AWS Load Balancer Controller replaces the functionality of the AWS ALB Ingress Controller.<\/p>\n
eksctl utils associate-iam-oidc-provider --profile=perp \n --region ap-northeast-1 \n --cluster perp-staging \n --approve<\/code><\/pre>\nref:
\nhttps:\/\/docs.aws.amazon.com\/eks\/latest\/userguide\/enable-iam-roles-for-service-accounts.html<\/a><\/p>\nCreate a Kubernetes ServiceAccount for the Controller<\/h3>\ncurl -o iam_policy.json https:\/\/raw.githubusercontent.com\/kubernetes-sigs\/aws-load-balancer-controller\/v2.3.0\/docs\/install\/iam_policy.json\n\naws iam create-policy --profile=perp \n --policy-name AWSLoadBalancerControllerIAMPolicy \n --policy-document file:\/\/iam_policy.json\n\neksctl create iamserviceaccount --profile=perp \n --cluster=perp-staging \n --namespace=kube-system \n --name=aws-load-balancer-controller \n --attach-policy-arn=arn:aws:iam::XXX:policy\/AWSLoadBalancerControllerIAMPolicy \n --override-existing-serviceaccounts \n --approve<\/code><\/pre>\nre:
\nhttps:\/\/docs.aws.amazon.com\/eks\/latest\/userguide\/aws-load-balancer-controller.html<\/a>
\nhttps:\/\/kubernetes-sigs.github.io\/aws-load-balancer-controller\/v2.3\/deploy\/installation\/<\/a><\/p>\nDeploy aws-load-balancer-controller<\/h3>\nhelm repo add eks https:\/\/aws.github.io\/eks-charts\n\nhelm ls -A\n\nhelm upgrade -i \n aws-load-balancer-controller eks\/aws-load-balancer-controller \n -n kube-system \n --set clusterName=perp-staging \n --set serviceAccount.create=false \n --set serviceAccount.name=aws-load-balancer-controller \n --set region=ap-northeast-1 \n --set vpcId=vpc-XXX<\/code><\/pre>\nref:
\nhttps:\/\/docs.aws.amazon.com\/eks\/latest\/userguide\/aws-load-balancer-controller.html#helm-v3-or-later<\/a>
\nhttps:\/\/kubernetes-sigs.github.io\/aws-load-balancer-controller\/v2.3\/deploy\/installation\/<\/a>
\nhttps:\/\/kubernetes-sigs.github.io\/aws-load-balancer-controller\/v2.3\/deploy\/configurations\/<\/a>
\nhttps:\/\/github.com\/aws\/eks-charts\/tree\/master\/stable\/aws-load-balancer-controller<\/a><\/p>\nCreate an Ingress using ALB<\/h2>\napiVersion: networking.k8s.io\/v1\nkind: Ingress\nmetadata:\n name: graph-node-ingress\n annotations:\n kubernetes.io\/ingress.class: alb\n alb.ingress.kubernetes.io\/scheme: internet-facing\n alb.ingress.kubernetes.io\/ssl-policy: ELBSecurityPolicy-FS-1-2-Res-2020-10\n alb.ingress.kubernetes.io\/certificate-arn: YOUR_ACM_ARN\n alb.ingress.kubernetes.io\/target-type: ip\n alb.ingress.kubernetes.io\/target-group-attributes: stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=60\n alb.ingress.kubernetes.io\/load-balancer-attributes: idle_timeout.timeout_seconds=3600,deletion_protection.enabled=true\n alb.ingress.kubernetes.io\/listen-ports: '[{\"HTTPS\": 443}]'\n alb.ingress.kubernetes.io\/actions.graph-node-jsonrpc: >\n {\"type\": \"forward\", \"forwardConfig\": {\"targetGroups\": [\n {\"serviceName\": \"graph-node\", \"servicePort\": 8000, \"weight\": 100}\n ]}}\n alb.ingress.kubernetes.io\/actions.graph-node-websocket: >\n {\"type\": \"forward\", \"forwardConfig\": {\"targetGroups\": [\n {\"serviceName\": \"graph-node\", \"servicePort\": 8001, \"weight\": 100}\n ]}}\nspec:\n rules:\n - host: \"subgraph-api.example.com\"\n http:\n paths:\n - path: \/\n pathType: Prefix\n backend:\n service:\n name: graph-node-jsonrpc\n port:\n name: use-annotation\n - host: \"subgraph-ws.example.com\"\n http:\n paths:\n - path: \/\n pathType: Prefix\n backend:\n service:\n name: graph-node-websocket\n port:\n name: use-annotation<\/code><\/pre>\n