DEVHIDE
Login Or Sign up

EKS configuration: API Gateway and pods in private subnets

297 Views Asked by At

In AWS, I'm trying to configure my K8S cluster with EKS, and from my limited experience with AWS and its services, I am struggling in configuring the integration between different parts.

Context:

  • Created the cluster with eksctl tool (the VPC, subnets and NAT Gateway were created automatically by eksctl).
  • Created two node groups (also with eksctl), one in private subnet and another one in public subnet.
  • Created a deployment for my backend application (deploying it to the private subnet):

apiVersion: apps/v1
kind: Deployment
metadata:
  name: api-dev-deployment
  namespace: dev
spec:
  replicas: 1
  selector:
    matchLabels:
      app: api-dev
  template:
    metadata:
      labels:
        app: api-dev
    spec:
      nodeSelector:
        subnet-type: private
      containers:
        - name: api-dev
          image: [my private image URL from ECR]
          ports:
              - containerPort: 5000

The pod deployment is OK, and it's able to connect to the internet from the private subnet (connection to mongodb atlas in my case), so NAT Gateway is working fine here.

What I am trying to achieve:

  • Configure API Gateway so it can send requests to the application deployed in the pod inside the private subnet.

What I did:

  • Created an API in the API Gateway service, created the resource /status (the health check endpoint from my application) with GET method.
  • In the request integration, I have chosen HTTP as integration type and I've set the value http://192.168.98.28:5000/status as the endpoint URL (192.168.98.28 is the internal IP of my pod in private network, got it with kubectl: kubectl get pods -o wide)

What's going wrong:

When I am trying to do a test call to the API Gateway endpoint, I am getting an error 500 with the message:

Sat Aug 05 16:33:18 UTC 2023 : Execution failed due to configuration error: Invalid endpoint address.

Can please anyone help me in configuring the above mentioned? I was going through much documentation, but I can't find a good one.

amazon-web-services aws-api-gateway amazon-eks eksctl
Original Q&A
1

There are 1 best solutions below

0
Saifeddine Rajhi On BEST ANSWER

I think first of all you need service type Loadbalancer to expose your pod, I also think that both API Gateway and EKS cluster are in different VPCs, so it is not possible to connect them without VPC endpoints

So the external traffic will be routed via API Gateway which sends traffic to the services hosted inside EKS via VPC Private Link -> ELB.

Here is a blog for reference

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AWS-API-GATEWAY

Related Questions in AMAZON-EKS

Related Questions in EKSCTL

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.