In the part 2 and part 3 of this blog series, we have deployed nginx-gateway in AKS, with required route and policy setup to correctly route to elastic search and kibana deployed in AKS. But we are still have live traffic to elastic search and kibana via the retired ingress-nginx, after the deployment of nginx-gateway also in the same cluster. No as we planned we are going to do the release 2 to get the traffic switch from retired ingress-nginx to new nginx-gateway deployed in AKS.
The expectation is to have kibana and elastic host names to resolve to private IP of the nginx-gateway loadbalancer as shown below, and the ability to use elastic search with the url, using nginx-gateway.
You can see here in our AKS cluster we have both ingress-nginx and nginx-gateway loadbalancers setup with diffrent private IPs from the vNET subnet.
The private DNS zone is still using the private IP of ingress-nginx loadbalancer.
If we ping host names they resolve to 239 private IP as shown below.
Now we can update DNS setting in terraform to use nginx-gatewayprivate IP instead of ingress-nginx private IP.
After this change is deployed the private DNS zone now points to nginx-gateway private IP 238.
Now the routing happens via ngix-gateway.
As the next step and in the next release 3 to production, we can remove the deployment of retired ingress-nginx from the AKS, by removing code/script/Terraform facilitating that deployment.
No comments:
Post a Comment