If check any of a freshly created AWS Application LoadBalancer with a certificate from the AWS Certificate Manager, and with an HTTPS Listener’s default settings you’ll see the B grade: The main point of the SSL Labs is the support of the deprecated encryption versions – TLS 1.0 and 1.1. AWS LoadBalancer SecurityPolicy and TLS… Read More »
Let’s proceed with our journey with Istio. Previous parts: Istio: an overview and running Service Mesh in Kubernetes Istio: external AWS Application LoadBalancer and Istio Ingress Gateway Besides Istio, in this post, we will also configure ExternalDNS, see the Kubernetes: update AWS Route53 DNS from an Ingress for details. Everything described below is a kind… Read More »
In the previous post, Istio: an overview and running Service Mesh in Kubernetes, we started Istion io AWS Elastic Kubernetes Service and got an overview of its main components. The next task is to add an AWS Application Load Balancer (ALB) before Istio Ingress Gateway because Istio Gateway Service with its default type LoadBalancer creates… Read More »
One day I wondered – how is load balancing between pods is working in Kubernetes? I.e. – we have an external Load Balancer. Then a Service. And behind it – Pods. What happens when we are receiving a network packet from the world, and we have a few pods – how the traffic will be… Read More »
We have an application – an old version, and a new one, and two domains for them. The application is working on AWS Elastic Kubernetes Service, behind an AWS LoadBalancer created with AWS ALB Ingress Controller. The task is to create a redirect from the old domain’s Ingress to a new LoadBalancer: old URL: dev.api.old-example.com… Read More »
AWS ALB Ingress Controller for Kubernetes – is a Kubernetes controller which actually controls AWS Application Load Balancers (ALB) in an AWS account when an Ingress resource with the kubernetes.io/ingress.class: alb annotation is created in a Kubernetes cluster. This Ingress resource in its turn describes an ALB Listeners configuration with SSL termination or traffic routing… Read More »
Gorush is a Go-written application which we are planning to use to send push notifications to our mobile clients. The project’s home – https://github.com/appleboy/gorush The service will be running in our Kubernetes cluster in a dedicated namespace and must be accessible within the cluster’s VPC only, so we will use an Internal ALB from AWS.… Read More »
In the first part – Kubernetes: part 1 – architecture and main components overview – we did a quick glance about Kubernetes. Also, check the third part – Kubernetes: part 3 – AWS EKS overview and manual EKS cluster set up. The next thing I’d like to play with is to manually create a cluster… Read More »