0

I am trying to set a static private IP address for a Kubernetes loadbalancer service during its creation:

apiVersion: v1
kind: Service
metadata:
  name: web-server-service-lb
  namespace: web
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-type: "nlb-ip"
    service.beta.kubernetes.io/aws-load-balancer-internal: "true"
    service.beta.kubernetes.io/aws-load-balancer-private-ipv4-addresses: "10.9.4.55, 10.9.1.55"
    service.beta.kubernetes.io/aws-load-balancer-subnets: "subnet-02500d74cef5fef04, subnet-0e32bdf9ae9de8145"
spec:
  type: LoadBalancer
  selector:
    app: web
  ports:
    - protocol: TCP
      port: 5000
      targetPort: 80

I have tried something like this but when describing the service that it created it does not show the static IP address I set:

Name:                     web-server-service-lb
Namespace:                web
Labels:                   <none>
Annotations:              service.beta.kubernetes.io/aws-load-balancer-internal: true
                          service.beta.kubernetes.io/aws-load-balancer-private-ipv4-addresses: 10.9.4.55, 10.9.1.55
                          service.beta.kubernetes.io/aws-load-balancer-subnets: subnet-02500d74cef5fef04, subnet-0e32bdf9ae9de8145
                          service.beta.kubernetes.io/aws-load-balancer-type: nlb-ip
Selector:                 app=web
Type:                     LoadBalancer
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       172.20.140.81
IPs:                      172.20.140.81
Port:                     <unset>  5000/TCP
TargetPort:               80/TCP
NodePort:                 <unset>  30878/TCP
Endpoints:                10.9.1.194:80
Session Affinity:         None
External Traffic Policy:  Cluster

Is the service I created incorrectly in some way?

This is all being deployed in AWS/Kubernetes.

Gene Smith
  • 169
  • 12

2 Answers2

0

Go to the Console > ELB > [Select your NLB> and check the IP assigned to your NLB at the "Network mapping" tab. The IP listed there should be those stated in the annotation, eg. 10.9.4.55, 10.9.1.55.

The main goal is to create a static way to access a service that is running in the cluster.

That's exactly what the NLB do for you.

gohm'c
  • 13,492
  • 1
  • 9
  • 16
  • The problem is I cannot do it through the console. It needs to all be done in yaml some way like above. – Gene Smith Mar 24 '23 at 11:07
  • Note NLB and K8s service are two different things. You **do not** create anything on the Console, you only check if the private IP is correctly assigned. You are using the NLB when you use these private IP addresses for connectivity. – gohm'c Mar 24 '23 at 11:28
0

An Elastic IP address is a reserved public IP address that you can assign to your NLB in a particular region until you choose to release it.

As stated, EIP is public which means you can't have an internal NLB which you have in your configuration. I don't believe there is something such as "Private Elastic IP" which other answers suggest.

Your option here is to make your NLB public-facing, moving it to public subnets. Then provision two EIPs (as you have two subnets) and associate them with your NLB using the following annotation:

 service.beta.kubernetes.io/aws-load-balancer-eip-allocations
marcincuber
  • 3,451
  • 1
  • 17
  • 29
  • Unfortunately, I need it to be private as I don't want it exposed out. The main goal is to create a static way to access a service that is running in the cluster. However what i am connecting from is not within the cluster, but still within the same VPC. – Gene Smith Mar 24 '23 at 09:58
  • So, you are better off creating route53 hosted zone (private one) and associating your vpc with it. Next step would be to use external dns to create an endpoint in the newly created private hosted zone point to your internal LB. That way you will have a fixed endpoint. – marcincuber Mar 24 '23 at 10:51