1
apiVersion: v1
kind: Service
metadata:
  name: ingress-nginx
  namespace: ingress-nginx
  labels:
    app: ingress-nginx
spec:
  type: LoadBalancer
  externalIPs:
  - {{  vip_address }}
  ports:
  - port: 80
    targetPort: 80
  selector:
    app: ingress-nginx

PublicIP/ElasticIP ==> AWS ELB/CLB ==> VIP/PrivateIP(NGINX Ingress Controller) ==> for access to k8s service.

I already have the Ingress controller running on k8s master in ec2 node.
Is there any particular type such as Classic or Application LB need to be chosen since static IP is used?
Also, can I do a standalone provisioning of the LB and configure the traffic to be forwarded to vip?

rufus
  • 61
  • 6
  • There's no point editing your question after you've accepted an answer. Ask another question if you would like more help. – Tim Dec 28 '18 at 03:28

2 Answers2

2

You can not use an Elastic IP with an ALB/ELB.

Either you can assign an EIP to one EC2 instance directly or you can use an ALB (or classic ELB) but then you do not get a static IP, just a fixed hostname (that you can use a CNAME with).

frsechet
  • 136
  • 4
  • ok..fine. Now, which IP do i need to configure for the backend of the ELB? The nginx controller currently having the externalIP field configured with the privateIP of the master node. – rufus Dec 27 '18 at 12:13
  • Again, you can not use a fixed IP in your scenario because ALBs do not provide a fixed ip. They give you a hostname that you can use! – frsechet Dec 27 '18 at 12:19
2

The AWS Network Load Balancer (NLB) can be assigned an static / elastic IP address. More information here.

You should probably consider why you need a static IP. Usually your CNAME resolves to the ELB IP, which can change, but CNAME resolution is fine. I don't really understand your problem.

Tim
  • 30,383
  • 6
  • 47
  • 77
  • ok. requirement is for the communication between Ingress Controller and to external via aws LB.In k8s ingress controller, for LoadBalancer service type loadBalancerIP can be specified only. So was looking for using the Elastic IP directly because LB IP might get changed. However, I need to dig more to find a way of not using the externalIP field in Ingress Controller or may be a VIP of the cluster and using that as backend of the ELB. – rufus Dec 27 '18 at 12:38
  • I suggest you start a new question saying what you're trying to achieve at the business level, rather than your current solution. Maybe we can help work out a more elegant solution, what you've said sounds a bit odd - though I haven't given it much thought. I don't know much about k8s but I've done a lot of work around ingress and egress monitoring and control in AWS. – Tim Dec 27 '18 at 18:59
  • question was not about k8s but making of ingress controller connectivity to type of LB when static/elastic IP is used instead of using LB's IP. And got clarified that static IP can not be used. – rufus Dec 28 '18 at 04:01