EKS Fargate - 没有出站互联网访问的私有集群的入口控制器?不支持 aws-alb-ingress
EKS Fargate - ingress controller for a private cluster with no outbound internet access? aws-alb-ingress not supported
EKS Fargate 可以在没有出站互联网访问权限的私有 EKS 集群中使用吗?
根据 AWS 文档,没有出站互联网访问权限的私有 EKS 集群不支持 aws-alb-ingress 控制器:
https://docs.aws.amazon.com/eks/latest/userguide/private-clusters.html
AWS Fargate is supported with private clusters. You must include the
STS VPC endpoint. For more information, see VPC endpoints for private
clusters. You must use a third-party ingress controller with AWS
Fargate because the ALB Ingress Controller on Amazon EKS does not work
in private clusters and because Classic Load Balancers and Network
Load Balancers are not supported on pods running on Fargate.
不幸的是,AWS 在这里没有提供关于第三方选项的建议。我无法找到任何特定于 EKS Fargate 私有集群的信息。
问题:
1.) 是否有使用适用于 Fargate 的 ALB 的开源入口控制器?
2.) aws-alb-ingress 控制器在私有集群中无法工作是否有特定原因?如果这是问题所在,我也许可以请求对特定端口的出站访问,但 AWS 没有提供这方面的任何详细信息。
我最终使用应用程序网格入口执行此操作:
https://aws.amazon.com/blogs/containers/introducing-ingress-support-in-aws-app-mesh/
文档中的那一段已更改 as-of mid/end 十月,现在说
AWS Fargate is supported with private clusters. You must include the STS VPC endpoint. For more information, see VPC endpoints for private clusters. You can use the AWS load balancer controller to deploy AWS Application Load Balancers and Network Load Balancers with. The controller supports network load balancers with IP targets, which are required for use with Fargate. For more information, see Application load balancing on Amazon EKS and Load balancer – IP targets.
我强调了变化的部分。
所以你现在可以将ALB-basedIngress用于私有集群,newly-introduced IP-target mode for LoadBalancer Service也支持私有集群。
请注意,这需要 AWS Load Balancer Controller,这是 aws-alb-ingress-controller 的新版本。
EKS Fargate 可以在没有出站互联网访问权限的私有 EKS 集群中使用吗?
根据 AWS 文档,没有出站互联网访问权限的私有 EKS 集群不支持 aws-alb-ingress 控制器:
https://docs.aws.amazon.com/eks/latest/userguide/private-clusters.html
AWS Fargate is supported with private clusters. You must include the STS VPC endpoint. For more information, see VPC endpoints for private clusters. You must use a third-party ingress controller with AWS Fargate because the ALB Ingress Controller on Amazon EKS does not work in private clusters and because Classic Load Balancers and Network Load Balancers are not supported on pods running on Fargate.
不幸的是,AWS 在这里没有提供关于第三方选项的建议。我无法找到任何特定于 EKS Fargate 私有集群的信息。
问题:
1.) 是否有使用适用于 Fargate 的 ALB 的开源入口控制器?
2.) aws-alb-ingress 控制器在私有集群中无法工作是否有特定原因?如果这是问题所在,我也许可以请求对特定端口的出站访问,但 AWS 没有提供这方面的任何详细信息。
我最终使用应用程序网格入口执行此操作:
https://aws.amazon.com/blogs/containers/introducing-ingress-support-in-aws-app-mesh/
文档中的那一段已更改 as-of mid/end 十月,现在说
AWS Fargate is supported with private clusters. You must include the STS VPC endpoint. For more information, see VPC endpoints for private clusters. You can use the AWS load balancer controller to deploy AWS Application Load Balancers and Network Load Balancers with. The controller supports network load balancers with IP targets, which are required for use with Fargate. For more information, see Application load balancing on Amazon EKS and Load balancer – IP targets.
我强调了变化的部分。
所以你现在可以将ALB-basedIngress用于私有集群,newly-introduced IP-target mode for LoadBalancer Service也支持私有集群。
请注意,这需要 AWS Load Balancer Controller,这是 aws-alb-ingress-controller 的新版本。