I have deployed Ingress Nginx on AWS EKS cluster. Ingress controller and Service are deployed as components. Therefor an AWS.network load balancer has been provision for the Ingress Nginx controller
apiVersion: v1
kind: Service
metadata:
annotations:
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: 'true'
service.beta.kubernetes.io/aws-load-balancer-type: nlb
service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"
labels:
helm.sh/chart: ingress-nginx-3.36.0-external
app.kubernetes.io/name: ingress-nginx-external
app.kubernetes.io/instance: ingress-nginx-external
app.kubernetes.io/version: 0.49.0-external
app.kubernetes.io/managed-by: Helm-external
app.kubernetes.io/component: controller-external
name: ingress-nginx-controller-external
namespace: ingress-nginx
spec:
type: LoadBalancer
externalTrafficPolicy: Local
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443
selector:
app.kubernetes.io/name: ingress-nginx-external
app.kubernetes.io/instance: ingress-nginx-external
app.kubernetes.io/component: controller-external
Traffic is coming through the NLB and TLS terminated by the ingress controller.
What I want to do is integrate the AWS WAF with the Ingress. There is a method for the AWS ALB but is there a method to integrate the WAF for the above configuration?
As of now you cannot set the NLB target type to 'alb'. You can manually setup the NLB and add an ALB behind it; and associate WAF with the added ALB.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.