I am trying to set a static private IP address for a Kubernetes loadbalancer service during its creation:
apiVersion: v1
kind: Service
metadata:
name: web-server-service-lb
namespace: web
annotations:
service.beta.kubernetes.io/aws-load-balancer-type: "nlb-ip"
service.beta.kubernetes.io/aws-load-balancer-internal: "true"
service.beta.kubernetes.io/aws-load-balancer-private-ipv4-addresses: "10.9.4.55, 10.9.1.55"
service.beta.kubernetes.io/aws-load-balancer-subnets: "subnet-02500d74cef5fef04, subnet-0e32bdf9ae9de8145"
spec:
type: LoadBalancer
selector:
app: web
ports:
- protocol: TCP
port: 5000
targetPort: 80
I have tried something like this but when describing the service that it created it does not show the static IP address I set:
Name: web-server-service-lb
Namespace: web
Labels: <none>
Annotations: service.beta.kubernetes.io/aws-load-balancer-internal: true
service.beta.kubernetes.io/aws-load-balancer-private-ipv4-addresses: 10.9.4.55, 10.9.1.55
service.beta.kubernetes.io/aws-load-balancer-subnets: subnet-02500d74cef5fef04, subnet-0e32bdf9ae9de8145
service.beta.kubernetes.io/aws-load-balancer-type: nlb-ip
Selector: app=web
Type: LoadBalancer
IP Family Policy: SingleStack
IP Families: IPv4
IP: 172.20.140.81
IPs: 172.20.140.81
Port: <unset> 5000/TCP
TargetPort: 80/TCP
NodePort: <unset> 30878/TCP
Endpoints: 10.9.1.194:80
Session Affinity: None
External Traffic Policy: Cluster
Is the service I created incorrectly in some way?
This is all being deployed in AWS/Kubernetes.
2
Answers
Go to the Console > ELB > [Select your NLB> and check the IP assigned to your NLB at the "Network mapping" tab. The IP listed there should be those stated in the annotation, eg. 10.9.4.55, 10.9.1.55.
The main goal is to create a static way to access a service that is running in the cluster.
That’s exactly what the NLB do for you.
An Elastic IP address is a reserved public IP address that you can assign to your NLB in a particular region until you choose to release it.
As stated, EIP is public which means you can’t have an internal NLB which you have in your configuration. I don’t believe there is something such as "Private Elastic IP" which other answers suggest.
Your option here is to make your NLB public-facing, moving it to public subnets. Then provision two EIPs (as you have two subnets) and associate them with your NLB using the following annotation: