This guide walks you through building Amazon EKS with AWS Fargate to run your nginx deployment and service with alb-ingress-controller.
-
create the cluster with eksctl
$ eksctl --region ap-northeast-1 create cluster --name eks-fargate-cluster --fargate
-
create iam oidc provider and associate with this cluster
$ eksctl --region ap-northeast-1 \
utils associate-iam-oidc-provider \
--cluster eks-fargate-cluster \
--approve
- download the policy JSON document
$ curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.4/docs/examples/iam-policy.json
- create the IAM policy from the JSNO document
$ aws iam create-policy \
--policy-name ALBIngressControllerIAMPolicy \
--policy-document file://iam-policy.json
- create a service account(alb-ingress-controller) for this cluster and attach the policy we just created to this service account
$ eksctl --region ap-northeast-1 \
create iamserviceaccount \
--name alb-ingress-controller \
--namespace kube-system \
--cluster eks-fargate-cluster \
--attach-policy-arn arn:aws:iam::112233445566:policy/ALBIngressControllerIAMPolicy \
--approve
- Create a service account, cluster role, and cluster role binding for the ALB Ingress Controller to use with the following command.
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.4/docs/examples/rbac-role.yaml
- run the nginx deployment and service
- download the
alb-ingress-controller.yaml
$ wget https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.4/docs/examples/alb-ingress-controller.yaml
edit the yaml and update the following arguments
- --cluster-name=eks-fargate-cluster
- --aws-vpc-id=vpc-xxxxxxxxxxxx
- --aws-region=ap-northeast-1
And make sure to specify the ip
target-type
- deploy the alb-ingress-controller now
$ kubectl apply -f alb-ingress-controller.yaml
- deploy the ingress object
$ kubectl apply -f nginx-ingress.yaml
- lookup the alb-ingress-controller pod name and watch its logs
# lookup the pod id
kubectl get po -A | grep alb-ingress
# logs -f to watch the pod logs. Make sure you specify correct pod name
kubectl -n kube-system logs -f po/alb-ingress-controller-78cb78cffb-ddkj8
- Now describe the ingress object to find out the ALB DNS name and curl the ALB
You will see the welcome message from nginx.
kubectl delete -f nginx-deploy-svc.yaml
kubectl delete -f nginx-ingress.yaml
kubectl delete -f alb-ingress-controller.yaml
eksctl --region ap-northeast-1 delete cluster --name eks-fargate-cluster