Part3: Deploying a gaming application on an EKS cluster with ingress controller
Configuring alb-ingress-controller
Hello everyone. This is Part 3 of the series of blogs on deploying an application with an ingress controller.
In the previous blog, we deployed the application however we did not configure the ingress controller which will be done in this blog.
Let us check for the ingress resource that we created in the last blog
We can see that the address tab is empty, meaning that there is no external address that is assigned to this node through which it can be accessed from the external world.
We will be using an ingress controller to route the traffic into the cluster. There are a few steps to be followed to install this ingress-controller.
Integrate the OIDC provider with the EKS Cluster. Since the controller is also a kind of pod in k8s and needs access to other resources from the AWS, it will need IAM permission integrated. So, let us start with configuring the IAM OIDC provider.
eksctl utils associate-iam-oidc-provider --cluster gaming2048 --approve
Successfully integrated IAM OIDC provider
Once OIDC in integrated, we will create a Role for through with all the required IAM persmissions for this alb. Here, I am downloading a file that has all the necessary permission. This permission list is made readily available on the internet by Loadbalacer companies. All we have to do is downlad and configure it properly
curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.5.4/docs/install/iam_policy.json
Next, we shall create a role with all the above policies.
aws iam create-policy \ --policy-name AWSLoadBalancerControllerIAMPolicy \ --policy-document file://iam_policy.json
We shall create a service account and attach to the role.
eksctl create iamserviceaccount \ --cluster=gaming2048 \ --namespace=kube-system \ --name=aws-load-balancer-controller \ --role-name AmazonEKSLoadBalancerControllerRole \ --attach-policy-arn=arn:aws:iam::211125556539:policy/AWSLoadBalancerControllerIAMPolicy \ --approve
Let us now proceed with creation of alb contoller. This is done through a helm chart, which will use the above service account for runing the pod.
Add a helm repo with the resources for the controller but before that make sure that helm is installed and running
helm repo add eks https://aws.github.io/eks-charts
Update the helm
helm repo update eks
Next, install the alb-controller with the below command
helm install aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system \ --set clusterName=gaming2048 \ --set serviceAccount.create=false \ --set serviceAccount.name=aws-load-balancer-controller \ --set region=us-east-1 \ --set vpcId=vpc-050b1e93673dbfcf4
Let us check of this is successful with the below command
kubectl get all -n game-2048
Let us check in our console if alb is created
ALB successfully created and in active state.
Let us check if application is accessible via ALBs DNS name
Thus we have successfully deployed an application on an EKS cluster with ingress controller