Co-authored-by: msanft <58110325+msanft@users.noreply.github.com>
1.9 KiB
Expose a service
Constellation integrates the native load balancers of each CSP. Therefore, to expose a service simply create a service of type LoadBalancer
.
Internet-facing LB service on AWS
To expose your application service externally you might want to use a Kubernetes Service of type LoadBalancer
. On AWS, load-balancing is achieved through the AWS Load Balancer Controller as in the managed EKS.
Since recent versions, the controller deploy an internal LB by default requiring to set an annotation service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
to have an internet-facing LB. For more details, see the official docs.
For general information on LB with AWS see Network load balancing on Amazon EKS.
:::caution Before terminating the cluster, all LB backed services should be deleted, so that the controller can cleanup the related resources. :::
Ingress on AWS
The AWS Load Balancer Controller also provisions Ingress
resources of class alb
.
AWS Application Load Balancers (ALBs) can be configured with a target-type
.
The target type ip
requires using the EKS container network solution, which makes it incompatible with Constellation.
If a service can be exposed on a NodePort
, the target type instance
can be used.
See Application load balancing on Amazon EKS for more information.
:::caution Ingress handlers backed by AWS ALBs reside outside the Constellation cluster, so they shouldn't be handling sensitive traffic! :::