KOP Airgap - External LB Setup
Perform the below steps in AWS portal for External LB Setup:
Define Load Balancer¶
- Login to AWS portal and select Load Balancer from the Services
- Click Create Load Balancer and Create under Classic Load Balancer
- In the Define Load Balancer wizard, enter a unique Load Balancer name
- Define the load balancer port and protocols. By default, the load balancer is configured with a standard web server on port 80
- Click Add for additional protocol and ports
Setup Security Group¶
Setup Security group allows inbound access to LB from the user. Assign security groups to the load balancer and user can change the group anytime.
- To assign a new security group, select "Create a new security group" or "Select an existing security group"
- Enter the Security group name and Description
- Default port range is configured
- Click Add Rule to add more protocol and port for the assigning security group
- Click Next: Configure Security Settings
Configure Security Settings¶
Configure Security Settings is intended for certificate management. Provide the details of CA signed wildcard certificate generated for the controller FQDN *.
- To configure Security Settings, select the Certificate type
- Enter the mandatory fields Certificate Name, Private Key, Certificate body, and Certificate chain
- Click Next: Configure Health Check
Configure Health Check¶
Setup Health Check for backends with 30326/HTTP on /healthz/ready path followed by adding the controller instance to the Classic Load Balancer. This configures the Load Balancer
Click Next: Add EC2 Instances and in the following screens to complete the Load Balancer setup