Creating a Static IP Network Load Balancer in EKS

Abhishek SinghAbhishek Singh
2 min read

Table of contents

Introduction

In this article, we will be taking a deep dive into how to create a Network Load Balancer (NLB) with a static IP address for our EKS service.

Requirements

One of the key requirements of deploying services in the cloud is to have a reliable and stable IP address. When we create a load balancer in AWS, it usually comes with a dynamic IP address which may change every time the load balancer is restarted. But in certain scenarios, we may require a static IP address for security reasons such as whitelisting. This is where Network Load Balancers with a static IP come in handy.

To create a NLB with a static IP, we first need to reserve Elastic IP addresses in AWS. The number of Elastic IPs required will depend on the number of availability zones in your cluster. In this example, we have a cluster with three availability zones, so we need to reserve three Elastic IP addresses.

Here are the names of the three Elastic IP addresses that we will be reserving:

  • eipalloc-xxxx1

  • eipalloc-xxxx2

  • eipalloc-xxxx3

Steps

With the Elastic IPs reserved, we can now proceed to create a service in our cluster. In the service manifest, we will add an annotation to specify the reserved Elastic IPs. Here is the annotation that we need to add:

service.beta.kubernetes.io/aws-load-balancer-eip-allocations: eipalloc-xxxx1,eipalloc-xxxx2,eipalloc-xxxx3

Here is a complete sample service manifest that you can use to create a NLB with a static IP:

apiVersion: v1
kind: Service
metadata:
  name: nginx-nlb
  namespace: default
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-type: external
    service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
    service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
    service.beta.kubernetes.io/aws-load-balancer-eip-allocations: eipalloc-xxxx1,eipalloc-xxxx2,eipalloc-xxxx3
spec:
  ports:
    - name: http
      protocol: TCP
      port: 80
      targetPort: 80
      nodePort: 31825
    - name: http-ssl
      protocol: TCP
      port: 443
      targetPort: 443
      nodePort: 31318
  selector:
    name: nginx
  type: LoadBalancer
  sessionAffinity: None
  externalTrafficPolicy: Cluster
  ipFamilies:
    - IPv4
  ipFamilyPolicy: SingleStack
  allocateLoadBalancerNodePorts: true
  internalTrafficPolicy: Cluster

Conclusion

In conclusion, creating a Network Load Balancer with a static IP for our EKS service can be easily done by reserving the required number of Elastic IP addresses and adding the necessary annotations in the service manifest. With the above steps, you will be able to create a secure and reliable Load Balancer with a static IP that can be used for whitelisting purposes. It is important to note that the number of reserved Elastic IP addresses must match the number of availability zones in your cluster. Additionally, the above sample service manifest can be customized based on your specific requirements, such as the number of ports, protocol, and session affinity.

If you find this article useful please leave a like and consider following.

Thanks

0
Subscribe to my newsletter

Read articles from Abhishek Singh directly inside your inbox. Subscribe to the newsletter, and don't miss out.

EKSLoad Balancernetwork load balancerAWSKubernetes

Written by

Abhishek Singh
Abhishek Singh

Hi This is Abhishek Singh, Devops Engineer by profession and Gamer by passion. I'm a devops engineer with more than 3 years of experience in Linux, Monitoring and Devops. I'm huge Open source supporter and Linux lover. In free time I love to play Minecraft and Valorant.