LogoLogo
WebsiteGarden Core
Edge
Edge
  • welcome
  • 🌳Getting Started
    • Adding Your First Project
    • Running Triggered Workflows
  • 🌿Guides
    • Authenticating to your Providers
    • Automatic Environment Cleanup
    • User Groups, Roles and Permissions
    • Authentication via SAML
    • StackStreams
    • Managing Secrets
    • One-click Preview Environments
  • 🌺VCS Providers
    • Setting Up a GitHub App
    • Setting Up a GitLab App
  • 💐Cloud
    • Requirements
  • 🌻Enterprise (Self-Hosted)
    • Requirements
    • Installation
    • Updating Garden Enterprise
    • Vault
    • PostgreSQL Configuration
    • Creating KMS Keys
    • Creating an AWS Load Balancer
    • Monitoring Services
    • Environment Configuration
    • Updating the Admin Console
  • 🌹Misc
    • Release Notes
    • FAQ
    • Troubleshooting
Powered by GitBook
On this page

Was this helpful?

  1. Enterprise (Self-Hosted)

Creating an AWS Load Balancer

PreviousCreating KMS KeysNextMonitoring Services

Last updated 3 years ago

Was this helpful?

This guide shows you how to add an application load balancer in front of your Garden Enterprise Kubernetes Cluster in AWS. There are different ways to achieve this, this is a simple recommendation on how to get this done.

There are six steps to creating an application load balancer. These are outlined in the official AWS documentation as follows.

Step 1: .

Step 2: . You'll need to configure the availability zones so that your new load balancer is in the same VPC as your EKS cluster and in a public subnet.

Step 3: . Here you'll need to apply the security group that your EKS worker nodes are using. This is necessary for the load balancer to be able to forward traffic to the worker nodes. Furthermore you'll need to add a security group for port 80 and port 443 so that they are open to accepting connections through the public internet.

Step 4: . When configuring the health checks on the target groups in this step please choose the success codes 200 - 404. This is necessary because we also want the default backend which returns 404 to be recognized as healthy.

As an alternative to configuring the load balancer via AWS Console, you can also use terraform. This small snippet is an example on how to set up an application load balancer. Please keep in mind that you again need to pay attention to the security groups and health checks. You will need to replace all of the values starting with my- with your own.

module "alb" {
  source  = "terraform-aws-modules/alb/aws"
  version = "~> 5.0"

  name = "garden-enterprise-lb"

  load_balancer_type = "application"

  vpc_id             = "my-eks-vpc-id"
  subnets            = ["my-public-subnet"]
  security_groups    = ["my-http-and-https-secgroup", "my-eks-workernode-secgroup"]

  target_groups = [
    {
      name_prefix      = "default-"
      backend_protocol = "HTTP"
      backend_port     = 80
      target_type      = "instance"
      health_check     = { matcher = "200-404" }
    }
  ]

  https_listeners = [
    {
      port               = 443
      protocol           = "HTTPS"
      certificate_arn    = "my-certificate-resource"
      target_group_index = 0
    }
  ]

  http_tcp_listeners = [
    {
      port        = 80
      protocol    = "HTTP"
      action_type = "redirect"
      redirect = {
        port        = "443"
        protocol    = "HTTPS"
        status_code = "HTTP_301"
      }
    }
  ]

  tags = {
    Environment = "Garden-LB"
  }
}

Step 5: . Here you will need to select your worker nodes from your EKS cluster as the targets in the target group.

Step 6: .

Please also check the documentation on the .

🌻
Configure targets for the target group
Create the load balancer
application load balancer terraform module
Configure a load balancer and a listener
Configure security settings for an HTTPS listener
Configure a security group
Configure a target group
Configuring health checks on the target group