mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
159 lines
4.5 KiB
Plaintext
159 lines
4.5 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * networking/networking_operators/aws-load-balancer-operator.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="aws-load-balancer-operator-prerequisites_{context}"]
|
|
= Preparing to install the AWS Load Balancer Operator
|
|
|
|
Before you install the AWS Load Balancer Operator, ensure that your cluster fulfills requirements and that your AWS VPC resources are appropriately tagged. You also have the option to configure some helpful environment variables.
|
|
|
|
[id="aws-load-balancer-operator-cluster-reqs_{context}"]
|
|
== Cluster requirements
|
|
|
|
Your cluster must be deployed across three availability zones, using a pre-existing VPC with three public subnets.
|
|
|
|
[IMPORTANT]
|
|
====
|
|
These requirements mean that the AWS Load Balancer Operator may not be suitable for some PrivateLink clusters. AWS NLBs may be a better choice for such clusters.
|
|
====
|
|
|
|
|
|
[id="aws-load-balancer-operator-environment_{context}"]
|
|
== Set up temporary environment variables
|
|
|
|
You have the option to set up temporary environment variables to hold resource identifiers and configuration details. Using temporary environment variables streamlines the process of running the installation commands for the AWS Load Balancer Operator.
|
|
|
|
If you do not want to use environment variables to store certain values, you can manually enter those values in the relevant installation commands.
|
|
|
|
.Prerequisites
|
|
* You have installed the AWS CLI (`aws`).
|
|
* You have installed the OC CLI (`oc`).
|
|
|
|
.Procedure
|
|
|
|
. Log in to your cluster as a cluster administrator using the OpenShift CLI (`oc`).
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc login --token=<token> --server=<cluster_url>
|
|
----
|
|
|
|
. Run the following commands to set up environment variables.
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export CLUSTER_NAME=$(oc get infrastructure cluster -o=jsonpath="{.status.apiServerURL}" | sed 's|^https://||' | awk -F . '{print $2}')
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export REGION=$(oc get infrastructure cluster -o=jsonpath="{.status.platformStatus.aws.region}")
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export OIDC_ENDPOINT=$(oc get authentication.config.openshift.io cluster -o jsonpath='{.spec.serviceAccountIssuer}' | sed 's|^https://||')
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export SCRATCH="/tmp/${CLUSTER_NAME}/alb-operator"
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ mkdir -p ${SCRATCH}
|
|
----
|
|
+
|
|
These commands create environment variables that you can use in this terminal session to pass their values to the command line interface.
|
|
|
|
. Verify that the variable values are set correctly by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ echo "Cluster name: ${CLUSTER_NAME}
|
|
Region: ${REGION}
|
|
OIDC Endpoint: ${OIDC_ENDPOINT}
|
|
AWS Account ID: ${AWS_ACCOUNT_ID}"
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
Cluster name: <cluster_id>
|
|
Region: <region>
|
|
OIDC Endpoint: oidc.op1.openshiftapps.com/<oidc_id>
|
|
AWS Account ID: <aws_id>
|
|
----
|
|
|
|
.Next steps
|
|
* Use the same terminal session to continue with AWS Load Balancer Operator installation, to ensure that your environment variables are not lost.
|
|
|
|
[id="tagging-aws-vpc-subnets_{context}"]
|
|
== Tag the AWS VPC and subnets
|
|
|
|
You must tag your AWS VPC resources before you install the AWS Load Balancer Operator.
|
|
|
|
.Prerequisites
|
|
* You have installed the AWS CLI (`aws`).
|
|
* You have installed the OC CLI (`oc`).
|
|
|
|
.Procedure
|
|
|
|
. Optional: Set up environment variables for AWS VPC resources.
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export VPC_ID=<vpc-id>
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export PUBLIC_SUBNET_IDS="<public-subnet-a-id> <public-subnet-b-id> <public-subnet-c-id>"
|
|
----
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ export PRIVATE_SUBNET_IDS="<private-subnet-a-id> <private-subnet-b-id> <private-subnet-c-id>"
|
|
----
|
|
|
|
. Tag your VPC to associate it with your cluster:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ aws ec2 create-tags --resources ${VPC_ID} --tags Key=kubernetes.io/cluster/${CLUSTER_NAME},Value=owned --region ${REGION}
|
|
----
|
|
|
|
. Tag your public subnets to allow changes by elastic load balancing roles, and tag your private subnets to allow changes by internal elastic load balancing roles:
|
|
+
|
|
[source,bash]
|
|
----
|
|
cat <<EOF > "${SCRATCH}/tag-subnets.sh"
|
|
#!/bin/bash
|
|
|
|
aws ec2 create-tags \
|
|
--resources ${PUBLIC_SUBNET_IDS} \
|
|
--tags Key=kubernetes.io/role/elb,Value='' \
|
|
--region ${REGION}
|
|
|
|
aws ec2 create-tags \
|
|
--resources ${PRIVATE_SUBNET_IDS} \
|
|
--tags Key=kubernetes.io/role/internal-elb,Value='' \
|
|
--region ${REGION}
|
|
|
|
EOF
|
|
----
|
|
|
|
. Run the script:
|
|
+
|
|
[source,bash]
|
|
----
|
|
bash ${SCRATCH}/tag-subnets.sh
|
|
----
|