I hope this message finds you well. I am writing to seek assistance regarding a configuration issue I am facing with my AWS Elastic Kubernetes Service (EKS) deployment.
Background:
I am currently using AWS EKS to manage my deployment, which includes applications running on both Windows and Linux nodes. Specifically, I have two types of node groups: one for Windows (unmanaged) and one for Linux (managed).
Issue:
I have successfully created deployment and service files for both Windows and Linux applications. However, when configuring an Ingress resource with two target groups, all available instances
are included in both target groups. To address this, I attempted to use the alb.ingress.kubernetes.io/target-node-labels annotation to specify the nodes for
each target group. Unfortunately, when using this annotation with multiple labels, it selects nodes that have both labels instead of assigning different nodes with different labels to each target group.
Request for Assistance:
I am seeking guidance on how to configure the Ingress resource so that each target group includes nodes with specific labels, allowing me to segregate Windows and Linux instances accordingly. Specifically,
I need a solution that enables me to specify different nodes with different labels for each target group.
Providing ingress file for reference:-
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: tg-alb
annotations:
# alb.ingress.kubernetes.io/subnets: subnet-02d7ff1dd240c3e0d,subnet-009b9a59162938d6c
alb.ingress.kubernetes.io/scheme: "internet-facing"
alb.ingress.kubernetes.io/target-type: "instance"
alb.ingress.kubernetes.io/target-node-labels: name=node1,name2=node2
alb.ingress.kubernetes.io/ssl-policy: "ELBSecurityPolicy-TLS13-1-2-2021-06"
alb.ingress.kubernetes.io/healthcheck-interval-seconds: "10"
alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "5"
alb.ingress.kubernetes.io/success-codes: "200-299"
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443}]'
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
alb.ingress.kubernetes.io/certificate-arn: "arn:aws:acm:us-west-2:234567173:certificate/2ad8c097-0d74-45f1-8ed8-e3db1c5d90b6"
spec:
ingressClassName: alb
rules:
- host: jeetdomain.shop
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nginx-service-2
port:
number: 80
- host: demo.jeetdomain.shop
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nginx-service
port:
number: 80
tls:
- secretName: global-cd-tls
hosts:
- secretName: global-cd-tls
hosts: