Amazon EKS on Fargate - ALB (AWS Load Balancer Controller)

はじめに

Amazon EKS on Fargate - NLB (AWS Load Balancer Controller) を紹介しました。

今回は、Amazon EKS on Fargate on ALB (AWS Load Balancer Controller) です。

ポイント

• Kubernetes Ingress を作成すると、AWS Load Balancer Controller は ALB を作成します。

• ingressClassName を alb に設定することで、AWS Load Balancer Controller がこの Ingress リソースを処理することを指示する。

apiVersion: networking.k8s.io/v1
kind: Ingress

spec:
  ingressClassName: alb

Demo

前提

前回の記事、Amazon EKS on Fargate on NLB (AWS Load Balancer Controller) を参考に次のリソースを作成します。

• cluster
• IAM と ServiceAccount
• aws-load-balancer-controller

Deployment,Service,Ingress

nginx-deploy-svc-ingress.yaml

apiVersion: apps/v1
kind: Deployment

metadata:
  name: nginx-deployment
  namespace: default

spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: public.ecr.aws/nginx/nginx:latest
        ports:
        - containerPort: 80

---
apiVersion: v1
kind: Service

metadata:
  name: nginx-service
  namespace: default

spec:
  ports:
    - port: 80
      targetPort: 80
      protocol: TCP
  type: NodePort
  selector:
    app: nginx

---
apiVersion: networking.k8s.io/v1
kind: Ingress

metadata:
  name: nginx-ingress
  namespace: default
  annotations:
    alb.ingress.kubernetes.io/scheme: internal
    alb.ingress.kubernetes.io/target-type: ip

spec:
  ingressClassName: alb
  rules:
    - http:
        paths:
        - path: /
          pathType: Prefix
          backend:
            service:
              name: nginx-service
              port:
                number: 80

# nginx-deploy-svc-ingress.yaml を apply
kubectl apply -f nginx-deploy-svc-ingress.yaml 
    deployment.apps/nginx-deployment created
    service/nginx-service created
    ingress.networking.k8s.io/nginx-ingress created

# Deployment,Replicaset,pod,Service,Ingress が作成されていることを確認
kubectl get deploy,rs,pod,svc,ingress -o wide
    NAME                               READY   UP-TO-DATE   AVAILABLE   AGE     CONTAINERS   IMAGES                              SELECTOR
    deployment.apps/nginx-deployment   1/1     1            1           3m10s   nginx        public.ecr.aws/nginx/nginx:latest   app=nginx
    
    NAME                                          DESIRED   CURRENT   READY   AGE     CONTAINERS   IMAGES                              SELECTOR
    replicaset.apps/nginx-deployment-7dd74d45b5   1         1         1       3m10s   nginx        public.ecr.aws/nginx/nginx:latest   app=nginx,pod-template-hash=7dd74d45b5
    
    NAME                                    READY   STATUS    RESTARTS   AGE     IP                NODE                                                         NOMINATED NODE   READINESS GATES
    pod/nginx-deployment-7dd74d45b5-fqjk2   1/1     Running   0          3m10s   192.168.133.107   fargate-ip-192-168-133-107.ap-northeast-1.compute.internal   <none>           <none>
    
    NAME                    TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE     SELECTOR
    service/nginx-service   NodePort    10.100.18.57   <none>        80:32367/TCP   3m11s   app=nginx
    
    NAME                                      CLASS   HOSTS   ADDRESS                                                                               PORTS   AGE
    ingress.networking.k8s.io/nginx-ingress   alb     *       internal-k8s-default-nginxing-3f958c62e3-123456789.ap-northeast-1.elb.amazonaws.com   80      3m10s

# Service の詳細を確認
kubectl describe svc nginx-service 
    Name:                     nginx-service
    Namespace:                default
    Labels:                   <none>
    Annotations:              <none>
    Selector:                 app=nginx
    Type:                     NodePort
    IP Family Policy:         SingleStack
    IP Families:              IPv4
    IP:                       10.100.18.57
    IPs:                      10.100.18.57
    Port:                     <unset>  80/TCP
    TargetPort:               80/TCP
    NodePort:                 <unset>  32367/TCP
    Endpoints:                192.168.133.107:80
    Session Affinity:         None
    External Traffic Policy:  Cluster
    Events:                   <none>

# Ingeress の詳細を確認
kubectl describe ingress nginx-ingress
    Name:             nginx-ingress
    Labels:           <none>
    Namespace:        default
    Address:          internal-k8s-default-nginxing-3f958c62e3-123456789.ap-northeast-1.elb.amazonaws.com
    Ingress Class:    alb
    Default backend:  <default>
    Rules:
      Host        Path  Backends
      ----        ----  --------
      *           
                  /   nginx-service:80 (192.168.133.107:80)
    Annotations:  alb.ingress.kubernetes.io/scheme: internal
                  alb.ingress.kubernetes.io/target-type: ip
    Events:
      Type    Reason                  Age   From     Message
      ----    ------                  ----  ----     -------
      Normal  SuccessfullyReconciled  10m   ingress  Successfully reconciled

動作確認

内部にEC2インスタンスをたて、curl を実行

curl internal-k8s-default-nginxing-3f958c62e3-123456789.ap-northeast-1.elb.amazonaws.com
    <!DOCTYPE html>
    <html>
    <head>
    <title>Welcome to nginx!</title>
    <style>
    html { color-scheme: light dark; }
    body { width: 35em; margin: 0 auto;
    font-family: Tahoma, Verdana, Arial, sans-serif; }
    </style>
    </head>
    <body>
    <h1>Welcome to nginx!</h1>
    <p>If you see this page, the nginx web server is successfully installed and
    working. Further configuration is required.</p>
    
    <p>For online documentation and support please refer to
    <a href="http://nginx.org/">nginx.org</a>.<br/>
    Commercial support is available at
    <a href="http://nginx.com/">nginx.com</a>.</p>
    
    <p><em>Thank you for using nginx.</em></p>
    </body>
    </html>

参考