2 Answers
- Newest
- Most votes
- Most comments
0
- NAT gateway so that instances in a private subnet can connect to services outside your VPC but external services cannot initiate a connection with those instances. Please check here https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html for public and private connectivity. Pricing: When you provision a NAT gateway, you are charged for each hour that your NAT gateway is available and each Gigabyte of data that it processes. Please check the link above for cost considerations.
- Both Application Load Balancer and Network Load balancer supports multiple certs, you can associate up to 25 certificates to a load balancer in addition to a default certificate per listener. You have different use cases to select ALB vs NLB, so suggest you pick the right one https://aws.amazon.com/elasticloadbalancing/features/ . If you are using EKS, then when you create a Kubernetes ingress, an AWS Application Load Balancer (ALB) is provisioned that load balances application traffic. Refer here: https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html
- Here is the detailed documentation on using NLB on EKS (if you use EKS) https://docs.aws.amazon.com/eks/latest/userguide/network-load-balancing.html and the NLB pricing is here: https://aws.amazon.com/elasticloadbalancing/pricing/
answered a year ago
0
thanks. I have finnaly created all infrastructure using terraform aws modules, and all is working with NLB. I plan to have more thant 25+1 certificates, so the best solution is to use a NLB in passthrough mode (L4) and let cert-manager to deal with public issuers.
Actually I have one problem: The NLB is multi-az so I have one IP + fqdn per az, and one cname with all other fqdn on the top. I'd like to have just one IP to access to my service that I can configure on a root domain (xxxx.com). I'm reading about global accelerator but I don't know if another solutions exists ?
answered a year ago
Relevant content
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 months ago