AWS VPC - k8s - load balancing

风流意气都作罢 提交于 2019-11-29 17:57:18

In general, you would have a AWS Load-balancer instance that would have multiple K8s workers as backend server with a specific port. After traffic entering worker nodes, networking inside K8s would take the job.

Suppose you have setup two K8S services as load-balancer with port 38473 and 38474 for your two domains, respectively:

xxx.yyy.com -> AWS LoadBalancer1 -> Node1:38473 -> K8s service1 -> K8s Pod1
                                 -> Node2:38473 -> K8s service1 -> K8s Pod2
aaa.bbb.com -> AWS LoadBalancer2 -> Node1:38474 -> K8s service2 -> K8s Pod3
                                 -> Node2:38474 -> K8s service2 -> K8s Pod4

This simple solution above would need to have you create different services as load-balancer, which would increase your cost because they are actual AWS load-balancer instances. To reduce cost, you could have an ingress-controller instance in your cluster and write ingress config. This would only require one actual AWS load-balancer to finish your networking:

xxx.yyy.com -> AWS LoadBalancer1 -> Node1:38473 -> Ingress-service -> K8s service1 -> K8s Pod1
                                 -> Node2:38473 -> Ingress-service -> K8s service1 -> K8s Pod2
aaa.bbb.com -> AWS LoadBalancer1 -> Node1:38473 -> Ingress-service -> K8s service2 -> K8s Pod3
                                 -> Node2:38473 -> Ingress-service -> K8s service2 -> K8s Pod4

For more information, you could refer more information here:

It depends on how did you set your K8s service.

If you set a loadbalancer in AWS then you can create a service with loadbalancer type to expose a service to the internet. But it will cost much of money because it will own a ELB for each service. for more reference https://kubernetes.io/docs/concepts/services-networking/service/

Another option is ingress but it will more be complicated if you are not familiar with K8s but ingress is a more popular way to expose your K8S to internet

This article could give you a better concept of the ELB <> K8s.
https://medium.com/google-cloud/kubernetes-nodeport-vs-loadbalancer-vs-ingress-when-should-i-use-what-922f010849e0

What you are trying to do isn't the most cost optimal and standard approach to do this on EKS. A LoadBalancer resource in kubernetes cluster maps to a Classic Load Balancer in AWS. This approach would spin up a new ELB for every k8s service you create with a type load balancer. There are multiple approaches to do so, whichever aligns best with your use-case.

  • You can use an Application Load Balancer with EKS to handle ingress inside your cluster. You would have to deploy an ALB ingress controller which will manage assigning a configured ALB to every ingress resource that you create inside your K8s cluster. Though ALB integration into EKS is still relatively new, and there are certain drawbacks of using an ALB with EKS right now. One is that it doesn't work across namespaces in your cluster, i.e. for every ingress resource in a new namespace, the ALB Ingress Controller would spin up a new ALB, which is not very cost-efficient if you have multiple namespaces in your cluster.

  • You can expose your cluster using a single load balancer, and route all incoming requests to an internal ingress proxy. nginx is easily implementable and works great with k8s ingress resource. You would have to deploy an nginx ingress controller in your cluster. The controller will handle assigning the elb to an ingress resource. (Bonus: nginx ingress works across namespaces, unlike ALB).

  • You can also use a Network Load Balancer if you want to connect using a VPC Private Link. An example use-case would be an API. You can run your cluster workload inside private subnets and use an internal facing NLB. Then connect that NLB to the API Gateway service through a VPC Private Link.

Here's a git repository with some helping code on deploying an ALB with EKS:

https://github.com/pahud/eks-alb-ingress

There are plenty of resources available for the nginx approch.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!