LogoLogo
WebsiteGarden Core
Main
Main
  • Welcome!
  • 🌳Getting Started
    • Adding Your First Project
  • 🌺Features
    • Live Mode
    • Insights
    • Secrets
    • One-click Preview Environments
    • Automatic Environment Cleanup
    • User Groups, Roles and Permissions
    • Cloud Workflows
    • Service Accounts
    • Cloud Builder
  • 🌿Guides
    • Setting Up a GitHub App
    • Setting Up a GitLab App
    • Authenticating to Cloud Providers
    • Authentication via SAML
  • 💐Cloud
    • Requirements
  • 🌻Enterprise (Self-Hosted)
    • Requirements
    • Installation
    • Updating Garden Enterprise
    • Vault
    • PostgreSQL Configuration
    • Creating KMS Keys
    • Creating an AWS Load Balancer
    • Monitoring Services
    • Environment Configuration
    • Updating the Admin Console
  • 🌹Misc
    • Release Notes
    • FAQ
    • Troubleshooting
Powered by GitBook
On this page

Was this helpful?

  1. Enterprise (Self-Hosted)

Creating an AWS Load Balancer

PreviousCreating KMS KeysNextMonitoring Services

Last updated 2 years ago

Was this helpful?

This guide shows you how to add an application load balancer in front of your Garden Enterprise Kubernetes Cluster in AWS.

We will outline the process in six steps with references to the official AWS documentation.

Step 1: Configure a load balancer and a listener.

Step 2: Configure security settings for an HTTPS listener. You'll need to configure the availability zones so that your new load balancer is in the same VPC as your EKS cluster and in a public subnet.

Step 3: Configure a security group. Here you'll need to apply the security group that your EKS worker nodes are using. This is necessary for the load balancer to be able to forward traffic to the worker nodes. Furthermore you'll need to add a security group for port 80 and port 443 so that they are open to accepting connections through the public internet.

Step 4: Configure a target group. When configuring the health checks on the target groups in this step please choose the success codes 200 - 404. This is necessary because we also want the default backend which returns 404 to be recognized as healthy.

Step 5: Configure targets for the target group. Here you will need to select your worker nodes from your EKS cluster as the targets in the target group.

Step 6: Create the load balancer.

As an alternative to configuring the load balancer via AWS Console, you can also use terraform. This small snippet is an example on how to set up an application load balancer. Please keep in mind that you again need to pay attention to the security groups and health checks. You will need to replace all of the values starting with my- with your own.

Please also check the documentation on the application load balancer terraform module.

module "alb" {
  source  = "terraform-aws-modules/alb/aws"
  version = "~> 5.0"

  name = "garden-enterprise-lb"

  load_balancer_type = "application"

  vpc_id             = "my-eks-vpc-id"
  subnets            = ["my-public-subnet"]
  security_groups    = ["my-http-and-https-secgroup", "my-eks-workernode-secgroup"]

  target_groups = [
    {
      name_prefix      = "default-"
      backend_protocol = "HTTP"
      backend_port     = 80
      target_type      = "instance"
      health_check     = { matcher = "200-404" }
    }
  ]

  https_listeners = [
    {
      port               = 443
      protocol           = "HTTPS"
      certificate_arn    = "my-certificate-resource"
      target_group_index = 0
    }
  ]

  http_tcp_listeners = [
    {
      port        = 80
      protocol    = "HTTP"
      action_type = "redirect"
      redirect = {
        port        = "443"
        protocol    = "HTTPS"
        status_code = "HTTP_301"
      }
    }
  ]

  tags = {
    Environment = "Garden-LB"
  }
}
🌻
Configuring health checks on the target group