Target Groups in EKS Ingress

I hope this message finds you well. I am writing to seek assistance regarding a configuration issue I am facing with my AWS Elastic Kubernetes Service (EKS) deployment.

Background: I am currently using AWS EKS to manage my deployment, which includes applications running on both Windows and Linux nodes. Specifically, I have two types of node groups: one for Windows (unmanaged) and one for Linux (managed).

Issue: I have successfully created deployment and service files for both Windows and Linux applications. However, when configuring an Ingress resource with two target groups, all available instances are included in both target groups. To address this, I attempted to use the alb.ingress.kubernetes.io/target-node-labels annotation to specify the nodes for each target group. Unfortunately, when using this annotation with multiple labels, it selects nodes that have both labels instead of assigning different nodes with different labels to each target group.

Request for Assistance: I am seeking guidance on how to configure the Ingress resource so that each target group includes nodes with specific labels, allowing me to segregate Windows and Linux instances accordingly. Specifically, I need a solution that enables me to specify different nodes with different labels for each target group.

Providing ingress file for reference:-

apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: tg-alb annotations: # alb.ingress.kubernetes.io/subnets: subnet-02d7ff1dd240c3e0d,subnet-009b9a59162938d6c alb.ingress.kubernetes.io/scheme: "internet-facing" alb.ingress.kubernetes.io/target-type: "instance" alb.ingress.kubernetes.io/target-node-labels: name=node1,name2=node2 alb.ingress.kubernetes.io/ssl-policy: "ELBSecurityPolicy-TLS13-1-2-2021-06" alb.ingress.kubernetes.io/healthcheck-interval-seconds: "10" alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "5" alb.ingress.kubernetes.io/success-codes: "200-299" alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]' alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' alb.ingress.kubernetes.io/certificate-arn: "arn:aws:acm:us-west-2:234567173:certificate/2ad8c097-0d74-45f1-8ed8-e3db1c5d90b6" spec: ingressClassName: alb rules:

• host: jeetdomain.shop http: paths:
  • path: / pathType: Prefix backend: service: name: nginx-service-2 port: number: 80
• host: demo.jeetdomain.shop http: paths:
  • path: / pathType: Prefix backend: service: name: nginx-service port: number: 80 tls:
• secretName: global-cd-tls hosts:
  • jeetdomain.shop
• secretName: global-cd-tls hosts:
  • demo.jeetdomain.shop