mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
78 lines
2.5 KiB
Plaintext
78 lines
2.5 KiB
Plaintext
// Modules included in the following assemblies:
|
|
//
|
|
// * networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="nw-ingress-aws-static-eip-nlb-configuration_{context}"]
|
|
= Configuring AWS Elastic IP (EIP) addresses for a Network Load Balancer (NLB)
|
|
|
|
[role="_abstract"]
|
|
You can specify static IPs, otherwise known as elastic IPs, for your network load balancer (NLB) in the Ingress Controller. This is useful in situations where you want to configure appropriate firewall rules for your cluster network.
|
|
|
|
.Prerequisites
|
|
* You must have an installed {aws-full} cluster.
|
|
* You must know the names or IDs of the subnets to which you intend to map your `IngressController`.
|
|
|
|
.Procedure
|
|
|
|
. Create a YAML file that contains the following example content:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
apiVersion: operator.openshift.io/v1
|
|
kind: IngressController
|
|
metadata:
|
|
namespace: openshift-ingress-operator
|
|
name: <name>
|
|
spec:
|
|
domain: <domain>
|
|
endpointPublishingStrategy:
|
|
loadBalancer:
|
|
scope: External
|
|
type: LoadBalancerService
|
|
providerParameters:
|
|
type: AWS
|
|
aws:
|
|
type: NLB
|
|
networkLoadBalancer:
|
|
subnets:
|
|
ids:
|
|
- <subnet_ID>
|
|
names:
|
|
- <subnet_A>
|
|
- <subnet_B>
|
|
eipAllocations:
|
|
- <eipalloc_A>
|
|
- <eipalloc_B>
|
|
- <eipalloc_C>
|
|
----
|
|
+
|
|
where:
|
|
+
|
|
`<name>`:: Specifies a name for the Ingress Controller.
|
|
`<domain>`:: Specifies the DNS name serviced by the Ingress Controller.
|
|
`scope`:: Specifies a scope for the EIPs. The scope must be set to the value `External` and be Internet-facing in order to allocate EIPs.
|
|
`subnets:: Specifies the IDs and names for your subnets. The total number of IDs and names must be equal to your allocated EIPs.
|
|
`eipAllocations`:: Specifies the EIP addresses.
|
|
+
|
|
[IMPORTANT]
|
|
====
|
|
You can specify a maximum of one subnet per availability zone. Only provide public subnets for external Ingress Controllers. You can associate one EIP address per subnet.
|
|
====
|
|
|
|
. Save and apply the CR file by entering the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc apply -f sample-ingress.yaml
|
|
----
|
|
|
|
.Verification
|
|
|
|
. Confirm the load balancer was provisioned successfully by checking the `IngressController` conditions by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get ingresscontroller -n openshift-ingress-operator <name> -o jsonpath="{.status.conditions}" | yq -PC
|
|
----
|