External type of a load balancer #97
Description
Hi,
I tired to install the agent (101.1.6 )on the AWS EKS, following you officially guide. Everything works as expected, but I hit the problem when I tried to enable the SSH access. I installed the latest version (v1.6.2) of the EnvoyGateway, when enabling the ssh on a container-agent, the new load balancer is provisioned, the only problem is that this load balancer type is internal. Which means that I can assess the ssh of my hobs only form private AWS network.
After some digging in, I was manage to make it external with adding following annotations to the envoy-circleci-container-agent-ssh which gets automatically provisioned.
I added following annotations:
Annotations:
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
service.beta.kubernetes.io/aws-load-balancer-target-group-attributes: preserve_client_ip.enabled=true
After applying this, the type of the load balancer changes into internet-facing with the public ip and after that I am able to access the shh without any problems. Now I am wondering how can I set this annotations automatically when installing the container agent with the helm chart. I didn't find any option for this, or I am missing something?
Kind regards.
Rok