EKSのIngressチュートリアルをそのままやります
ポリシードキュメントをダウンロード
|
1 2 |
curl -O https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/iam-policy.json |
ポリシー作成
|
1 2 3 |
aws iam create-policy \ --policy-name ALBIngressControllerIAMPolicy \ --policy-document file://iam-policy.json |
ワーカーノード用のIAMポリシーを作成
|
1 |
kubectl -n kube-system describe configmap aws-auth |
出力結果
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
Name: aws-auth Namespace: kube-system Labels: <none> Annotations: <none> Data ==== mapRoles: ---- - groups: - system:bootstrappers - system:nodes rolearn: arn:aws:iam::241161305159:role/eksctl-aaa-nodegroup -standard-wor-NodeInstanceRole-16F3YCW1WRZHL username: system:node:{{EC2PrivateDNSName}} mapUsers: ---- [] Events: <none> |
ポリシーをアタッチ
|
1 2 3 4 5 |
aws iam attach-role-policy \ --policy-arn arn:aws:iam::241161305159:policy/ ALBIngressControllerIAMPolicy \ --role-name eksctl-aaa-nodegroup-standard-wor-NodeInstanceRole -16F3YCW1WRZHL |
ALB Ingress Controllerで使用するサービスアカウント、クラスタロールなどを作成
|
1 2 |
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/rbac-role.yaml |
出力結果
|
1 2 3 4 5 |
ocs/examples/rbac-role.yaml clusterrole.rbac.authorization.k8s.io/alb-ingress-controller created clusterrolebinding.rbac.authorization.k8s.io/alb-ingress-controller created serviceaccount/alb-ingress-controller created |
ALB Ingress Controllerのデプロイ
|
1 2 3 |
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/alb-ingress -controller.yaml |
出力結果
|
1 2 |
ocs/examples/alb-ingress-controller.yaml deployment.apps/alb-ingress-controller created |
マニュフェスト編集
|
1 |
kubectl edit deployment.apps/alb-ingress-controller -n kube-system |
以下を編集
|
1 2 3 4 5 6 7 |
spec: containers: - args: - --ingress-class=alb - --cluster-name=aaa - --aws-vpc-id=vpc-0fd48cbe5ca3fc533 - --aws-region=us-east-2 |
サンプルアプリケーションデプロイ
|
1 2 3 4 5 6 7 8 9 10 |
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-namespace. yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-deployment. yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-service.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-ingress.yaml |
デプロイ確認
|
1 |
kubectl get ingress/2048-ingress -n 2048-game |
出力結果
|
1 2 3 |
NAME HOSTS ADDRESS PORTS AGE 2048-ingress * f007732d-2048game-2048ingr-6fa0-419251603. us-east-2.elb.amazonaws.com 80 117s |
アプリケーションの画面
アプリケーション削除
|
1 2 3 4 5 6 7 8 9 10 |
kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-ingress.yaml kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-service.yaml kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-deployment. yaml kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/ aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-namespace. yaml |
感想
むずい。わからない・・