Open omerlh opened 2 years ago
omerlh
commented
1 year ago Bumping this up: when using access logs, NLB will not pass the downstream ip and all envoy will see is the ip of the NLB. So using ALB is pretty crucial here. Any chance to get some help on that? https://repost.aws/questions/QUuD6nY7WWRAy7e7JnODmVWg/network-load-balancer-headers
bboppana
commented
9 months ago We are planning to use Gloo with ALB by leveraging AWS Load Balancer Controller's TargetGroupBinding custom resource. We feel that this simplifies our Gloo install and routing. https://aws.amazon.com/blogs/containers/how-to-leverage-application-load-balancers-advanced-request-routing-to-route-application-traffic-across-multiple-amazon-eks-clusters/
Our existing setup is: User -> ALB (internet) -> NLB (internal, Gloo service) -> Upstream
Using TargetGroupBinding, we can directly configure Gloo service as targets to ALB target group. User -> ALB (internet) -> Gloo service -> Upstream
jhcook
commented
3 months ago Is this still relevant given the instructions exist? Close? https://docs.solo.io/gloo-edge/latest/guides/integrations/aws/#nlb-with-tls-offloading
Version
1.12.x (latest)
Describe the requested changes
The docs for Gloo on AWS mention using ALB is possible, but don't specify how. One of the reasons to go with ALB over NLB is to use AWS WAF, which is supported by ingress annotations only for ALB but not for NLB (WAF ACL not supported for NLB).
Any chance to get docs or pointers on how to run Gloo with ALB? Looking at the ingress docs, I guess I'll have to use ingress and not regular service. Will this work with Gloo?
Link to any relevant existing docs
https://docs.solo.io/gloo-edge/master/guides/integrations/aws/
Browser Information
No response
Additional Context
No response