Skip to main content

Elastic IP

Cloud service provider relevance: AWS Kubernetes

Container orchestration systems like Kubernetes typically manage ingress and egress traffic through services and ingress controllers. However, some scenarios require routing traffic through the underlying infrastructure—the actual instances beneath the container cluster nodes. For example, when custom business logic must be applied to ingress traffic before reaching the application, and standard TCP load balancers cannot process that traffic.

In addition, specific use cases require the persistence of the IP address exposed to the end users, such as a permit list of addresses. In such cases, an elastic IP (EIP) is used to persist the same public IP address for a specific instance over time. When an instance with an EIP fails or is terminated, the same IP address is assigned to the replacement instance.

Ocean lets you assign an EIP pool to the instances created in a specific launch specification. These instances have a pre-defined public IP so that the requests can be routed and processed.

How It Works

Launch specifications let you configure your workloads (i.e., instances and instance groups) on an Ocean cluster. Within the launch specification, you can define the EIPs to apply.

To do this, add the elasticIpPool object with a tag selector (using a key and optionally a value) that identifies which EIPs to use. You manage the EIP pool in AWS by tagging the required EIPs, eliminating the need to explicitly manage them in Ocean. All tagged EIP objects are automatically assigned to instances provisioned by the Ocean launch specification.

{
  "elasticIpPool": {
    "tagSelector": {
      "tagKey": "myEIPPoolTagKey",
      "tagValue": "myEIPPoolTagValue"
    }
  }
}

When Scaling Up

The instance should be assigned the EIP before scheduling pods on it. we recommend the following best practices:

  • Ensure that user_data requires an EIP to be attached to the node.
  • It is useful (not necessary) to add a health check in user data that will ensure EIP registration before the node attempts to perform tasks that require network connectivity.

When Scaling Down

When scaling down, Ocean will remove the EIP address only after all pods are removed.