AWS, Cloud Computing, DevOps, Kubernetes

4 Mins Read

Ingress Migration: Leveraging the Power of AWS Load Balancer Controller Add-On

Introduction

Kubernetes Ingress serves as an API resource that manages the control of HTTP(S) access, both internal and external, to services operating within a Kubernetes cluster. It provides a way to manage and configure routing rules for incoming traffic to the services.

On the other hand, Amazon Elastic Load Balancing Application Load Balancer (ALB) is a popular service provided by AWS that performs load balancing at the application layer (layer 7) for incoming traffic. ALB distributes the traffic across multiple targets, such as Amazon EC2 instances, within a specific region. It offers advanced features like routing based on host or path, TLS termination, support for WebSockets and HTTP/2, and integration with AWS WAF for enhanced security, access logs, and health.

AWS ALB Controller

The AWS ALB Controller is tasked with effectively managing AWS Application Load Balancers within a Kubernetes cluster. This controller handles the provisioning of the AWS Application Load Balancer (ALB) when a Kubernetes Ingress is created.

Pioneers in Cloud Consulting & Migration Services

  • Reduced infrastructural costs
  • Accelerated application deployment
Get Started

Ingress with ALB controller

When a user defines an Ingress resource, the aws-alb-ingress-controller within Kubernetes interacts with various AWS components to enable the desired functionality. The controller automatically creates these AWS components, as depicted in the diagram, to facilitate the routing of ingress traffic from the Application Load Balancer (ALB) to the Kubernetes cluster.

AD

Source: aws.com

Basic steps for the creation of Ingress and Ingress traffic

The aws-alb-controller follows a specific process, as indicated by the numbered blue circles in the diagram:

  1. The controller continuously monitors the API server for changes or events related to Ingress resources. Once it identifies Ingress resources that meet its requirements, it initiates the creation of AWS resources.
  2. An Application Load Balancer (ALB) is generated specifically for the Ingress resource. This ALB serves as the entry point for incoming traffic.
  3. For each backend specified in the Ingress resource, TargetGroups are created. These TargetGroups define the destinations for the incoming traffic based on the specified backends.
  4. Listeners are created to handle traffic on the designated ports specified in the Ingress resource. Sensible defaults such as port 80 or 443 are utilized if no port is explicitly defined.
  5. Rules are established for each path specified in the Ingress resource. These rules ensure traffic directed to a particular path is correctly routed to the appropriate TargetGroup.

Prerequisites

  • A Kubernetes Cluster (In this Assessment, I am dealing with EKS).
  • A sample docker image. I have taken a sample nginx latest image from the docker public repo.
  • In Kubernetes clusters, version 1.21 or higher, verify that the Amazon VPC CNI plugin for Kubernetes, kube-proxy, and CoreDNS add-ons must adhere to the minimum version prerequisites outlined in the Service account tokens documentation.
  • Helm and eksctl installations.

Steps to Configure the cluster with AWS Load Balancer Controller, Ingress, and workloads

  1. Updating the EKS cluster configuration file

step1

2. Creating an IAM OIDC provider for the EKS cluster

step2

3. Generate an IAM policy specifically designed for the AWS Load Balancer Controller, granting it the required permissions to interact with AWS APIs on your behalf seamlessly.

For all the regions:

For the regions GovCloud (US-East) or AWS GovCloud (US-West):

4. After downloading the required IAM Policy document, Create the IAM policy:

step4

5. To set up the necessary components for the AWS Load Balancer Controller, Create an IAM role with the required permissions, and after that, create a Kubernetes service account called “aws-load-balancer-controller” in the “kube-system” namespace. Finally, add an annotation to the Kubernetes service account, specifying the name of the IAM role.

step5

6. Install the AWS Load Balancer Controller

7. Using Helm package manager for Kubernetes, deploy the AWS Load Balancer Controller.

step7

8. Use the kubectl command to check whether the controller was installed successfully.

step8

step8b

Deploy a sample application and ingress in Kubernetes

9. Create a deployment with ngnix sample image with service as shown below:

step9

10. Create an ingress with default path / by connecting the service created earlier:

step10

11. Deploy the deployments and Ingress.

step11

12. Verify that all the deployments and Ingress are created and running successfully.

step12

13. Check with the Application load balancer created in the AWS Account.

step13

14. Copy the URL and paste it into the browser.

step14

Conclusion

The ALB controller addon automates the creation of an Amazon Load Balancer (ALB) and the associated AWS resources when a user declares an Ingress resource in their Kubernetes cluster.

The Ingress resource is utilized to direct HTTP(S) traffic to various endpoints within the cluster by leveraging the ALB. This functionality applies to any Kubernetes cluster, including Amazon Elastic Kubernetes Service (Amazon EKS).

Making IT Networks Enterprise-ready – Cloud Management Services

  • Accelerated cloud migration
  • End-to-end view of the cloud environment
Get Started

About CloudThat

CloudThat is an official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner and Microsoft Gold Partner, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best-in-industry cloud computing practices and expertise. We are on a mission to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within the cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere.

Drop a query if you have any questions regarding Ingress Migration, AWS Load Balancer, I will get back to you quickly.

To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.

FAQs

1. What is the AWS Load Balancer Controller Addon?

ANS: – The AWS Load Balancer Controller Addon is an extension that enables the management of AWS Elastic Load Balancers within a Kubernetes cluster. It simplifies the provisioning and management of Application Load Balancers (ALBs) and Network Load Balancers (NLBs) using Kubernetes resources like Ingress and Service.

2. What are the benefits of using the AWS Load Balancer Controller Addon?

ANS: – The AWS Load Balancer Controller Addon offers several advantages:

  1. Simplified configuration: It abstracts the complexities of managing load balancers and provides a declarative way to define and manage them using Kubernetes resources.
  2. Automation: It automatically creates and updates load balancers based on changes in the cluster.
  3. Integration with other AWS services: It seamlessly integrates with other AWS services like Auto Scaling Groups, enabling dynamic scaling of backend instances based on traffic patterns.

3. How does NGINX Ingress work?

ANS: – NGINX Ingress operates as a reverse proxy, receiving incoming traffic and forwarding it to the appropriate backend services based on the defined rules. It can perform various functions like load balancing, SSL termination, path-based routing, and more.

WRITTEN BY Bhanu Prakash K

K Bhanu Prakash is working as a Subject Matter Expert in CloudThat. He is proficient in Managing and configuring AWS Infrastructure as well as on Kubernetes and DevOps tools like Terraform, ansible, Jenkins, and Git. He is very keen on learning new technologies and publishing blogs for the tech community.

Share

Comments

    Click to Comment

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!