got one beginners question. Currently, I am trying to setup some basic Kubernetes schema in AWS such as Deployment -> Service -> Ingress -> Network Load Balancer.
Worker nodes and Ingress should run in private subnets while LoadBalancer should be public. The problem is that right now, we have only Private subnets in our EKS Cluster, like this.
EksCluster:
Type: AWS::EKS::Cluster
Properties:
Name: !Ref AWS::StackName
ResourcesVpcConfig:
SecurityGroupIds:
- !Ref VpcPrivateSecurityGroup
SubnetIds:
- !Ref VpcPrivateSubnetA
- !Ref VpcPrivateSubnetB
- !Ref VpcPrivateSubnetC
RoleArn: !GetAtt EksRole.Arn
Version: "1.14"So the LoadBalancer is not created because of "could not find any suitable subnets for creating the ELB" error - there are no public subnets available.
The question is - how can I configure this cluster to use both Private and Public subnets? And how can be there subnets configured so they would use correct security groups (because, obviously, private subnets shouldnt use "VpcPrivateSecurityGroup"). Is there a way to mix it? And if not, how can I setup this public NLB / private workers scenario?
Thanks a million
You need to have both private and public subnets while creating the EKS cluster. Recommended network architecture is used private subnets for your worker nodes, and public subnets for Kubernetes to create public load balancers within.
Please refer to the below AWS link
https://docs.aws.amazon.com/eks/latest/userguide/create-public-private-vpc.html