Comments (4)
From everything I can tell given AWS documentation and claims of other people on the Internet, this should work and I'm at a loss figuring out why it doesn't. Even totally opening up the security groups to allow all traffic from anywhere made no difference. I might try to see if there is anything to figure out from a simpler scenario tomorrow or in the coming week, just running a single nginx server on an EC2 with a private IP pointed to by a load balancer with a public IP. The health check still works. It just isn't forwarding traffic even when it has a healthy instance. If the simpler scenario still doesn't work, I'm not sure what else to say. AWS doesn't document super-well how to handle all possible network configurations.
from rke2-aws-tf.
It's the fact that we're putting the load balancer and cluster nodes in the same subnets. If those are private subnets, the load balancer can't be accessed from the Internet, even though it has a public IP address or addresses. They're misleading and don't actually go anywhere. The same seems to go for Elastic IPs. Whatever they point to has to be in a public subnet or it won't be reachable.
We'll have to modify the module to accept a separate subnet list for the load balancer. It'll be up to the user, but for an Internet-facing load balancer scheme, these will have to be public subnets.
from rke2-aws-tf.
Thank you adamacosta for digging into it! We reached the same conclusion about the subnet location of the LBs. We look forward to the update with public and private subnet support for the LB.
from rke2-aws-tf.
Fixed by #102
from rke2-aws-tf.
Related Issues (20)
- Setting kube-apiserver.yaml values on deployment HOT 4
- statestore module not compatabile with version 4.0.0 of AWS provider HOT 1
- publish module to terraform registry HOT 1
- Fix deprecated items for Terraform 1.27 HOT 1
- How to access private IP servers and agents HOT 1
- Server fails on AMI having the AWS CLI installed HOT 2
- Feature flag to allow turning on/off security group creation HOT 2
- S3 now defaults to ACLs disabled HOT 1
- Name length issues for nlb module HOT 2
- Does not work on latest RHEL AMIs. No easy way to specify release channel for binary HOT 1
- Error: want at least 1 healthy instance(s) registered to Load Balancer, have 0', timeout: 10m0 HOT 3
- Non-backwards compatible change: CP using NLB HOT 9
- `aws_lb_target_group` logic error on long names HOT 1
- tls-san entry in server config is ignored HOT 3
- No SLES provision for servers or agents HOT 1
- Need to pin Terraform AWS provider HOT 2
- Terraform 0.13 does not support optional keyword HOT 2
- agent-nodepool Terraform template using an experimental feature without enabling the feature HOT 3
- No ability to set Server Nodepool Autoscaling Health Check to `ELB` instead of `EC2`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rke2-aws-tf.