Can I use an Application Load Balancer as my entry point, instead of an Internet Gateway?
I'm looking at this architecture diagram:
My ultimate goal is to deploy an ECS/Fargate cluster on AWS. My question is probably a bit dumb, but still need to ask it:
Why do I need an internet gateway and why can't I use the ALB as an entry point to my cluster? More specifically, I seem to remember that with EKS a service can be created with the LoadBalancer type, and then AWS automatically creates a load balancer to expose it to the world.
Could you enlighten me a little please?
Why do I need an internet gateway and why can't I use the ALB as an entry point to my cluster?
From the docs:
For VPC, select the VPC that you used for your EC2 instances. If you selected Internet-facing for Scheme, only VPCs with an internet gateway are available for selection.
In AWS networking model, both external and internal interfaces of the ALB are inside the VPC.
You can totally use the ALB as an entry point to your cluster, but the internet gateway is what routes the traffic between the external interface and the internet, so it has to be there.