How to edit AWS Load balancer from Kubernetes service

Francois1 · April 26, 2024, 1:09pm

Hello!

I am using Traefik ingress controller on Kubernetes EKS (AWS), and it creates a Service type Loadbalancer. I wanted to increase the Connection idle timeout set on the load balancer.

How to change Connection idle timeout for the AWS load balancer from Traefik from the helm charts values, or from annotations, or potentially IngressRoute CRs?

The default is 60 seconds, and we need at least 120 seconds.

Traefik helm chart we are using: GitHub - traefik/traefik-helm-chart: Traefik Proxy Helm Chart

I could

Francois1 · April 26, 2024, 1:17pm

I noticed there is this settings allowing to add annotations in the helm chart:

github.com

traefik/traefik-helm-chart/blob/master/traefik/values.yaml#L793


      
          #     defaultCertificate:
          #       secretName: tls-cert
          tlsStore: {}
          
          service:
            enabled: true
            ## -- Single service is using `MixedProtocolLBService` feature gate.
            ## -- When set to false, it will create two Service, one for TCP and one for UDP.
            single: true
            type: LoadBalancer
            # -- Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config)
            annotations: {}
            # -- Additional annotations for TCP service only
            annotationsTCP: {}
            # -- Additional annotations for UDP service only
            annotationsUDP: {}
            # -- Additional service labels (e.g. for filtering Service by custom labels)
            labels: {}
            # -- Additional entries here will be added to the service spec.
            # -- Cannot contain type, selector or ports entries.
            spec: {}

but from this documentation: Annotations - AWS Load Balancer Controller I don't see a way of editing it there.

I am basically looking for a way to configure any Traffic configuration on the LB.

Connection idle timeout (the one I want to tweak)
Packet handling - Desync mitigation mode (Defensive, etc)
Enable connection draining
Timeout (draining interval)
...

(From https://eu-central-1.console.aws.amazon.com/ec2/home?region=eu-central-1#LoadBalancerEditAttributes:loadBalancerArn=)

I guess if there is a way to change any of this from the service, it should be easy to find how to change Connection idle timeout

Francois1 · April 26, 2024, 1:48pm

I found some examples here:

github.com

lkravi/eks_blueprints/blob/65e3d11241e14d2b3c54d1309dd1c10d02612969/static/nginx_values.yaml#L7


      
          controller:
            service:
              externalTrafficPolicy: "Local"
              annotations:
                # AWS Load Balancer Controller Annotations
                service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp # or 'ssl'
                service.beta.kubernetes.io/aws-load-balancer-attributes: load_balancing.cross_zone.enabled=true
                service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '60'
                service.beta.kubernetes.io/aws-load-balancer-type: 'external'
                service.beta.kubernetes.io/aws-load-balancer-scheme: 'internet-facing' # or 'internal'
                service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: 'ip'
                service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-east-1:408007299814:certificate/8d796c3c-79bc-4fad-9608-72f2f7f5d20b

Adding the following annotation in service.annotations (values.yaml) is the key

service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '60'

system · April 29, 2024, 1:48pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
EKS Traefik Ingress Controller with Application Load Balancer Traefik v2 kubernetes-ingress	1	2475	April 28, 2021
EKS - Getting Timeout while hitting the Ingress URL Traefik v1 kubernetes-helm	0	675	February 26, 2021
Intermittent bad gateway 504 from AWS load balancer Traefik v2 kubernetes-crd	0	789	May 24, 2020
Helm Chart: Set name of AWS Load Balancer Traefik v2 kubernetes-ingress	6	3163	June 13, 2024
config IdleTimeout failure Traefik v1 docker , file , kubernetes-ingress	0	415	March 15, 2021

How to edit AWS Load balancer from Kubernetes service

Related topics