-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
New Feature: Multi Cluster TargetGroupBindings (#3853)
* implement multicluster support * correct documentation
- Loading branch information
Showing
32 changed files
with
1,897 additions
and
96 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,121 @@ | ||
# MultiCluster Target Groups | ||
|
||
The load balancer controller assumes full control over the configured target groups. When a target group is registered with the controller it de registers any targets not currently in the cluster. Target groups that have MultiCluster support enabled can be associated to multiple Kubernetes clusters or support arbitrary targets from other sources. | ||
|
||
|
||
## Overview | ||
|
||
When enabled, MultiCluster mode supports multiple methods, and every cluster associated with a target group has one of these methods. It's recommended to use new resources when configuring MutliCluster mode. There is a period of time when MultiCluster must take a snapshot of the cluster state in order to support the selected mode. This data is stored into ConfigMap, which resides in the same namespace as your load balancer resources. ConfigMap stores snapshots of managed targets at `aws-lbc-targets-$TARGET_GROUP_BINDING_NAME` | ||
|
||
When using an ALB, you must specify this annotation in the ingress or service: | ||
|
||
`alb.ingress.kubernetes.io/multi-cluster-target-group: "true"` | ||
|
||
When using an NLB, you specify this annotation in your service: | ||
|
||
`service.beta.kubernetes.io/aws-load-balancer-multi-cluster-target-group: "true"` | ||
|
||
When using any out-of-band TargetGroupBindings, you must specify this field in the spec: | ||
|
||
`multiClusterTargetGroup: true` | ||
|
||
|
||
### Example | ||
|
||
We will be setting up an echoserver in two clusters in order to demonstrate MultiCluster mode. See the full echoserver example in the 'Examples' tab. | ||
|
||
The following ingress configures the Target Group Binding as MultiCluster. We will take the created Target Group and share it in a second cluster. | ||
|
||
``` | ||
apiVersion: networking.k8s.io/v1 | ||
kind: Ingress | ||
metadata: | ||
name: echoserver | ||
namespace: echoserver | ||
annotations: | ||
alb.ingress.kubernetes.io/multi-cluster-target-group: "true" | ||
alb.ingress.kubernetes.io/scheme: internet-facing | ||
alb.ingress.kubernetes.io/tags: Environment=dev,Team=test | ||
spec: | ||
ingressClassName: alb | ||
rules: | ||
- http: | ||
paths: | ||
- path: / | ||
pathType: Exact | ||
backend: | ||
service: | ||
name: echoserver | ||
port: | ||
number: 80 | ||
``` | ||
|
||
Verify that MultiCluster is enabled by verifying that the created Target Group Binding is marked as MultiCluster. | ||
|
||
``` | ||
kubectl -n echoserver get targetgroupbinding k8s-echoserv-echoserv-cc0122e143 -o yaml | ||
apiVersion: elbv2.k8s.aws/v1beta1 | ||
kind: TargetGroupBinding | ||
metadata: | ||
annotations: | ||
elbv2.k8s.aws/checkpoint: cKay81gadoTtBSg6uVVginqtmCVG-1ApTvYN4YLD37U/_4kBy3Yg64qrXzjvIb2LlC3O__ex1qjozynsqHXmPgo | ||
elbv2.k8s.aws/checkpoint-timestamp: "1729021572" | ||
creationTimestamp: "2024-10-15T19:46:06Z" | ||
finalizers: | ||
- elbv2.k8s.aws/resources | ||
generation: 1 | ||
labels: | ||
ingress.k8s.aws/stack-name: echoserver | ||
ingress.k8s.aws/stack-namespace: echoserver | ||
name: k8s-echoserv-echoserv-cc0122e143 | ||
namespace: echoserver | ||
resourceVersion: "79121011" | ||
uid: 9ceaa2ea-14bb-44a5-abb0-69c7d2aac52c | ||
spec: | ||
ipAddressType: ipv4 | ||
multiClusterTargetGroup: true <<< HERE | ||
networking: | ||
ingress: | ||
- from: | ||
- securityGroup: | ||
groupID: sg-06a2bd7d790ac1d2e | ||
ports: | ||
- port: 32197 | ||
protocol: TCP | ||
serviceRef: | ||
name: echoserver | ||
port: 80 | ||
targetGroupARN: arn:aws:elasticloadbalancing:us-east-1:565768096483:targetgroup/k8s-echoserv-echoserv-cc0122e143/6816b87346280ee7 | ||
targetType: instance | ||
vpcID: vpc-0a7ef5bd8943067a8 | ||
``` | ||
|
||
In another cluster, you can now register that Target Group ARN in a Target Group Binding. | ||
|
||
``` | ||
apiVersion: elbv2.k8s.aws/v1beta1 | ||
kind: TargetGroupBinding | ||
metadata: | ||
name: MyTargetGroupBinding | ||
namespace: echoserver | ||
spec: | ||
serviceRef: | ||
name: echoserver | ||
port: 80 | ||
multiClusterTargetGroup: true | ||
targetType: instance | ||
ipAddressType: ipv4 | ||
networking: | ||
ingress: | ||
- from: | ||
- securityGroup: | ||
groupID: $SG_FROM_ABOVE | ||
ports: | ||
- port: 32197 | ||
protocol: TCP | ||
targetGroupARN: $TG_FROM_ABOVE | ||
``` | ||
|
||
The configured TargetGroup should have targets from both clusters available to service traffic. | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.