Kops multiple Ingress resources Together with a single Application Load Balancer — let's get rid off namespace scope issues with IngressGroup

well, we faced a lot of blockers while setting up ingress( Load balancer controller) in kops. Especially multiple Apps, which have different namespaces.

• when setting ingress backend with a NodePort service for an application that has a different namespace. The backend targets group not creating and getting 503 in load balancer rule

The issue was with the scope of the ingress namespace, which only relies on the specified namespaces services
for example, if you have an ingress whose namespace is foo and the service of your application namespace is bar , it never gets connected because both the service and ingress are using different namespaces. Use the Same namespace to connect.

we can use multiple namespaces for the application with the help of IngressGroup by setting ingress resources together with a single Application Load Balancer.

You need to have multiple ingresses for each namespace. that ingress will point to a single Application Load Balancer

IngressGroup feature enables you to group multiple Ingress resources together. The controller will automatically merge Ingress rules for all Ingresses within IngressGroup and support them with a single ALB. In addition, most annotations defined on a Ingress only applies to the paths defined by that Ingress.

By default, Ingresses don’t belong to any IngressGroup, and we treat it as a “implicit IngressGroup” consisted of the Ingress itself.

for further details visit kops official site

Let's create an ingress controller, if you didn’t create a load balancer controller use aws-load-balancer-controller add-on

The above creates an internet interface application load balancer with two listeners 80 and 443, by default HTTP redirects to HTTPS . for SSL offload manually create an ACM certificate for Domain. It will automatically be discovered by the controller

To create multiple ingresses using single alb add you must set below annotations

alb.ingress.kubernetes.io/group.name: foo-group
alb.ingress.kubernetes.io/group.order: '10'

alb.ingress.kubernetes.io/group.name specifies the group name that this Ingress belongs to

• Ingresses with same group.name annotation will form as a "explicit IngressGroup".
• groupName must consist of lower case alphanumeric characters, - or ., and must start and end with an alphanumeric character.
• groupName must be no more than 63 characters.

alb.ingress.kubernetes.io/group.order specifies the order across all Ingresses within IngressGroup

• You can explicitly denote the order using a number between 1–1000
• The smaller the order, the rule will be evaluated first. All Ingresses without explicit order setting get an order value as 0
• By default, the rule order between Ingresses within IngressGroup is determined by the lexical order of Ingress’s namespace/name.

Then let's create another ingress and service with a different namespace

Here we mentioned IngressGroup . (foo-group). so bar-ingress will point same Application load balancer .