|
| 1 | +// Modules included in the following assemblies: |
| 2 | +// |
| 3 | +// * networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc |
| 4 | + |
| 5 | +:_mod-docs-content-type: PROCEDURE |
| 6 | +[id="nw-ingress-aws-static-eip-nlb-configuration_{context}"] |
| 7 | += Configuring AWS Elastic IP (EIP) addresses for a Network Load Balancer (NLB) |
| 8 | + |
| 9 | +You can specify static IPs, otherwise known as elastic IPs, for your network load balancer (NLB) in the Ingress Controller. This is useful in situations where you want to configure appropriate firewall rules for your cluster network. |
| 10 | + |
| 11 | +.Prerequisites |
| 12 | +* You must have an installed AWS cluster. |
| 13 | +* You must know the names or IDs of the subnets to which you intend to map your `IngressController`. |
| 14 | +
|
| 15 | +.Procedure |
| 16 | + |
| 17 | +. Create a YAML file that contains the following content: |
| 18 | ++ |
| 19 | +.`sample-ingress.yaml` |
| 20 | +[source,yaml] |
| 21 | +---- |
| 22 | +apiVersion: operator.openshift.io/v1 |
| 23 | +kind: IngressController |
| 24 | +metadata: |
| 25 | + namespace: openshift-ingress-operator |
| 26 | + name: <name> <1> |
| 27 | +spec: |
| 28 | + domain: <domain> <2> |
| 29 | + endpointPublishingStrategy: |
| 30 | + loadBalancer: |
| 31 | + scope: External <3> |
| 32 | + type: LoadBalancerService |
| 33 | + providerParameters: |
| 34 | + type: AWS |
| 35 | + aws: |
| 36 | + type: NLB |
| 37 | + networkLoadBalancer: |
| 38 | + subnets: <4> |
| 39 | + ids: |
| 40 | + - <subnet_ID> |
| 41 | + names: |
| 42 | + - <subnet_A> |
| 43 | + - <subnet_B> |
| 44 | + eipAllocations: <5> |
| 45 | + - <eipalloc_A> |
| 46 | + - <eipalloc_B> |
| 47 | + - <eipalloc_C> |
| 48 | +---- |
| 49 | +<1> Replace the `<name>` placeholder with a name for the Ingress Controller. |
| 50 | +<2> Replace the `<domain>` placeholder with the DNS name serviced by the Ingress Controller. |
| 51 | +<3> The scope must be set to the value `External` and be Internet-facing in order to allocate EIPs. |
| 52 | +<4> Specify the IDs and names for your subnets. The total number of IDs and names must be equal to your allocated EIPs. |
| 53 | +<5> Specify the EIP addresses. |
| 54 | ++ |
| 55 | +[IMPORTANT] |
| 56 | +==== |
| 57 | +You can specify a maximum of one subnet per availability zone. Only provide public subnets for external Ingress Controllers. You can associate one EIP address per subnet. |
| 58 | +==== |
| 59 | + |
| 60 | +. Save and apply the CR file by entering the following command: |
| 61 | ++ |
| 62 | +[source,terminal] |
| 63 | +---- |
| 64 | +$ oc apply -f sample-ingress.yaml |
| 65 | +---- |
| 66 | + |
| 67 | +.Verification |
| 68 | + |
| 69 | +. Confirm the load balancer was provisioned successfully by checking the `IngressController` conditions by running the following command: |
| 70 | ++ |
| 71 | +[source,terminal] |
| 72 | +---- |
| 73 | +$ oc get ingresscontroller -n openshift-ingress-operator <name> -o jsonpath="{.status.conditions}" | yq -PC |
| 74 | +---- |
0 commit comments