Question 281998 in Nginx Question posted in
The official documentation can be found here.

How to use nginx ingress controller with alb?

I am doing a new setup of Kubernetes cluster. I have few mircroservices running in pods. Now, I wanted to route those services basis on their path. For e.g: domain.com/order should redirect me to orderservice pod and domain.com/customer should redirect me to customerservice pod.
Rough diagram of the setup

Initially, I did the whole setup using ALB ingress controller but the problem was that sadly alb still doesn’t support rewrite url. This means if I have my url as domain.com/order to redirect to orderservice pod then the final url should become domain.com/swagger/index.html but this does not work as there is no rewrite functionality.

Then I moved onto nginx ingress controller. I have done the ingress controller setup but it does not integrate with alb. It can only be integrated with classic load balancer(which is soon going to be depreciated) or via nlb which works at layer 4 however I would want to integrate it with alb which actually works on application layer(layer 7) for some extra configurations and stats.

I can’t find any way to achieve such a simple task in AWS. I’m wondering what is everyone in the market actually using if they want to use nginx as ingress controller and layer 7 load balancer from AWS?

Tags:

2

Answers


  1. 0

    I usually following the approach when I have NLB -> Nginx Ingress -> Pod.
    All the metrics I can collect from the Nginx Ingress with Prometheus.
    Also, NLB is able to terminate TLS for you and you can assign a proper ACM certificate arn via annotations. Of course you can use Certbot to issue certificates inside the EKS if you need throughout TLS all the way.
    There are more advantages to use NLB:

    • it’s able to process more traffic
    • you can use it for Websockets and other, non-HTTP protocols
      The only disadvantage is that you can’t have WAF attached to the NLB and need to have either ALB after it or CloudFront. Another workaround is to have mod_security configured on the Nginx Ingress level instead of using AWS WAF.
    Login or Signup to reply.
  2. 0

    I am also facing same issue. I have am using Nginx as ingress controller, and I am using Helm Chart to deploy it on EKS cluster. Here are my observation:

    1. If you used ServiceType: LoadBalancer, this will result in Classic Load Balancer.
    2. I tried to update the service type to ClusterIP, as suggested by @jordanm, but this doesnot change the CLB to ALB, or deploys a new ALB.

    Note: When Classic LB is created from ingress-controller service type, AWS offers a migration solution to deploy ALB with same configuraiton ( I did that, in hopes the FQDN will remain same) but I ended up getting a new ALB along with my CLB. Hence no point in doing this.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search