Hello everyone. This is Part 3 of the series of blogs on deploying an application with an ingress controller.

In the previous blog, we deployed the application however we did not configure the ingress controller which will be done in this blog.

Let us check for the ingress resource that we created in the last blog

We can see that the address tab is empty, meaning that there is no external address that is assigned to this node through which it can be accessed from the external world.

We will be using an ingress controller to route the traffic into the cluster. There are a few steps to be followed to install this ingress-controller.

1. Integrate the OIDC provider with the EKS Cluster. Since the controller is also a kind of pod in k8s and needs access to other resources from the AWS, it will need IAM permission integrated. So, let us start with configuring the IAM OIDC provider.

    eksctl utils associate-iam-oidc-provider --cluster gaming2048 --approve
   

   

   Successfully integrated IAM OIDC provider

2. Once OIDC in integrated, we will create a Role for through with all the required IAM persmissions for this alb. Here, I am downloading a file that has all the necessary permission. This permission list is made readily available on the internet by Loadbalacer companies. All we have to do is downlad and configure it properly

    curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.5.4/docs/install/iam_policy.json
   

   

3. Next, we shall create a role with all the above policies.

    aws iam create-policy \
        --policy-name AWSLoadBalancerControllerIAMPolicy \
        --policy-document file://iam_policy.json
   

   

4. We shall create a service account and attach to the role.

    eksctl create iamserviceaccount \
      --cluster=gaming2048 \         
      --namespace=kube-system \
      --name=aws-load-balancer-controller \
      --role-name AmazonEKSLoadBalancerControllerRole \
      --attach-policy-arn=arn:aws:iam::211125556539:policy/AWSLoadBalancerControllerIAMPolicy \
      --approve
   

   

5. Let us now proceed with creation of alb contoller. This is done through a helm chart, which will use the above service account for runing the pod.

   1. Add a helm repo with the resources for the controller but before that make sure that helm is installed and running

       helm repo add eks https://aws.github.io/eks-charts
      

      

   2. Update the helm

        helm repo update eks
      

      

   3. Next, install the alb-controller with the below command

       helm install aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system \ 
         --set clusterName=gaming2048 \
         --set serviceAccount.create=false \
         --set serviceAccount.name=aws-load-balancer-controller \
         --set region=us-east-1 \
         --set vpcId=vpc-050b1e93673dbfcf4
      

      

6. Let us check of this is successful with the below command

    kubectl get all -n game-2048
   

   

7. Let us check in our console if alb is created

   

   ALB successfully created and in active state.

8. Let us check if application is accessible via ALBs DNS name

   

   

Thus we have successfully deployed an application on an EKS cluster with ingress controller