Introduction
By default, the Terraform Enterprise Helm chart creates a public load balancer. To deploy Terraform Enterprise with an internal load balancer in an AWS Kubernetes environment, you must add specific annotations to the overrides.yaml file.
Expected Outcome
After following this guide, your Terraform Enterprise installation will use an internal load balancer instead of a public one.
Prerequisites
- An implementation of Terraform Enterprise using Flexible Deployment Options for Kubernetes, as described in the Kubernetes installation requirements.
- An AWS EKS environment.
Procedure
-
Configure AWS Subnet Tags.
Ensure you have two private subnets where the load balancer can be created. For EKS to recognize and use these subnets for the load balancer, they must have specific tags. For details, refer to the AWS documentation on Application load balancing on Amazon EKS.
-
Update the
overrides.yamlFile.Add the following service annotations to your
overrides.yamlfile to specify an internal load balancer.service: annotations: service.beta.kubernetes.io/aws-load-balancer-scheme: "internal" service.beta.kubernetes.io/aws-load-balancer-internal: "true" type: LoadBalancer port: 443 nodePort: 32443 -
Install and Verify.
Install the Helm chart as documented in the Terraform Enterprise installation guide. After the installation completes, you can verify that an internal load balancer was created. The
EXTERNAL-IPfield should containinternal-in its name.NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE terraform-enterprise LoadBalancer 172.20.222.85 internal-a3917a5474b594204af56ceb8075b7d2-1835929486.eu-north-1.elb.amazonaws.com 443:32390/TCP 2m5s
Additional Information
- For more information on load balancing in EKS, refer to the official AWS documentation on Application load balancing on Amazon EKS.
- For more details on the Terraform Enterprise Helm chart values, see the
values.yamlfile in the official repository.