Hey all,
I am looking to change this ingress to an internal aws ingress.
Any suggestions?
The lb is using a public ip
or at least I could modify the sg so that it will accept only local traffic
So what I did was extracted it out and replaced it with that annotation, but there must be a way to do that in the templates or code
The configuration I used is
ingress:
domain: XXXX
ignoreLoadBalancer: false
externalDNS: true
namespaceSubDomain: -jx.
tls:
email: me@dom.com
enabled: true
production: true
First we get all the services :
kubectl get service -A -o yaml > services.yml
Then we extract the one lb, patch it and indent.
apiVersion: v1 kind: Service metadata: annotations: jenkins.io/chart: jxing service.beta.kubernetes.io/aws-load-balancer-internal: 10.0.0.0/0
I added service.beta.kubernetes.io/aws-load-balancer-internal: 10.0.0.0/0 to the annotation, and finally apply it.
kubectl replace --force -f services_elb.yml
Next is how to limit the traffic in the SG to 10.0.0.0/8 because it still has some open traffic.