How to Expose Applications in AWS EKS Using an ELB Created via IaC or CLI?

By
Naveen Kumar
-
0
12
Asked By CuriousCoder92 On

I'm looking for advice on exposing applications running in my AWS EKS production cluster using an Elastic Load Balancer (ELB) that I've set up with Infrastructure as Code (IaC) or the command line interface (CLI). Just to clarify, I want to avoid using a load balancer created by Kubernetes ingress or service type load balancer resources.

To give you some context, my EKS cluster was set up back in the first half of 2021, and it has around 20 nodes per environment. The existing method I use is somewhat convoluted. It involves routing traffic from a Route53 domain to an Application Load Balancer (ALB) generated through IaC. This then directs traffic to a target group that uses IP addresses of Elastic Network Interfaces (ENIs) from a Network Load Balancer (NLB) and further connects to another target group that consists of pod IP addresses belonging to an Nginx ingress controller. This setup seems unnecessarily complex, and I'm wondering if it made more sense back in 2021 when it was created.

Recently, I read an article that discusses managing load balancers separately from Kubernetes lifecycle through TargetGroupBinding, which seems much more straightforward. I'm keen to hear how others are managing to expose their apps in AWS EKS with this kind of setup, especially with an ELB created using IaC or CLI.

4 Answers

Answered By NiftyNetworker On

The setup you're describing sounds similar to mine, although I'm using Traefik and NLBs so I can avoid some of this confusion. It might feel messy at times, but it provides flexibility when provisioning infrastructure using IaC without delving deeper into Kubernetes-specific tools.

Answered By TechSavvyPal On

It sounds like you might be on the right track! Using a TargetGroupBinding can effectively link your ELB to your Kubernetes resources, which may alleviate some of the complexity you're experiencing.

Answered By CloudCrafter88 On

The aws-lb-controller is really beneficial here! It handles target group bindings, which is essential for autoscaling and integrations with tools like Karpenter NodePools. I can't think of a strong reason to manage the ELB externally since it adds unnecessary complexity.

Answered By DevOpsDynamo On

You could simply use an Application Load Balancer and point it to a target group that your containers can register themselves with upon spawning. Auto-managing IPs for the target group is a lot more efficient. Also, with this setup, you can utilize blue/green deployments, handle SSL at the LB level, and keep your traffic routed appropriately.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.