K
Q

Kubernetes ALB ingress: How to expose multiple ports on ingress resource

9/23/2019

I'm trying to find a solution for the problem that seems like something very common.

  1. I have a k8s cluster ip service which exposes two ports: 8088 and 60004
  2. I would like to expose these same ports on ALB and not use path based routing

This works for exposing one service on 8088 port:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/healthcheck-path: /ping
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 8088}]'
spec:
  rules:
    - host: myhost
      http:
        paths:
          - path: /*
            backend:
              serviceName: firstservice
              servicePort: 8088

How can the same thing be achieved for both services using ONE ingress?

Thanks in advance.

-- Bakir Jusufbegovic
aws-alb
kubernetes
kubernetes-ingress

Similar Questions

Containerising application - design pattern
1 minute Service timeout for AMLS models deployed on ACI or AKS
image.tag (in values.yaml) vs. appVersion (in Chart.yaml)
kubernetes: specifying maxUnavailable in both Deployment and PDB
How to create tls certs which I can use in kubernetes?

1 Answer

10/14/2019

Eventually, to solve this problem, I've used ALB ingress controller group feature, which is currently in alpha state: https://github.com/kubernetes-sigs/aws-alb-ingress-controller/issues/914

This is how my ingress resource looks now:

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress_1
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/group.name: mygroup
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 8088}]'
spec:
  rules:
    - host: <HOST>
      http:
        paths:
          - path: /*
            backend:
              serviceName: myservice
              servicePort: 8088
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: myingress_2
  namespace: myns
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/tags: Environment=dev,Team=test
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/group.name: mygroup
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 60004}]'
spec:
  rules:
    - host: <HOST>
      http:
        paths:
          - path: /*
            backend:
              serviceName: myservice
              servicePort: 60004

where key thing is

alb.ingress.kubernetes.io/group.name: mygroup

which connects these two ingress resources.

Therefore, I end up with following:

  • Service with multiple (two) ports in k8s exposed with two separate ingress resources but they both point to the same AWS ALB (because of the same group name)
  • On the AWS ALB side, I get one ALB with two ports exposed: 8088 and 60004 and each of them points to same k8s service but different port on the same pod (this could easily be two different k8s services if that was needed)
-- Bakir Jusufbegovic
Source: StackOverflow