Open tigerpeng2001 opened 4 months ago
You can create ALB by annotate the graylog.ingress.annotations with kubernetes.io/ingress.class: alb
. Class name may different depends on how you setup ALB controller.
The NLB is already TCP.
To restrict ALB uses alb.ingress.kubernetes.io/inbound-cidrs
annotation on graylog.ingress.annotations and NLB uses loadBalancerSourceRanges
on graylog.input.tcp.service
graylog:
ingress:
annotations:
kubernetes.io/ingress.class: aws-lb
alb.ingress.kubernetes.io/inbound-cidrs: 10.0.0.0/8
input:
tcp:
ports:
- name: syslog1
port: 5140
service:
annotations:
service.beta.kubernetes.io/aws-load-balancer-type: "external"
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
loadBalancerSourceRanges:
- 10.0.0.0/8
How about the client web interface? I used classic ELB and attempted to use STL/SHTTP with a cert managed by ACM . The related part is copied below again
...
service:
type: LoadBalancer
port: 443
annotations:
service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:123456789012:certificate/753cd66c-e8c2-4092-97e9-2a9603033723
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: https
master:
annotations:
service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0
port: 9000
input:
tcp:
...
Another question: Is there any schedule for releasing a new chart that supports Graylog6?
Classic load balancer can be created without adding annotation. But it is remove in AWS LB Controller 2.7.2
See https://docs.aws.amazon.com/eks/latest/userguide/network-load-balancing.html
Another question: Is there any schedule for releasing a new chart that supports Graylog6?
I don't have a specific date yet.
Hi Kong,
service:
type: LoadBalancer
port: 443
annotations:
service.beta.kubernetes.io/aws-load-balancer-scheme: internal
service.beta.kubernetes.io/load-balancer-source-ranges: 10.0.0.0/8
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:123456789012:certificate/2035edce-ba7b-4b7a-871a-6fbf89fc64b5
master:
notations:
service.beta.kubernetes.io/load-balancer-source-ranges: 10.0.0.0/8
input:
tcp:
ports:
- name: gelf
port: 12201
- name: syslog
port: 12202
service:
type: LoadBalancer
notations:
service.beta.kubernetes.io/load-balancer-source-ranges: 10.0.0.0/8
Hi Kong,
All the health checks for the master and the input target groups fail. The web target group is healthy.
The notations for master and input do not affect the load balancer's attributes, such as the security group rules.
Any suggestion?
Thanks, Tiger
Hello,
I deployed a cluster in AWS EKS with version 1.7.12 years ago with the values copied below. There are a few issues I'd like to address for deploying a new Graylog cluster (with the latest version). Could you help?
10.0.0.0/8
Thank you,