A single AWS Elastic Load Balancer for several Kubernetes services using Kubernetes Ingress

We are using Kubernetes 1.4 in AWS to host several websites. Originally we had one pod and one service per website. We then created one Elastic Load Balancer (ELB) per website.

original architecture

Original architecture

To simplify the drawings we have indicated pods but you’ll see that we actually use deployments.

As those websites are for development purposes, we wanted to reduce costs by limiting the number of ELBs. To achieve this, we use Kubernetes Ingress. Ingresses allow you to define rules to direct the traffic to the right services.

New architecture

New architecture

In practice

Here is the Kubernetes configuration to generate our new architecture.

Ingress controller

In order to use Kubernetes Ingress, an Ingress controller is needed. It will watch the Kubernetes Ingresses and apply their rules. In our case, we will use a simple Nginx Ingress controller.

We will also add a Service that will create an ELB pointing to the Ingress controller. All our websites will have their domain names pointing to that ELB.

Default backend

We will also launch a simple web server, that will be called when no Ingress rules match the request. In our case it will return a HTTP 404 with the message “default backend – 404”

Ingress

The Ingress resource will indicate to which service the traffic should be directed depending on the hostname that has been provided.

Website container and service

There will be as many entries as there are websites.

References

Don’t hesitate to ask questions.

Comments

  1. Neverfox says:

    This is a great example of what I understand is the new recommended pattern for external endpoints. However, I can see a possible disadvantage of this setup. We often use CloudWatch alerts on our ELBs to monitor things like latency or health, but wouldn’t having all traffic go through one ELB make it difficult or impossible to judge things for individual services? It seems like this would require moving those checks into a custom solution further down. Also, are there any performance impacts for pushing everything through one ELB and ingress controller?

    • Céline Aussourd says:

      Yes, you are totally right. We use this setup only in our development environment in order to reduce costs. I wouldn’t recommend this setup in a production environment.

  2. Luis Cordova says:

    what setup then do you recommend for production if not this? 😀

Leave a comment

Please prove that you are human: