Set up multiple sub domain in aws route 53 to expose Kubernetes

12/20/2018

I've had great difficulties routing traffic to k8s API and services.

First I've created a cluster(k8s.buycheese.com) with KOPS in private topology, within a VPC, so that, master and nodes are only accessible from a bastion using SSH.

I own a domain in namecheap (buycheese.com) and I've created a hosted zone(k8s.buycheese.com) in route53. After KOPS has installed the cluster, it added a couple of record sets to the hosted zone like api.k8s.buycheese.com.

I've added the hosted zone's namespaces to my domain in namecheap, so that I can access the Kubernetes cluster(kubectl). That works correctly!

Next, I've installed an ingress nginx controller. Then I've created 2 ingresses:

  • One to expose the Kubernetes dashboard
  • Another one to expose a nodeJS application

I then tested my nodeJS Application using the ingress nginx ELB's URL and I can confirm that works! So I know that my pods are running correctly and the ELB works fine!

But obviously, I want my applications to be accessed through the domain I own...

So basically:

I need a new subdomain dashboard.buycheese.com to get to the Kubernetes dashboard.

And I need buycheese.com and www.buycheese.com domains to redirect to my nodeJS app.

Well, to do that, I've created a new hosted zone named buycheese.com in route53, and added 4 new namespaces to my domain buycheese.com in namecheap.

Then I've created 2 aliases(A) within that same hosted zone:

dashboard.buycheese.com with Alias Target: ingress nginx's ELB www.buycheese.com with Alias Target: ingress nginx's ELB

Then within my 2 ingress files

# Dashboard
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
  name: kubernetes-dashboard-oidc
  namespace: kube-system
spec:
  rules:
  - host: dashboard.buycheese.com
    http:
      paths:
      - path: /
        backend:
          serviceName: kubernetes-dashboard-oidc
          servicePort: 80


# NodeJS App
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
  name: app
  namespace:default
spec:
  rules:
  - host: buycheese.com
    http:
      paths:
      - path: /
        backend:
          serviceName: app-service
          servicePort: 3000

To sum up I have 2 hosted zones

1) k8s.buycheese.com 2) buycheese.com

2 Alias within hosted zone buycheese.com:

1) www.buycheese.com 2) dashboard.buycheese.com

2 Ingresses to expose the dashboard and my app

That configuration does not work at all! The below URLs are not reachable!

  • dashboard.buycheese.com
  • www.buycheese.com
  • buycheese.com

Only the ELB's URL works!

So first I would like to know whether my set up is correct(obviously no, but why ?)

What's the right way to make all of those URLs exposing my services and applications?

Thanks for your help!

-- jaybe78
amazon-route53
amazon-web-services
kubernetes
kubernetes-ingress

2 Answers

12/20/2019

I created new record set in Route 53 with Type=A and alias to my ELB DNS Name for me also initially the same problem was there but after waiting for some time it started working this could be DNS propagation issue as told by denixtry

-- Nithya
Source: StackOverflow

12/20/2018

The only thing that I think may be happening here is that Alias Target: is not forwarding to the ELB.

You can try using CNAME records instead. You can always test using dig from the command line:

$ dig buycheese.com
$ dig www.buycheese.com
$ dig dashboard.buycheese.com
-- Rico
Source: StackOverflow