Configure an AWS Load Balancer to target an Autoscaling Group using terraform
3 min read | by Jordi Prats
It's quite convenient to be able to configure a AWS Load Balancer to target an Auto Scaling Group so we don't have to handle how instances are getting in and out of this load balancer. This can be done easily using terraform as follows
First we will have to create a SecurityGroup and the Load Balancer itself. We are going to use the AWS NLB (network load balancer) but configuring an ALB is quite similar. We'll have to set the load_balancer_type to application
resource "aws_security_group" "lb_access_sg" {
vpc_id = var.vpc_id
name = "LB SG"
description = "web access k3s"
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_lb" "k3s_lb" {
name = "k3s-lb"
load_balancer_type = "network"
security_groups = [ aws_security_group.lb_access_sg.id ]
subnets = var.subnet_ids
enable_cross_zone_load_balancing = true
}
Then, we need to configure the listener using the aws_lb_listener resource and the target group (the destination) without setting any actual targets:
resource "aws_lb_target_group" "k3s_master_http_tg" {
name = "http"
port = 80
protocol = "TCP"
vpc_id = var.vpc_id
health_check {
port = 80
protocol = "TCP"
}
lifecycle {
create_before_destroy = true
}
}
resource "aws_lb_listener" "k3s_lb_http" {
load_balancer_arn = aws_lb.k3s_lb.id
port = "80"
protocol = "TCP"
default_action {
target_group_arn = aws_lb_target_group.k3s_master_http_tg.id
type = "forward"
}
}
To attach the ASG to the target group we can use the target_group_arns property on the aws_autoscaling_group resource as follows:
resource "aws_autoscaling_group" "k3s_master_asg" {
name = "k3s_master_asg"
wait_for_capacity_timeout = "5m"
vpc_zone_identifier = var.subnet_ids
target_group_arns = [
aws_lb_target_group.k3s_master_http_tg.arn
]
lifecycle {
create_before_destroy = true
ignore_changes = [load_balancers]
}
mixed_instances_policy {
instances_distribution {
on_demand_base_capacity = var.k3s_master_on_demand_base_capacity
on_demand_percentage_above_base_capacity = var.k3s_master_on_demand_percentage_above_base_capacity
spot_allocation_strategy = "lowest-price"
}
launch_template {
launch_template_specification {
launch_template_id = aws_launch_template.k3s_lt.id
version = "$Latest"
}
dynamic "override" {
for_each = var.k3s_master_weighted_instance_types
content {
instance_type = override.key
weighted_capacity = override.value
}
}
}
}
desired_capacity = var.k3s_master_desired_capacity
min_size = var.k3s_master_min_capacity
max_size = var.k3s_master_max_capacity
health_check_grace_period = 300
health_check_type = "EC2"
force_delete = true
}
With this code we are going to create a new AWS NLB creating a listener for port 80 that's going to be redirected to the healthy instances the ASG has.
Posted on 04/05/2022