Help us understand the problem. What is going on with this article?

Amazon EKSのALB Ingress Controllerをデプロイする

EKSのIngressチュートリアルをそのままやります

ポリシードキュメントをダウンロード

curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/iam-policy.json

ポリシー作成

aws iam create-policy \
--policy-name ALBIngressControllerIAMPolicy \
--policy-document file://iam-policy.json

ワーカーノード用のIAMポリシーを作成

kubectl -n kube-system describe configmap aws-auth

出力結果

Name:         aws-auth
Namespace:    kube-system
Labels:       <none>
Annotations:  <none>

Data
====
mapRoles:
----
- groups:
  - system:bootstrappers
  - system:nodes
  rolearn: arn:aws:iam::241161305159:role/eksctl-aaa-nodegroup-standard-wor-NodeInstanceRole-16F3YCW1WRZHL
  username: system:node:{{EC2PrivateDNSName}}

mapUsers:
----
[]

Events:  <none>

ポリシーをアタッチ

aws iam attach-role-policy \
--policy-arn arn:aws:iam::241161305159:policy/ALBIngressControllerIAMPolicy \
--role-name eksctl-aaa-nodegroup-standard-wor-NodeInstanceRole-16F3YCW1WRZHL

ALB Ingress Controllerで使用するサービスアカウント、クラスタロールなどを作成

kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/rbac-role.yaml

出力結果

ocs/examples/rbac-role.yaml
clusterrole.rbac.authorization.k8s.io/alb-ingress-controller created
clusterrolebinding.rbac.authorization.k8s.io/alb-ingress-controller created
serviceaccount/alb-ingress-controller created

ALB Ingress Controllerのデプロイ

kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/alb-ingress-controller.yaml

出力結果

ocs/examples/alb-ingress-controller.yaml
deployment.apps/alb-ingress-controller created

マニュフェスト編集

kubectl edit deployment.apps/alb-ingress-controller -n kube-system

以下を編集

    spec:
      containers:
      - args:
        - --ingress-class=alb
        - --cluster-name=aaa
        - --aws-vpc-id=vpc-0fd48cbe5ca3fc533
        - --aws-region=us-east-2

サンプルアプリケーションデプロイ

kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-namespace.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-deployment.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-service.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-ingress.yaml

デプロイ確認

kubectl get ingress/2048-ingress -n 2048-game

出力結果

NAME           HOSTS   ADDRESS                                                                 PORTS   AGE
2048-ingress   *       f007732d-2048game-2048ingr-6fa0-419251603.us-east-2.elb.amazonaws.com   80      117s

アプリケーションの画面

image.png

アプリケーション削除

kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-ingress.yaml
kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-service.yaml
kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-deployment.yaml
kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-namespace.yaml

感想

むずい。わからない・・

Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
No comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
ユーザーは見つかりませんでした