Photo by Domenico Loia on Unsplash
How to use a single Loadbalancer for multiple ingresses in EKS, using Terraform.
In Cloud, creating resources always comes with a cost. So operating a huge Kubernetes cluster with many deployments and ingresses usually would need a lot of load balancers.
Conceptually Kubernetes ingress is like a cloud load balancer, so it's a lot simpler to treat & configure it like one.
In this post, I'll illustrate using one load balancer for multiple ingresses.
At this point, I have an EKS cluster deployed by Terraform, and an AWS load balancer controller installed.
The key is using IngressGroup feature.
alb.ingress.kubernetes.io/group.name: my-team.awesome-group
Specify the order of ingresses by using:
alb.ingress.kubernetes.io/group.order: '10'
Below is complete code snippet in Terraform.
First Ingress
resource "kubernetes_ingress_v1" "testing" {
metadata {
name = "testing"
annotations = {
"alb.ingress.kubernetes.io/group.name" = "default"
"alb.ingress.kubernetes.io/group.order" = "10"
"alb.ingress.kubernetes.io/ssl-redirect" = "443"
"alb.ingress.kubernetes.io/scheme" = "internet-facing"
"alb.ingress.kubernetes.io/success-codes" = "200,404,301,302"
"alb.ingress.kubernetes.io/listen-ports" = "[{\"HTTPS\":443}, {\"HTTP\":80}]"
"alb.ingress.kubernetes.io/certificate-arn" = "arn:aws:acm:ap-southeast-1:"
}
namespace = "testing"
}
spec {
ingress_class_name = "alb"
rule {
host = "testing.ujangmumu.com"
http {
path {
backend {
service {
name = "testing"
port {
number = 80
}
}
}
path = "/*"
}
}
}
}
depends_on = [module.alb-ingress]
}
Second Ingress
resource "kubernetes_ingress_v1" "example" {
metadata {
name = "example"
annotations = {
"alb.ingress.kubernetes.io/group.name" = "default"
"alb.ingress.kubernetes.io/group.order" = "20"
"alb.ingress.kubernetes.io/ssl-redirect" = "443"
"alb.ingress.kubernetes.io/scheme" = "internet-facing"
"alb.ingress.kubernetes.io/success-codes" = "200,404,301,302"
"alb.ingress.kubernetes.io/listen-ports" = "[{\"HTTPS\":443}, {\"HTTP\":80}]"
"alb.ingress.kubernetes.io/certificate-arn" = "arn:aws:acm:ap-southeast-1:"
}
namespace = "example"
}
spec {
ingress_class_name = "alb"
rule {
host = "example.ujangmumu.com"
http {
path {
backend {
service {
name = "example"
port {
number = 80
}
}
}
path = "/*"
}
}
}
}
depends_on = [module.alb-ingress]
}