Many AWS customers are now in the phase of modernizing/migrating existing application.

During that process they often face the issue where they would like to use an existing ALB or NLB to route traffic to EKS

In this article I will show you steps to accomplish this goal.

Prerequisites:

1. Have an existing EKS cluster [1].

2. Have the AWS Load Balancer Controller add-on installed [2].

3. Have an existing ALB or NLB in your AWS VPC with target group [3].

Solution:

Step 1:

Create a deployment. In this example we will use the nginx deployment below. (we will be working in the default namespace)

apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: nginx
  name: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx
    spec:
      containers:
      - image: nginx
        name: nginx
        ports:
        - containerPort: 80

Step 2:

Create a NodePort service in front of your NGINX pods using one of the below examples.

option 1: expose the deployment using kubectl

kubectl expose deployment nginx --type=NodePort --port=80

option 2: expose the deployment using a service manifest similar to that below.

apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx
  name: nginx
  namespace: default
spec:
  ports:
    port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx
  type: NodePort

Step 3:

Create a TargetGroupBinding custom resource.

Prerequisites:

1. For the TargetGroupBinding manifest you will need to provide the ARN of the existing target group of your ELB or you can create a new target group for your ELB and use the ARN for that target group.

2. The service name of the previously created service. This can be gathered by using the command below.

First you will create the TargetGroupBinding manifest and example can be found here [4]. For this example the manifest will look like the one below.

apiVersion: elbv2.k8s.aws/v1beta1
kind: TargetGroupBinding
metadata:
  name: nginx-tgb
spec:
  serviceRef:
    name: nginx
    port: 80
  targetGroupARN: <target-group arn>

Save the manifest above in a file named nginx-target-group-binding.yaml and edit this file to reflect the ARN of your target group.

Run the command below to apply the manifest.

kubectl create -f nginx-target-group-binding.yaml

Step 4:

Test out the connectivity to you pods by navigating to the existing Load Balancer and connecting to it from your browser using the Load Balancer DNS name.

You should see the Welcome to nginx! message below in your browser.

Resources:

1. https://docs.aws.amazon.com/eks/latest/userguide/getting-started-console.html
2. https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html
3. https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/load-balancer-getting-started.html
4. https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/guide/targetgroupbinding/targetgroupbinding/