Alauda Container Platform

AWS EKS Supplementary Information

TOC

Terminology

AbbreviationFull NameDescription
eks-clbClassic Load BalancerAWS default load balancer. Has issues in certain situations and is not recommended.
eks-nlbNetwork Load BalancerAWS Layer 4 load balancer that performs load balancing at TCP/UDP level, suitable for scenarios requiring higher-level network control.
eks-albApplication Load BalancerAWS Layer 7 load balancer. Compared to eks-nlb, eks-alb can parse HTTP/HTTPS protocols and distribute requests more intelligently, suitable for web applications.
aws-lbAWS Load BalancerLoad balancer installed on Kubernetes that can automatically create eks-nlb and eks-alb based on LoadBalancer Services and Ingress in Kubernetes to meet application load balancing needs.
Platform Load Balancer-Platform's proprietary Layer 7 load balancer.
Service Annotations-Metadata attached to objects in key-value pairs. This additional information can be recognized and utilized to enhance and simplify management of various aspects of Kubernetes resources. Annotations can be explanatory text without specific functionality, specify cloud provider configurations or behaviors, or specify configuration parameters and tools. Very powerful functionality.

Important Notes

When creating load balancers, it's recommended to manually configure service annotations to ensure the platform load balancer correctly uses aws-lb. If the appropriate service annotations are not configured correctly, the platform will default to using eks-clb, which has UDP-related issues that may cause unexpected situations.

EKS Using aws-lb to Provide External Access for Container Network Load Balancers

Service Annotation Configuration Instructions

  1. In the corresponding cluster, execute the following command using kubectl to find all Pods in the kube-system namespace with names containing "aws-load":

    kubectl get pod -n kube-system |grep aws-load

  2. Create a load balancer; for detailed creation steps and parameters, see the Load Balancer creation section in AWS EKS Service Annotation Instructions.

    • If the above command returns no related Pods, it means the cluster does not have AWS Load Balancer Controller installed. No service annotations are needed; create the load balancer directly.

    • If the above command returns related Pods, it means the cluster has AWS Load Balancer Controller installed. When creating a load balancer in the corresponding cluster, add the following service annotations. For annotation details, see AWS EKS Service Annotation Instructions:

      • service.beta.kubernetes.io/aws-load-balancer-type: external //Required
      • service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip //Required
      • service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing // Optional. Add this annotation if public network support is needed.

Access Address Acquisition Method

  • When creating container network type load balancers, the filled service annotations will be set on the LoadBalancer Service corresponding to the platform load balancer.

  • In public clouds, LoadBalancer Services with appropriate service annotations will be recognized by the public cloud and assigned addresses. The platform load balancer will read this address and set it as its own access address.