Target Groups in EKS Ingress

I hope this message finds you well. I am writing to seek assistance regarding a configuration issue I am facing with my AWS Elastic Kubernetes Service (EKS) deployment.

Background: I am currently using AWS EKS to manage my deployment, which includes applications running on both Windows and Linux nodes. Specifically, I have two types of node groups: one for Windows (unmanaged) and one for Linux (managed).

Issue: I have successfully created deployment and service files for both Windows and Linux applications. However, when configuring an Ingress resource with two target groups, all available instances are included in both target groups. To address this, I attempted to use the alb.ingress.kubernetes.io/target-node-labels annotation to specify the nodes for each target group. Unfortunately, when using this annotation with multiple labels, it selects nodes that have both labels instead of assigning different nodes with different labels to each target group.

Request for Assistance: I am seeking guidance on how to configure the Ingress resource so that each target group includes nodes with specific labels, allowing me to segregate Windows and Linux instances accordingly. Specifically, I need a solution that enables me to specify different nodes with different labels for each target group.

Providing ingress file for reference:-

apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: tg-alb annotations: # alb.ingress.kubernetes.io/subnets: subnet-02d7ff1dd240c3e0d,subnet-009b9a59162938d6c alb.ingress.kubernetes.io/scheme: "internet-facing" alb.ingress.kubernetes.io/target-type: "instance" alb.ingress.kubernetes.io/target-node-labels: name=node1,name2=node2 alb.ingress.kubernetes.io/ssl-policy: "ELBSecurityPolicy-TLS13-1-2-2021-06" alb.ingress.kubernetes.io/healthcheck-interval-seconds: "10" alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "5" alb.ingress.kubernetes.io/success-codes: "200-299" alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]' alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' alb.ingress.kubernetes.io/certificate-arn: "arn:aws:acm:us-west-2:234567173:certificate/2ad8c097-0d74-45f1-8ed8-e3db1c5d90b6" spec: ingressClassName: alb rules:

host: jeetdomain.shop http: paths:
- path: / pathType: Prefix backend: service: name: nginx-service-2 port: number: 80
host: demo.jeetdomain.shop http: paths:
- path: / pathType: Prefix backend: service: name: nginx-service port: number: 80 tls:
secretName: global-cd-tls hosts:
- jeetdomain.shop
secretName: global-cd-tls hosts:
- demo.jeetdomain.shop

Topics

Containers Networking & Content Delivery Compute

Relevant content

How to make EKS Ingress with ALB partly private?
Accepted Answer
mc2609
asked a year ago
EKS NLB target groups protocol change to https
Accepted Answer
francly
asked 2 years ago
Trouble accessing REST APIs with VPC Link for my EKS cluster - Seeking assistance and potential solutions
rePost-User-8150617
asked 10 months ago
AWS EKS node groups: Code=NodeCreationFailure, Message=Instances failed to join the Kubernetes cluster
thanuts
asked 3 months ago
How do I access the Kubernetes Dashboard on a custom path in Amazon EKS?
AWS OFFICIALUpdated a year ago
Why am I unable to connect from Amazon EKS to other AWS services?
AWS OFFICIALUpdated a year ago
How do I provide external access to multiple Kubernetes services in my Amazon EKS cluster?
AWS OFFICIALUpdated 2 years ago
How do I troubleshoot load balancers created by the Kubernetes service controller in Amazon EKS?
AWS OFFICIALUpdated a year ago
Why am I seeing charges for 'Public IPv4 addresses' when I am under the AWS free tier?
EXPERT
dnyanesh-db
published 2 months ago
Amazon EKS and Kubernetes sessions at AWS re:Invent 2023
EXPERT
chrpotr
published 5 months ago