EKS Ingress Nginx Load Balancer Integrate with WAF
Question
I have deployed Ingress Nginx on AWS EKS cluster. Ingress controller and Service are deployed as components. Therefor an AWS.network load balancer has been provision for the Ingress Nginx controller
apiVersion: v1
kind: Service
metadata:
annotations:
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: 'true'
service.beta.kubernetes.io/aws-load-balancer-type: nlb
service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"
labels:
helm.sh/chart: ingress-nginx-3.36.0-external
app.kubernetes.io/name: ingress-nginx-external
app.kubernetes.io/instance: ingress-nginx-external
app.kubernetes.io/version: 0.49.0-external
app.kubernetes.io/managed-by: Helm-external
app.kubernetes.io/component: controller-external
name: ingress-nginx-controller-external
namespace: ingress-nginx
spec:
type: LoadBalancer
externalTrafficPolicy: Local
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443
selector:
app.kubernetes.io/name: ingress-nginx-external
app.kubernetes.io/instance: ingress-nginx-external
app.kubernetes.io/component: controller-external
Traffic is coming through the NLB and TLS terminated by the ingress controller.
What I want to do is integrate the AWS WAF with the Ingress. There is a method for the AWS ALB but is there a method to integrate the WAF for the above configuration?
1 answers
solution1
0 2022-03-14 09:19:19
As of now you cannot set the NLB target type to 'alb'. You can manually setup the NLB and add an ALB behind it; and associate WAF with the added ALB.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.