Question 97797 in Nginx Question posted in
The official documentation can be found here.

How to configure nginx ingress to use single ingress load balancer for multiple hosts and multiple namespaces

I’m planning to deploy more than 30 apps in 5 namespaces. I will be using existing AWS EKS 1.21 Cluster. All the apps will be requiring external access because it’s being used by clients. I don’t want to use multiple load balancers to ease the management and also avoiding extra cost on AWS side (because ELB is charged based on hourly usage too.)

What I’m trying to do it basically ;

 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: random-ingress
 spec:
   rules:
   - host: randomhost-in-namespace1.com
     http:
       paths:
       - path: /
         backend:
           serviceName: randomhost-in-namespace1 (in first namespace)
           servicePort: 80
   - host: randomhost-in-namespace2.com
     http:
       paths:
       - path: /
         backend:
           serviceName: randomhost-in-namespace2 (in second namespace)
           servicePort: 80
   - host: randomhost-in-namespace3.com
     http:
       paths:
       - path: /
         backend:
           serviceName: randomhost-in-namespace3 (in third namespace)
           servicePort: 80

Something like this.

Is it possible to cover all these apps in all these namespaces with a single ingress load balancer? I didn’t find any clear information about this.

Any help will be highly appreciated.
Thank you.

Tags:

2

Answers


  1. 0

    using the AWS LB Controller and not Nginx LB, you can have 1x ALB, re-used by each namespace.

    define Ingress.yaml file per namespace and annotate them with the same alb-group-name.

    If group.name specified, all Ingresses with this IngressClass will
    belong to the same IngressGroup specified and result in a single ALB.

    the AWS LB Controller will then create 1x ALB, it desired rules, listeners to TG’s and register the right EC2 nodes etc.

    this can be something like this:

    Ingress-namespace1.yaml

    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: random-ingress
  namespace: namespace1
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/group.name: my-group
    alb.ingress.kubernetes.io/scheme: internet-facing
spec:
  rules:
    - host: randomhost-in-namespace1.com
      http:
        paths:
          - path: /
            backend:
              serviceName: randomhost-in-namespace1 (in first namespace)
              servicePort: 80

    Ingress-namespace2.yaml

    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: random-ingress
  namespace: namespace2
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/group.name: my-group
    alb.ingress.kubernetes.io/scheme: internet-facing
spec:
  rules:
    - host: randomhost-in-namespace2.com
      http:
        paths:
          - path: /
            backend:
              serviceName: randomhost-in-namespace2 (in second namespace)
              servicePort: 80

    where both files contain same group.name and differ by their namespace and host rule.

    you can also follow AWS LBC logs to see if everything has been created successfully (should contain no errors on logs):

    kubectl logs deploy/aws-load-balancer-controller -n kube-system --follow
    Login or Signup to reply.
  2. 0

    There is no need to do ingress grouping here, as nginx ingress controller by default spins a single network load balancer in AWS,

    • Any ingress resource (ingress config files) created in any namespace will point to this single network load balancer.
    • Unlike AWS load balancer controller, every ingress resource will create a separate application load balancer, and you will need to use the ALB grouping feature to combine them.
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search