests with client_disconnected_before_any_response

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!