Questions about Target groups and the AWS Ingress Controller

[Vincent Jorgensen]

Hi!

We are using the ALB ingress controller in our preprod environment. We are considering strategies for migrating our non-Kubernetes prod environment over to Kubernetes and its ALB ingress controller. In that exploration, I have a couple of questions:

1. Is it possible to include non-Kubernetes Target Groups in the ingress backend?

2. Is it possible to create just a Target Group (and not the ALB) so that I could use that as ruleset target clone in a different ALB?

Thank you and regards,

Vincent

[Ilya Dmitrichenko]

Hi Vincent,

Could you please explain what would be the reason to do it this way, Vs just running your apps on Kubernetes OR using CloudFormation/Terraform to manage ALBs?

Ilya 

--
You received this message because you are subscribed to the Google Groups "kubernetes-sig-aws" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-sig-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kubernetes-sig-aws/c4f02411-d408-4635-b18f-cb1aa63cc056%40googlegroups.com.

[Vincent Jorgensen]

Hi Ilya,

Good question! Our existing (non-Kubernetes) infrastructure is fronted by an ALB and Target Groups created through CloudFormation. We have various listener rules to route requests based on headers, uri path, etc. to different TargetGroups (also non-Kubernetes). We are exploring the possibility of migrating one service at time, so either 1) changing one listener rule in the original ALB ruleset, or 2) whether it's possible to redirect from the Kubernetes ALB ingress to a CloudFormation managed TargetGroup.

The issue is that Amazon doesn't permit a TargetGroup to be a member of more than one ALB, so in the case of 1), having the ability to create just a TargetGroup would solve that, as I could specify this "clone" as a member of the original ALB, or in the case 2), being able to specify an ingress rule would permit us to create a TargetGroup via CFN and use that in the ingress ruleset. Another possibility is that I could update the K8s ALB listener ruleset on the AWS Console, but I am uncertain if these manually-entered rules would be overwritten during a rolling update.

Thank you and regards,

Vincent

On Friday, July 26, 2019 at 11:21:37 AM UTC-7, Ilya Dmitrichenko wrote:

Hi Vincent,

Could you please explain what would be the reason to do it this way, Vs just running your apps on Kubernetes OR using CloudFormation/Terraform to manage ALBs?

Ilya 

On Fri, 26 Jul 2019, 6:59 pm Vincent Jorgensen, <vin...@moveworks.ai> wrote:

Hi!

We are using the ALB ingress controller in our preprod environment. We are considering strategies for migrating our non-Kubernetes prod environment over to Kubernetes and its ALB ingress controller. In that exploration, I have a couple of questions:

1. Is it possible to include non-Kubernetes Target Groups in the ingress backend?

2. Is it possible to create just a Target Group (and not the ALB) so that I could use that as ruleset target clone in a different ALB?

Thank you and regards,

Vincent

--
You received this message because you are subscribed to the Google Groups "kubernetes-sig-aws" group.

To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-sig-aws+unsub...@googlegroups.com.

[Vincent Jorgensen]

As an addendum, I used the AWS console to add a listener rule to the ALB ruleset for Kubernetes. It got erased shortly after being added. It appears that the ingress controller for aws albs periodically checks, and enforces, its own rules.