Install ALB Ingress
To install ALB Ingress, see AWS Load Balancer Controller installation.
Note
To use External DNS, see Setup External DNS.
This feature is still in alpha release and should not be used in production.
Ingress definition
When you Install ALB Ingress, the Ingresses definition will automatically create an ALB. To expose a MarkLogic cluster, deploy one Ingress per application server:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
alb.ingress.kubernetes.io/healthcheck-port: '8002'
alb.ingress.kubernetes.io/healthcheck-path: /
alb.ingress.kubernetes.io/success-codes: '200-401'
alb.ingress.kubernetes.io/load-balancer-name: ml-lb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 8001}]'
alb.ingress.kubernetes.io/target-group-attributes: load_balancing.algorithm.type
=least_outstanding_requests
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-west-2:XXXXXXXXXXX:
certificate/ XXXXX-xxxx-XXXX-XXXX-XXXXxxxXXX
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/group.name: ml-lb-group
labels:
app.kubernetes.io/instance: ml-enode
app.kubernetes.io/name: ml-lb
name: ml-enode-ml-lb-admin
namespace: ml-lb
spec:
ingressClassName: alb
rules:
- http:
paths:
- backend:
service:
name: ml-enode-ml-lb
port:
number: 8001
path: /
pathType: Prefix
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
alb.ingress.kubernetes.io/healthcheck-port: '8002'
alb.ingress.kubernetes.io/healthcheck-path: /
alb.ingress.kubernetes.io/success-codes: '200-401'
alb.ingress.kubernetes.io/load-balancer-name: ml-lb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 8000}]'
alb.ingress.kubernetes.io/target-group-attributes: load_balancing.algorithm.
type=least_outstanding_requests
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-west-2:XXXXXXXXXXX:
certificate/XXXXX-xxxx-XXXX-XXXX-XXXXxxxXXX
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/group.name: ml-lb-group
labels:
app.kubernetes.io/instance: ml-enode
app.kubernetes.io/name: ml-lb
name: ml-enode-ml-lb-console
namespace: ml-lb
spec:
ingressClassName: alb
rules:
- http:
paths:
- backend:
service:
name: ml-enode-ml-lb
port:
number: 8000
path: /
pathType: Prefix
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
alb.ingress.kubernetes.io/healthcheck-port: '8002'
alb.ingress.kubernetes.io/healthcheck-path: /
alb.ingress.kubernetes.io/success-codes: '200-401'
alb.ingress.kubernetes.io/load-balancer-name: ml-lb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 8002}]'
alb.ingress.kubernetes.io/target-group-attributes: load_balancing.algorithm.
type=least_outstanding_requests
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-west-2:XXXXXXXXXXX:
certificate/XXXXX-xxxx-XXXX-XXXX-XXXXxxxXXX
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/group.name: ml-lb-group
labels:
app.kubernetes.io/instance: ml-enode
app.kubernetes.io/name: ml-lb
name: ml-enode-ml-lb-manage
namespace: ml-lb
spec:
ingressClassName: alb
rules:
- http:
paths:
- backend:
service:
name: ml-enode-ml-lb
port:
number: 8002
path: /
pathType: Prefix
Annotation details
Code |
Description |
|---|---|
|
Specifies the port on which to perform the health check. See https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.4/guide/ingress/annotations/#healthcheck-port. |
|
Specifies the path used for the health check. |
|
Specifies the HTTP status code that is expected during health checks against the specified health check path. The 401 code is included because authentication is needed on the port. |
|
Specifies the prefix for the name of the ALB. Note that name impacts the entire IngressGroup. |
|
Specifies the scheme. Because MarkLogic app-servers should be exposed from outside of the cluster and outside of the cloud, this is set it to |
|
Specifies the listening port for each Ingress. The syntax is : <protocol>:<port>. Protocol can only be HTTP or HTTPS see Application Load Balancer (ALB) Ingress only for the limitations. |
|
Specifies the target group attributes as the load balancing algorithm. |
|
Specifes the certificates to be used (HTTPS termination on the ALB should be enabled). |
|
Specifies the target type. The target type can be instance or ip. Instance type is only available if the target service is type NodePort. |
|
Specifies the group name for the ALB. This allows several Ingresses to use the same ALB. group.name and load.balancer.name have to be the same in the same IngressGroup. |
For additional annotations, see the complete list.
Ingress class name
Specifying the ingressClass is recommended, especially with multiple Ingress controllers. Adding alb ensures that the Ingress will be managed by the ALB Ingress Controller:
spec: ingressClassName: alb