Ujang Mumu
Uje's Notes

Uje's Notes

How to use a single Loadbalancer for multiple ingresses in EKS, using Terraform.

Photo by Domenico Loia on Unsplash

How to use a single Loadbalancer for multiple ingresses in EKS, using Terraform.

Ujang Mumu's photo
Ujang Mumu
·Sep 7, 2022·

2 min read

In Cloud, creating resources always comes with a cost. So operating a huge Kubernetes cluster with many deployments and ingresses usually would need a lot of load balancers.

Conceptually Kubernetes ingress is like a cloud load balancer, so it's a lot simpler to treat & configure it like one.

In this post, I'll illustrate using one load balancer for multiple ingresses.

At this point, I have an EKS cluster deployed by Terraform, and an AWS load balancer controller installed.

The key is using IngressGroup feature.

alb.ingress.kubernetes.io/group.name: my-team.awesome-group

Specify the order of ingresses by using:

alb.ingress.kubernetes.io/group.order: '10'

Below is complete code snippet in Terraform.

First Ingress

resource "kubernetes_ingress_v1" "testing" {
  metadata {
    name = "testing"
    annotations = {
      "alb.ingress.kubernetes.io/group.name"           = "default"
      "alb.ingress.kubernetes.io/group.order"           = "10"
      "alb.ingress.kubernetes.io/ssl-redirect"         = "443"
      "alb.ingress.kubernetes.io/scheme"               = "internet-facing"
      "alb.ingress.kubernetes.io/success-codes"        = "200,404,301,302"
      "alb.ingress.kubernetes.io/listen-ports"         = "[{\"HTTPS\":443}, {\"HTTP\":80}]"
      "alb.ingress.kubernetes.io/certificate-arn"      = "arn:aws:acm:ap-southeast-1:"
    }
    namespace = "testing"
  }
  spec {
    ingress_class_name = "alb"
    rule {
      host = "testing.ujangmumu.com"
      http {
        path {
          backend {
            service {
              name = "testing"
              port {
                number = 80
              }
            }
          }
          path = "/*"
        }
      }
    }
  }
  depends_on = [module.alb-ingress]
}

Second Ingress

resource "kubernetes_ingress_v1" "example" {
  metadata {
    name = "example"
    annotations = {
      "alb.ingress.kubernetes.io/group.name"           = "default"
      "alb.ingress.kubernetes.io/group.order"           = "20"
      "alb.ingress.kubernetes.io/ssl-redirect"         = "443"
      "alb.ingress.kubernetes.io/scheme"               = "internet-facing"
      "alb.ingress.kubernetes.io/success-codes"        = "200,404,301,302"
      "alb.ingress.kubernetes.io/listen-ports"         = "[{\"HTTPS\":443}, {\"HTTP\":80}]"
      "alb.ingress.kubernetes.io/certificate-arn"      = "arn:aws:acm:ap-southeast-1:"
    }
    namespace = "example"
  }
  spec {
    ingress_class_name = "alb"
    rule {
      host = "example.ujangmumu.com"
      http {
        path {
          backend {
            service {
              name = "example"
              port {
                number = 80
              }
            }
          }
          path = "/*"
        }
      }
    }
  }
  depends_on = [module.alb-ingress]
}
 
Share this