In this tutorial, I'll show you how to build EKS cluster with ingress controller on AWS easily.
- AWS region all use ap-southeast-2 (Sydney)
- AWS Load Balancer Controller refers to the latest one (2.4.2): https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html
aws configure
or edit your credentials file, it's under ~/.aws/credentials or use AWS SSO
remember to set the default region to ap-southeast-2
notice! use kubectl 1.22, because eksctl is 1.22, the kubectl and eksctl version can't exceed -1/1 version https://docs.aws.amazon.com/eks/latest/userguide/install-kubectl.html
https://docs.aws.amazon.com/eks/latest/userguide/eksctl.html
https://www.eksworkshop.com/beginner/060_helm/helm_intro/install/index.html
eksctl create cluster --name eks-demo-cluster --nodegroup-name linux-nodes --node-type t2.medium --nodes 2 --nodes-min 2 --nodes-max 4 --region ap-southeast-2 --zones=ap-southeast-2a,ap-southeast-2b,ap-southeast-2c
eksctl get cluster --name eks-demo-cluster --region ap-southeast-2
eksctl utils associate-iam-oidc-provider --region ap-southeast-2 --cluster eks-demo-cluster --approve
aws iam create-policy --policy-name AWSLoadBalancerControllerIAMPolicy --policy-document file://iam_policy.json
you'll get the result like this:
{
"Policy": {
"PolicyName": "AWSLoadBalancerControllerIAMPolicy",
"PolicyId": "ANPAWTSYI5EPMJ5DXBTMO",
"Arn": "arn:aws:iam::12345678:policy/AWSLoadBalancerControllerIAMPolicy",
"Path": "/",
"DefaultVersionId": "v1",
"AttachmentCount": 0,
"PermissionsBoundaryUsageCount": 0,
"IsAttachable": true,
"CreateDate": "2022-06-22T10:01:22Z",
"UpdateDate": "2022-06-22T10:01:22Z"
}
}
Arn will use in next step "Arn": "arn:aws:iam::12345678:policy/AWSLoadBalancerControllerIAMPolicy",
in --attach-policy-arn=, replace the arn you get in previous step
eksctl create iamserviceaccount --cluster=eks-demo-cluster --namespace=kube-system --name=aws-load-balancer-controller --role-name "AmazonEKSLoadBalancerControllerRole" --attach-policy-arn=arn:aws:iam::12345678:policy/AWSLoadBalancerControllerIAMPolicy --approve
helm repo add eks https://aws.github.io/eks-charts
Configure AWS LB controller(Load Balancer controller, old name is AWS ALB ingress controller) to sit infront of Ingress
helm install aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=eks-demo-cluster --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller
helm upgrade -i aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=eks-demo-cluster --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.2/docs/examples/2048/2048_full.yaml
kubectl get pods --all-namespaces
kubectl get ingress/ingress-2048 -n game-2048
you'll see
NAME CLASS HOSTS ADDRESS PORTS AGE
ingress-2048 alb * k8s-game2048-ingress2-a91471f868-1855553634.ap-southeast-2.elb.amazonaws.com 80 29s
in browser open url: k8s-game2048-ingress2-a91471f868-1855553634.ap-southeast-2.elb.amazonaws.com
success!
eksctl delete cluster --name eks-demo-cluster --region ap-southeast-2
go to your aws dashboard
remove these in order
- remove LB first
- security group
- VPC
- cloudformation stack