[go: up one dir, main page]
Scribd
Upload
18 views3 pages

Bash Commands

This document outlines the steps to install the AWS Load Balancer Controller using both manifest and Helm methods, including necessary commands and configurations. It also provides instructions for creating an EKS cluster, setting up IAM policies, and installing Certificate Manager. Additionally, it details how to modify and apply the ALB controller manifest for deployment in the EKS environment.

Uploaded by

piyush
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
18 views3 pages

Bash Commands

This document outlines the steps to install the AWS Load Balancer Controller using both manifest and Helm methods, including necessary commands and configurations. It also provides instructions for creating an EKS cluster, setting up IAM policies, and installing Certificate Manager. Additionally, it details how to modify and apply the ALB controller manifest for deployment in the EKS environment.

Uploaded by

piyush
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

For manifest method follow these steps:

https://docs.aws.amazon.com/eks/latest/userguide/lbc-manifest.html

For helm method, follow the following steps

helm repo add eks https://aws.github.io/eks-charts


helm repo update eks

helm install aws-load-balancer-controller eks/aws-load-balancer-controller \


-n kube-system \
--set clusterName=my-cluster \
--set serviceAccount.create=false \
--set serviceAccount.name=aws-load-balancer-controller

add these opetions if needed --set region=region-code and --set vpcId=vpc-xxxxxxxx

To check if the controller is installed


kubectl get deployment -n kube-system aws-load-balancer-controller

C:\ProgramData\chocolatey\lib\kubernetes-helm\tools
C:\Users\PIYUSH PATIL\AppData\Local\Temp\chocolatey\kubernetes-helm\3.14.2\helm-
v3.14.2-windows-amd64.zip

#script to automate the process of creating the AWS ES cluster

eksctl create cluster --name=my-eks-cluster --region=ap-south-1 --zones=ap-south-


1a,ap-south-1b --without-nodegroup --node-private-networking
eksctl utils associate-iam-oidc-provider --region ap-south-1 --cluster my-eks-
cluster --approve
cd /home/cloudshell-user
#checking if the Keypair already exists.
key_list= aws ec2 describe-key-pairs --query 'KeyPairs[*].KeyName' --output table
if ["$key_list"==**"kube-demo"**];
then
echo "The key kube-demo is already present"
else
aws ec2 create-key-pair --key-name kube-demo --query 'KeyMaterial' --output
text > MyKeyPair_kube-demo.pem
fi
eksctl create nodegroup --cluster=my-eks-cluster \
--region=ap-south-1 \
--name=eksdemo1-ng-public1 \
--node-type=t3a.medium \
--nodes=2 \
--nodes-min=2 \
--nodes-max=2 \
--node-volume-size=10 \
--ssh-access \
--ssh-public-key=kube-demo \
--managed \
--asg-access \
--external-dns-access \
--full-ecr-access \
--appmesh-access \
--alb-ingress-access \
--node-private-networking
#creating New Security grp for eks cluster and allowing all ports and ips inbpund
then attaching it to the cluster.
Securitygp_id=aws eks describe-cluster --name my-eks-cluster --query
"cluster.resourcesVpcConfig.securityGroupIds" --output text
aws ec2 authorize-security-group-ingress --group-id $Securitygp_id --protocol all
--port all --cidr 0.0.0.0/0
#Downloading the iam policy doc for ALB controller policy and creating the policy.
curl -o iam_policy_latest.json
https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/
main/docs/install/iam_policy.json
aws iam create-policy --policy-name AWSLoadBalancerControllerIAMPolicy --policy-
document file://iam_policy_latest.json
IAM_Policy_arm=aws iam list-policies --query "Policies[?
PolicyName=='AWSLoadBalancerControllerIAMPolicy'].Arn" --output text
eksctl create iamserviceaccount --cluster=my-eks-cluster --namespace=kube-system --
name=aws-load-balancer-controller --attach-policy-$IAM_Policy_arn --override-
existing-serviceaccounts --approve
# TO Confirm if the Service account has been created or not.
eksctl get sa -n kube-system

#Install Certificate Manager

kubectl apply \
--validate=false \
-f https://github.com/jetstack/cert-manager/releases/download/v1.13.5/cert-
manager.yaml

# Download load balancer controller file from GitHub


curl -Lo v2_7_2_full.yaml https://github.com/kubernetes-sigs/aws-load-balancer-
controller/releases/download/v2.7.2/v2_7_2_full.yaml

#Since we have already created our iamservice account, we will remove the
iamservice account art from the alb controller manifest.
#In the following command -i.bak makes sed change the file in place and create a
backup of the existing file, -e allows us to specify the script.
# '612,620' specifies the line number in the file, and "d" in '612,620d' command to
delete these lines.
sed -i.bak -e '612,620d' ./v2_7_2_full.yaml

#Replacing the cluster name with our cluster's name


sed -i.bak -e 's|your-cluster-name|my-cluster|' ./v2_7_2_full.yaml

Note:- If the nodes do not have access to nat gateway, they wont be able to access
the docker image for alb controller present on public ecr repo, in that case we
need to create a VPC interface endpoint, so nodes can use aws private network to
access it.

#apply the manifest, this should create the ALB controller.


kubectl apply -f v2_7_2_full.yaml

You might also like