K
Q

Upgrade classic loadbalancer to network loadbalancer

2/2/2021

I am having trouble upgrading our CLB to a NLB. I did a manual upgrade via the wizard through the console, but the connectivity wouldn't work. This upgrade is needed so we can use static IPs in the loadbalancer. I think it needs to be upgraded through kubernetes, but my attempts failed.

What I (think I) understand about this setup is that this loadbalancer was set up using Helm. What I also understand is that the ingress (controller) is responsible for redirecting http requests to https. and that this lb is working on layer 4.

apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-ingress
    chart: nginx-ingress-1.30.0
    component: controller
    heritage: Tiller
    release: nginx-ingress-external
  name: nginx-ingress-external-controller
  namespace: kube-system
  selfLink: /api/v1/namespaces/kube-system/services/nginx-ingress-external-controller
spec:
  clusterIP: 172.20.41.16
  externalTrafficPolicy: Cluster
  ports:
  - name: http
    nodePort: 30854
    port: 80
    protocol: TCP
    targetPort: http
  - name: https
    nodePort: 30621
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app: nginx-ingress
    component: controller
    release: nginx-ingress-external
  sessionAffinity: None
  type: LoadBalancer
status:
  loadBalancer:
    ingress:
    - hostname: xxx.region.elb.amazonaws.com

How would I be able to perform the upgrade by modifying this configuration file?

-- aardbol
amazon-web-services
kubernetes
load-balancing

Similar Questions

Shell Script to find newly added pods in kubernetes on day basics
TLS setup on K8S Ingress with Traefik
Kubernetes RBAC role for tiller
How to best run Apache Airflow tasks on a Kubernetes cluster?
Failed to retrieve Ignite pods IP addresses when running spark client

1 Answer

2/10/2021

As @Jonas pointed out in the comments section, creating a new LoadBalancer Service with the same selector as the existing one is probably the fastest and easiest method. As a result we will have two LoadBalancer Services using the same ingress-controller.

You can see in the following snippet that I have two Services (ingress-nginx-1-controller and ingress-nginx-2-controller) with exactly the same endpoint:

$ kubectl get pod -o wide ingress-nginx-1-controller-5856bddb98-hb865
NAME                                          READY   STATUS    RESTARTS   AGE   IP         
ingress-nginx-1-controller-5856bddb98-hb865   1/1     Running   0          55m   10.36.2.8

$ kubectl get svc ingress-nginx-1-controller ingress-nginx-2-controller
NAME                         TYPE           CLUSTER-IP     EXTERNAL-IP     
ingress-nginx-1-controller   LoadBalancer   10.40.15.230   <PUBLIC_IP>   
ingress-nginx-2-controller   LoadBalancer   10.40.11.221   <PUBLIC_IP>   

$ kubectl get endpoints ingress-nginx-1-controller ingress-nginx-2-controller
NAME                         ENDPOINTS                    AGE
ingress-nginx-1-controller   10.36.2.8:443,10.36.2.8:80   39m
ingress-nginx-2-controller   10.36.2.8:443,10.36.2.8:80   11m

Additionally to avoid downtime, we can first change the DNS records to point at the new LoadBalancer and after the propagation time we can safely delete the old LoadBalancer Service.

-- matt_j
Source: StackOverflow