Let's suppose you are tryign to access Grafana as service deployed in EKS using grafana.abc.com
. When you access grafana.abc.com
in your browser, the traffic flow to the Grafana service on your AWS EKS cluster will proceed through several steps. Here’s an overview of how the traffic flows from the browser to the Grafana service within your EKS cluster:
1. DNS Resolution
- When you enter grafana.abc.com in your browser, a DNS request is made to resolve the domain to an IP address.
- You likely have a DNS record (A or CNAME) configured for grafana.abc.com that points to the Application Load Balancer (ALB) provisioned by the Nginx Ingress Controller in EKS.
2. Request Reaches the Application Load Balancer (ALB)
- Once the DNS resolution completes, the browser sends an HTTP/HTTPS request to the ALB.
- The ALB is associated with your Nginx Ingress Controller in EKS and is configured to forward traffic to the Ingress Controller based on the listener rules (typically on ports 80 and/or 443).
3. ALB Forwards Traffic to the Nginx Ingress Controller
- The ALB directs the request to one of the Nginx Ingress Controller Pods running on the worker nodes within the EKS cluster.
- The Nginx Ingress Controller is responsible for interpreting Ingress resources and routing traffic to the appropriate backend services within the cluster.
4. Nginx Ingress Controller Evaluates the Ingress Rules
- The Nginx Ingress Controller receives the request and evaluates it based on the configured Ingress resources.
- For grafana.abc.com, it will look for an Ingress resource that matches the hostname and path (if any).
- Assuming you have configured an Ingress resource for grafana.abc.com, the Nginx Ingress Controller will match the hostname and route the traffic to the Grafana service backend. Example Ingress Resource Configuration for Grafana:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: grafana-ingress
namespace: default
annotations:
kubernetes.io/ingress.class: nginx
spec:
rules:
- host: grafana.abc.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: grafana-service
port:
number: 3000
5. Traffic is Routed to the Grafana Service
- Based on the Ingress rules, the Nginx Ingress Controller forwards the traffic to the specified Kubernetes Service (in this case, grafana-service).
- The Service acts as a load balancer within the cluster, distributing traffic to the appropriate Grafana Pods that are registered under the Service.
6. Grafana Service Forwards Traffic to Grafana Pod
- The Service sends the request to one of the Grafana Pods running on the worker nodes. The Service routes traffic based on the service type (typically ClusterIP, unless otherwise specified).
- The Grafana Pod processes the request and returns the response back through the Service, which then goes back through the Nginx Ingress Controller, ALB, and finally back to your browser.
Summary of the Traffic Flow:
1) Browser sends a request to grafana.abc.com.
2) DNS resolves grafana.abc.com to the ALB's public IP.
3) The ALB forwards the request to the Nginx Ingress Controller.
4) The Nginx Ingress Controller matches the request against the Ingress rules for grafana.abc.com.
5) The request is forwarded to the Grafana Service, which balances the load between the Grafana Pods.
6) Grafana Pod processes the request and sends the response back through the Service, Ingress Controller, ALB, and finally to the browser.
By leveraging the ALB, Nginx Ingress Controller, and Kubernetes Service, AWS EKS handles the routing from external requests to internal Pods seamlessly, enabling access to applications like Grafana through custom hostnames and paths.