Skip to main content
Nauman Munir
Back to Projects
Case StudyE-commerceInfrastructure as CodeCloud Networking & DNS Management

AWS Load Balancer Controller - Ingress Groups for VividCart Solutions

AMJ Cloud Technologies deployed Ingress Groups with the AWS Load Balancer Controller on EKS for VividCart Solutions, merging multiple Ingress resources into a single ALB for secure e-commerce microservices.

4 min read
1 month

Technologies

AWS EKSAWS Load Balancer ControllerKubernetes IngressExternal DNSApplication Load BalancerAWS Route 53AWS Certificate Manager

Challenges

Multiple ALB OverheadComplex Ingress ManagementManual DNS Configuration

Solutions

Ingress Group ConsolidationSSL-Enabled IngressAutomated Route 53 DNS

Key Results

Unified high-traffic microservices under a single ALB

scalability achievement

Fully automated Ingress and DNS setup

automation level

Enforced HTTPS with ACM certificates and health checks

security improvement

Deploying Ingress Groups for VividCart Solutions

AMJ Cloud Technologies partnered with VividCart Solutions, an e-commerce company, to enhance their AWS Elastic Kubernetes Service (EKS) cluster by implementing the Ingress Groups feature of the AWS Load Balancer Controller. This project consolidated multiple Ingress resources for VividCart’s microservices (frontend, backend, and default interfaces) into a single Application Load Balancer (ALB), reducing overhead and simplifying management. Integrated with External DNS and Route 53, the solution ensured secure, scalable access with HTTPS redirection, replacing multiple ALBs and manual DNS configurations.

Situation

VividCart Solutions needed to streamline their e-commerce platform’s networking infrastructure. Their existing setup used separate Ingress resources, each creating its own ALB, leading to increased costs and management complexity. AMJ was tasked with using Ingress Groups to merge three Ingress resources (for /frontend, /backend, and default paths) into a single ALB, automating DNS registration for ingress-groups-demo.vividcartsolutions.com and enforcing HTTPS for secure access.

Task

The objectives were to:

  • Configure three Ingress manifests with Ingress Group annotations to merge into a single ALB.
  • Assign group orders to prioritize routing (frontend: 10, backend: 20, default: 30).
  • Deploy and verify Kubernetes manifests for microservices and Ingress resources.
  • Automate Route 53 DNS record creation using External DNS.
  • Enforce HTTPS redirection and verify health checks.
  • Test application access via the unified DNS name (ingress-groups-demo.vividcartsolutions.com).
  • Complete the project within one month.

Action

Our team executed the following steps, adhering to AWS and Kubernetes best practices:

Prerequisites

  • Used VividCart’s existing EKS cluster (ecommerce-cluster, version 1.31) with the AWS Load Balancer Controller (v2.8.0) installed: 
    helm install load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=ecommerce-cluster --set image.tag=v2.8.0
  • Installed External DNS on the EKS cluster: 
    helm install external-dns external-dns/external-dns -n kube-system --set provider=aws --set aws.region=us-east-1

Configure IngressClass

  • Used the existing default IngressClass: 
    apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  name: alb-ingress-class
  annotations:
    ingressclass.kubernetes.io/is-default-class: "true"

Deploy Microservices

  • Deployed VividCart’s microservices (frontend, backend, default) with NodePort Services: 
    apiVersion: v1
kind: Service
metadata:
  name: frontend-service
  annotations:
    alb.ingress.kubernetes.io/healthcheck-path: /frontend/index.html
spec:
  type: NodePort
  ports:
    - port: 80
  • Applied similar configurations for backend-service (/backend/index.html) and default-service (/index.html) using files frontend-deployment.yaml, backend-deployment.yaml, and default-deployment.yaml.

Configure Ingress with Group Annotations

  • Configured three Ingress manifests with Ingress Group annotations: 
    apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: frontend-ingress
  annotations:
    alb.ingress.kubernetes.io/load-balancer-name: ecommerce-ingress
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}, {"HTTP":80}]'
    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:<account-id>:certificate/<certificate-id>
    alb.ingress.kubernetes.io/ssl-redirect: "443"
    alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
    alb.ingress.kubernetes.io/healthcheck-interval-seconds: "15"
    alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "5"
    alb.ingress.kubernetes.io/success-codes: "200"
    alb.ingress.kubernetes.io/healthy-threshold-count: "2"
    alb.ingress.kubernetes.io/unhealthy-threshold-count: "2"
    external-dns.alpha.kubernetes.io/hostname: ingress-groups-demo.vividcartsolutions.com
    alb.ingress.kubernetes.io/group.name: ecommerce.web
    alb.ingress.kubernetes.io/group.order: "10"
spec:
  ingressClassName: alb-ingress-class
  rules:
    - http:
        paths:
          - path: /frontend
            pathType: Prefix
  • Configured similar Ingress manifests for backend-ingress (group order: 20, path: /backend) and default-ingress (group order: 30, default backend) in files frontend-ingress.yaml, backend-ingress.yaml, and default-ingress.yaml.
  • Applied manifests: 
    kubectl apply -R -f manifests/

Deploy and Verify

  • Verified Kubernetes resources: 
    kubectl get ingress
kubectl get deploy,pods,svc
  • Confirmed three Ingress resources share the same ALB address.
  • Checked External DNS logs for Route 53 record creation: 
    kubectl logs -f $(kubectl get po -n kube-system | egrep -o 'external-dns[A-Za-z0-9-]+')
  • Verified Route 53 record set for ingress-groups-demo.vividcartsolutions.com in the AWS Console.
  • Confirmed ALB routing rules for /frontend, /backend, and default backend in the AWS Console (EC2 > Load Balancers).

Test Application Access

  • Performed DNS resolution test: 
    nslookup ingress-groups-demo.vividcartsolutions.com
  • Verified HTTPS access (HTTP redirects to HTTPS): 
    https://ingress-groups-demo.vividcartsolutions.com/frontend/index.html
https://ingress-groups-demo.vividcartsolutions.com/backend/index.html
https://ingress-groups-demo.vividcartsolutions.com/

Result

The project delivered a streamlined, secure solution for VividCart Solutions:

  • Scalability Achievement: Unified high-traffic microservices under a single ALB, reducing overhead.
  • Automation Level: Fully automated Ingress Group and DNS setup via External DNS and Kubernetes manifests.
  • Security Improvement: Enforced HTTPS with ACM certificates, health checks, and restricted IAM permissions.

Technologies Used

  • AWS EKS
  • AWS Load Balancer Controller
  • Kubernetes Ingress
  • External DNS
  • Application Load Balancer
  • AWS Route 53
  • AWS Certificate Manager

Key Takeaways

This case study highlights AMJ Cloud Technologies’ expertise in optimizing VividCart Solutions’ e-commerce platform with Ingress Groups. Consolidating multiple Ingress resources into a single ALB simplified management, while External DNS and Route 53 integration ensured secure, scalable access, offering a model for similar industries.

Need a Similar Solution?

I can help you design and implement similar cloud infrastructure and DevOps solutions for your organization.

Let's Discuss Your ProjectView More Projects