- Create an EC2 instance using aws console (ubuntu t2.micro) and download the private key
- Name the private key file ec2-control.pem.
- Move that file to home folder.
mv <path to the private key file> ~
- Restrict all of the permissions of that file except read.
chmod 400 ~/ec2-control.pem - SSH into ec2 instance using that private key file.
Note: ip is the IPv4 address of Ec2 instance. This can be copied from the aws console.
ssh -i ~/ec2-control.pem ubuntu@<ip>
- In the EC2 install aws-cli, eksctl, kubectl and helm.
- Log into aws-cli using IAM user (using IAM user with restricted permissions is recommended)
aws configure
- Create cluster using eksctl cli with all the configurations and fargate profiles in the cluster-config.yml file.
eksctl create cluster -f cluster-config.yml
For more info: https://eksctl.io/usage/fargate-support/
- Configure kubectl to access the created cluster:
aws eks update-kubeconfig --region region-code --name cluster-name
- Check the configuration using:
Output
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE svc/kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 1m
-
Create IAM OIDC provider:
eksctl utils associate-iam-oidc-provider \ --region ${AWS_REGION} \ --cluster ${CLUSTER_NAME} \ --approve
-
Download IAM policy for load-balancer (excluding us-east)
curl -o iam_policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.1/docs/install/iam_policy.json
-
Create a policy called AWSLoadBalancerControllerIAMPolicy
aws iam create-policy \ --policy-name AWSLoadBalancerControllerIAMPolicy \ --policy-document file://iam_policy.json
-
Create IAM service account
eksctl create iamserviceaccount \ --cluster=${CLUSTER_NAME} \ --namespace=kube-system \ --name=aws-load-balancer-controller \ --role-name "AmazonEKSLoadBalancerControllerRole" \ --attach-policy-arn=arn:aws:iam::${ACCOUNT_ID}:policy/AWSLoadBalancerControllerIAMPolicy \ --approve
-
Annotate your service account
kubectl annotate serviceaccount -n kube-system aws-load-balancer-controller \ eks.amazonaws.com/sts-regional-endpoints=true
- Add the eks-charts repository.
helm repo add eks https://aws.github.io/eks-charts
- Update local repo
helm repo update
- Install the AWS Load Balancer Controller
helm install aws-load-balancer-controller eks/aws-load-balancer-controller \ -n kube-system \ --set clusterName=cluster-name \ --set serviceAccount.create=false \ --set serviceAccount.name=aws-load-balancer-controller \ --set region=region-code --set vpcId=vpc-xxxxxxxx
- Verify that controller is installed successfully
Output
kubectl get deployment -n kube-system aws-load-balancer-controller
NAME READY UP-TO-DATE AVAILABLE AGE aws-load-balancer-controller 2/2 2 2 34s
- Create config-map.yml file
nano config-map.yml
- Copy the contents of config-map.yml, write your environment variables under data section save the file (Ctrl+X).
- Apply the file using kubectl.
kubectl apply -f config-map.yml
- Create a file named nginx.yml and open it in text editor.
nano nginx.yml
- Copy the contents of nginx.yml and make necessary changes according to your application.
- Apply this file using kubectl
kubectl apply -f nginx.yml
- Check the service and deployments using kubectl.
For a particular namespace
kubectl get <service/deployment> --all-namespaces
kubectl get <service/deployment> -namespace <namespace>
- Create ingress.yml and copy the contents of ingress.yml in it.
nano ingress.yml
- Apply this ingress file using kubectl.
kubectl apply -f ingress.yml
- Check the ingress controller is running and get the url for the application.
Output
kubectl get ingress --all-namespaces
NAMESPACE NAME CLASS HOSTS ADDRESS PORTS AGE default ingress-backend <none> * k8s-default-ingressb-2d7bfa3e15-213467671.eu-west-3.elb.amazonaws.com 80 2d10h