AWS Load Balancer Controller is a Kubernetes Controller that helps manage the lifecycle of Elastic Loadbalancers (ELB). AWS Load Balancer controller supports two types of ELBs:
- Application Load Balancers (ALB) that utilize the
- Network Load Balancers (NLB) that utilize the
In this article, we will take a closer look at Application Load Balancers.
Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource. For e.g. simple example where an Ingress sends traffic to one service:
An example of a simple Ingress resource:
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: minimal-ingress annotations: nginx.ingress.kubernetes.io/rewrite-target: / spec: rules: - http: paths: - path: /testpath pathType: Prefix backend: service: name: test port: number: 80
An Ingress Controller is responsible for fulfilling the Ingress resource, usually with a load balancer.
How does the AWS Load Balancer Controller work?
ALB Load Balancer controller is an Ingress Controller that satisfies the Ingress resource and is responsible for routing traffic from outside the cluster to services inside the cluster.
|Image Credits - AWS ALB Ingress Controller|
The ALB Load Balancer controller works as following (from here):
: The controller watches for ingress events from the API server. When it finds ingress resources that satisfy its requirements, it begins the creation of AWS resources.
: An ALB (ELBv2) is created in AWS for the new ingress resource. This ALB can be internet-facing or internal. You can also specify the subnets it’s created in using annotations.
: Target Groups are created in AWS for each unique Kubernetes service described in the ingress resource.
: Listeners are created for every port detailed in your ingress resource annotations. When no port is specified, sensible defaults (
443) are used. Certificates may also be attached via annotations.
: Rules are created for each path specified in your ingress resource. This ensures traffic to a specific path is routed to the correct Kubernetes Service.
How to create an Ingress resource using an Application Load Balancer (ALB)?
A simple example for using an Ingress resource to route traffic to a python service using the AWS Load Balancer Controller:
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: python-web namespace: python-web annotations: kubernetes.io/ingress.class: alb alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/scheme: internet-facing spec: rules: - http: paths: - path: / backend: serviceName: python-web servicePort: 80
Things to note:
- Create an
- Traffic routing:
[alb.ingress.kubernetes.io/target-type](http://alb.ingress.kubernetes.io/target-type)annotation is used to specify how to route traffic to pods.
ipmode routes traffic directly to the pod IP whereas
instancemode will route traffic to ec2 instances within the cluster.
- We are specifying an
internet-facingALB using the
- We set up HTTP rules for the path
/and we forward that to the serviec named
How to setup the AWS Load Balancer Controller?
This article, How to setup an AWS EKS cluster with the AWS Load Balancer Controller using Pulumi, provides detailed look into how to set up an EKS cluster cluster with the AWS Load Balancer controller and how to deploy a simple application that serves external traffic.