AWS EKS 部署ALB Ingress
- 已启动EKS集群, 如果还没请看这教程 https://www.pangzai.win/aws-%e5%88%9b%e5%bb%baeks%e9%9b%86%e7%be%a4/
2. 在EKS集群使用的subnet加入这个tag
参考文章: https://docs.aws.amazon.com/zh_cn/eks/latest/userguide/network-load-balancing.html
安装AWS负载均衡器控制器到EKS集群
3.下载IAM策略
curl -o iam_policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.2.0/docs/install/iam_policy.json4. 创建IAM策略
aws iam create-policy \
--policy-name AWSLoadBalancerControllerIAMPolicy \
--policy-document file://iam_policy.json5. 创建集群IAM OIDC身份提供商
eksctl utils associate-iam-oidc-provider --cluster yourClusterName --approve6.创建k8s账户并关联策略
将 my_cluster 替换为您的集群的名称,并将 111122223333 替换为您的账户 ID
eksctl create iamserviceaccount \
--cluster=my_cluster \
--namespace=kube-system \
--name=aws-load-balancer-controller \
--attach-policy-arn=arn:aws:iam::111122223333:policy/AWSLoadBalancerControllerIAMPolicy \
--override-existing-serviceaccounts \
--approve 7.配置kubectl以访问EKS
aws eks --region ap-southeast-1 update-kubeconfig --name YourClusterName使用 Helm V3 或更高版本或通过应用 Kubernetes 清单来安装AWS负载均衡器控制器。
8.安装 TargetGroupBinding 自定义资源定义。
kubectl apply -k "github.com/aws/eks-charts/stable/aws-load-balancer-controller/crds?ref=master"9.添加 eks-charts 存储库
helm repo add eks https://aws.github.io/eks-charts10. 更新您的本地存储库,以确保您拥有最新的图表。
helm repo update11. 安装AWS负载均衡器控制器。
helm upgrade -i aws-load-balancer-controller eks/aws-load-balancer-controller \
--set clusterName=cluster-name \
--set serviceAccount.create=false \
--set serviceAccount.name=aws-load-balancer-controller \
-n kube-system12. 验证控制器是否已安装。
kubectl get deployment -n kube-system aws-load-balancer-controller输出
NAME READY UP-TO-DATE AVAILABLE AGE
aws-load-balancer-controller 2/2 2 2 84s13. 这个yaml 文件可以让你尝试部署应用,aws-load-balancer-controller 部署完毕之后,ALB并不会自动创建,必须创建ingress之后相关的ALB才会创建
kubectl apply -f 你的yaml文件.yaml---
apiVersion: v1
kind: Namespace
metadata:
name: testgame
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: testgame-www-ingress1
namespace: testgame
annotations:
#可以自定义你的ALB名字
alb.ingress.kubernetes.io/load-balancer-name: yourALBName
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 443},{"HTTPS": 80}]'
#你的ACM SSL证书
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:ap-southeast-1:XXXXXXXXXXXXXX
#强制调整https
alb.ingress.kubernetes.io/ssl-redirect: '443'
spec:
rules:
- host: test1.pangzai.win
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: testgame-www-service
port:
number: 80
---
apiVersion: v1
kind: Service
metadata:
name: testgame-www-service
namespace: testgame
spec:
selector:
app: testgame_www_app
ports:
- name: "8080www"
protocol: TCP
port: 80
targetPort: 80
clusterIP: None
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: testgame-www-deployment
namespace: testgame
spec:
replicas: 2
selector:
matchLabels:
app: testgame_www_app
template:
metadata:
labels:
app: testgame_www_app
spec:
containers:
- name: testgame-www-container
image: alexwhen/docker-2048
imagePullPolicy: Always
ports:
- containerPort: 80
name: port80test
---参考文档
https://www.modb.pro/db/181164
https://docs.aws.amazon.com/zh_cn/eks/latest/userguide/aws-load-balancer-controller.html、
Facebook评论