Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot find Subnets #750

Closed
AdeOpe opened this issue Nov 26, 2018 · 2 comments
Closed

Cannot find Subnets #750

AdeOpe opened this issue Nov 26, 2018 · 2 comments

Comments

@AdeOpe
Copy link

AdeOpe commented Nov 26, 2018

Hi,
I'm new to using the aws-alb-ingress-controller.
I am probably doing something wrong but it seems that version
894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-alb-ingress-controller:v1.0.0

is not respecting subnet values or the subnet tags for Internet facing ALB.
(please note: the internal ALB working perfectly)

I get the following error:

E1126 07:36:59.033715 1 :0] kubebuilder/controller "msg"="Reconciler error" "error"="failed to build LoadBalancer configuration due to retrieval of subnets failed to resolve 2qualified subnets. Subnets must contain the kubernetes.io/cluster/\u003ccluster name\u003etag with a value of shared or owned and the kubernetes.io/role/internal-elb tag signifyingit should be used for ALBs Additionally, there must be at least 2 subnets with unique availability zones as required by ALBs. Either tag subnets to meet this requirement or use the subnets annotation on the ingress resource to explicitly call out what subnets to use for ALB creation. The subnets that did resolve were []" "Controller"="alb-ingress-controller" "Request"={"Namespace":"default","Name":"grafana-ingress"}

However I have set the subnet values in the ingress yaml

apiVersion: extensions/v1beta1 kind: Ingress metadata: name: "grafana-ingress" namespace: "default" annotations: alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/success-codes: 302 alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-2016-08 kubernetes.io/ingress.class: "alb" alb.ingress.kubernetes.io/subnets: subnet-xxxx,subnet-xxxxx labels: app: grafana-ingress spec: rules: - http: paths: - path: /* backend: serviceName: "grafana-ingress" servicePort: 80

And I also set the tags on both of my 2 public subnets to

kubernetes.io/cluster/terraform-eks-demo | shared
kubernetes.io/role/elb | 1

i'm pretty sure, i am doing something wrong, so apologies if the answer is painfully obvious
@M00nF1sh
Copy link
Collaborator

M00nF1sh commented Nov 27, 2018
edited
Loading

Hi, it's an mistake in our docs.

You should specify
alb.ingress.kubernetes.io/success-codes: '302' instead of alb.ingress.kubernetes.io/success-codes: 302.

Docs have been updated, sorry for the trouble caused 😄

@AdeOpe
Copy link
Author

AdeOpe commented Nov 27, 2018
edited
Loading

haha, its works like magic!
thanks for getting back to me.

:D haha i spent time on implementing reverse proxy using oauth2_proxy
https://github.com/bitly/oauth2_proxy
and using ELB.
(even opened a ticket with them to update their readme with the integration steps bitly/oauth2_proxy#674 since I dont have permissions to check in my feature branch)

But i will revert back to aws-alb-ingress-controller.
and i will script the oidc setup using the AWS CLI, since you currently do not support it.

but thats a different ticket
#592

anyways thank you @M00nF1sh

@AdeOpe AdeOpe closed this as completed Nov 27, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AdeOpe @M00nF1sh