mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
153 lines
4.6 KiB
Plaintext
153 lines
4.6 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * networking/aws_load_balancer_operator/create-instance-aws-load-balancer-controller.adoc
|
|
|
|
:_content-type: PROCEDURE
|
|
[id="nw-creating-instance-aws-load-balancer-controller_{context}"]
|
|
= Creating an instance of the AWS Load Balancer Controller using AWS Load Balancer Operator
|
|
|
|
You can install only a single instance of the `aws-load-balancer-controller` in a cluster. You can create the AWS Load Balancer Controller by using CLI. The AWS Load Balancer(ALB) Operator reconciles only the resource with the name `cluster`.
|
|
|
|
.Prerequisites
|
|
|
|
* You have created the `echoserver` namespace.
|
|
* You have access to the OpenShift CLI (`oc`).
|
|
|
|
.Procedure
|
|
|
|
. Create an `aws-load-balancer-controller` resource YAML file, for example, `sample-aws-lb.yaml`, as follows:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
apiVersion: networking.olm.openshift.io/v1alpha1
|
|
kind: AWSLoadBalancerController <1>
|
|
metadata:
|
|
name: cluster <2>
|
|
spec:
|
|
subnetTagging: Auto <3>
|
|
additionalResourceTags: <4>
|
|
example.org/cost-center: 5113232
|
|
example.org/security-scope: staging
|
|
ingressClass: cloud <5>
|
|
config:
|
|
replicas: 2 <6>
|
|
enabledAddons: <7>
|
|
- AWSWAFv2 <8>
|
|
----
|
|
<1> Defines the `aws-load-balancer-controller` resource.
|
|
<2> Defines the AWS Load Balancer Controller instance name. This instance name gets added as a suffix to all related resources.
|
|
<3> Valid options are `Auto` and `Manual`. When the value is set to `Auto`, the Operator attempts to determine the subnets that belong to the cluster and tags them appropriately. The Operator cannot determine the role correctly if the internal subnet tags are not present on internal subnet. If you installed your cluster on user-provided infrastructure, you can manually tag the subnets with the appropriate role tags and set the subnet tagging policy to `Manual`.
|
|
<4> Defines the tags used by the controller when it provisions AWS resources.
|
|
<5> The default value for this field is `alb`. The Operator provisions an `IngressClass` resource with the same name if it does not exist.
|
|
<6> Specifies the number of replicas of the controller.
|
|
<7> Specifies add-ons for AWS load balancers, which get specified through annotations.
|
|
<8> Enables the `alb.ingress.kubernetes.io/wafv2-acl-arn` annotation.
|
|
|
|
. Create a `aws-load-balancer-controller` resource by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc create -f sample-aws-lb.yaml
|
|
----
|
|
|
|
. After the AWS Load Balancer Controller is running, create a `deployment` resource:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
apiVersion: apps/v1
|
|
kind: Deployment <1>
|
|
metadata:
|
|
name: <echoserver> <2>
|
|
namespace: echoserver
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: echoserver
|
|
replicas: 3 <3>
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: echoserver
|
|
spec:
|
|
containers:
|
|
- image: openshift/origin-node
|
|
command:
|
|
- "/bin/socat"
|
|
args:
|
|
- TCP4-LISTEN:8080,reuseaddr,fork
|
|
- EXEC:'/bin/bash -c \"printf \\\"HTTP/1.0 200 OK\r\n\r\n\\\"; sed -e \\\"/^\r/q\\\"\"'
|
|
imagePullPolicy: Always
|
|
name: echoserver
|
|
ports:
|
|
- containerPort: 8080
|
|
----
|
|
<1> Defines the deployment resource.
|
|
<2> Specifies the deployment name.
|
|
<3> Specifies the number of replicas of the deployment.
|
|
|
|
. Create a `service` resource:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
apiVersion: v1
|
|
kind: Service <1>
|
|
metadata:
|
|
name: <echoserver> <2>
|
|
namespace: echoserver
|
|
spec:
|
|
ports:
|
|
- port: 80
|
|
targetPort: 8080
|
|
protocol: TCP
|
|
type: NodePort
|
|
selector:
|
|
app: echoserver
|
|
----
|
|
<1> Defines the service resource.
|
|
<2> Specifies the name of the service.
|
|
|
|
. Deploy an ALB-backed `Ingress` resource:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress <1>
|
|
metadata:
|
|
name: <echoserver> <2>
|
|
namespace: echoserver
|
|
annotations:
|
|
alb.ingress.kubernetes.io/scheme: internet-facing
|
|
alb.ingress.kubernetes.io/target-type: instance
|
|
spec:
|
|
ingressClassName: alb
|
|
rules:
|
|
- http:
|
|
paths:
|
|
- path: /
|
|
pathType: Exact
|
|
backend:
|
|
service:
|
|
name: <echoserver> <3>
|
|
port:
|
|
number: 80
|
|
----
|
|
<1> Defines the ingress resource.
|
|
<2> Specifies the name of the ingress resource.
|
|
<3> Specifies the name of the service resource.
|
|
|
|
.Verification
|
|
|
|
* Verify the status of the `Ingress` resource to show the host of the provisioned AWS Load Balancer (ALB) by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ HOST=$(oc get ingress -n echoserver echoserver --template='{{(index .status.loadBalancer.ingress 0).hostname}}')
|
|
----
|
|
|
|
* Verify the status of the provisioned AWS Load Balancer (ALB) host by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ curl $HOST
|
|
----
|