从0到1：AWS DevOps实践（三）

为EKS集群配置ALB

在上一篇文章中我整理了创建EKS集群的思维导图流程，这一篇介绍如何为EKS集群创建ALB。

架构图

实战思维导图

附录及测试

创建service account
# 创建albserviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    app.kubernetes.io/component: controller
    app.kubernetes.io/name: aws-load-balancer-controller
  name: aws-load-balancer-controller
  namespace: kube-system
  annotations:
      eks.amazonaws.com/role-arn: arn:aws-cn:iam::
YOUR_AWS_ACCOUNT:role/tsAmazonEKSLoadBalancerControllerRole

# kubectl apply -f albserviceaccount.yaml
# kubectl describe serviceaccount/aws-load-balancer-controller -n kube-system

部署 ALB Controller
部署 cert-manager 将证书配置注入到 webhook
#下载cert-manager文件
wget https://github.com/jetstack/cert-manager/releases/download \
/v1.1.1/cert-manager.yaml --no-check-certificate
#部署cert-manager
kubectl apply --validate=false -f cert-manager.yaml

下载部署 controller 的 yaml 文件
wget https://raw.githubusercontent.com/kubernetes-sigs \
/aws-load-balancer-controller/v2.2.0/docs/install \
/v2_2_0_full.yaml --no-check-certificate

删掉“ServiceAccount”对象内容
在上一步中已建好 Service account 并配置了 AWS Role
把your-cluster-name替换成自己的
kubectl apply -f v2_2_0_full.yaml

查看 controller 是否安装成功
kubectl get deployment -n kube-system aws-load-balancer-controller

部署demo应用
cat nginx-demo.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-demo
  name: nginx-demo
  namespace: demo
spec:
  replicas: 2
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: nginx-demo
  strategy:
    rollingUpdate:
      maxSurge: 20%
      maxUnavailable: 20%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: nginx-demo
      name: nginx-demo
    spec:
      containers:
        - name: nginx-demo      
          image: nginx:1.24.0
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 80
            - containerPort: 443
              protocol: TCP
          readinessProbe:
            failureThreshold: 6
            initialDelaySeconds: 30
            periodSeconds: 10
            successThreshold: 1
            tcpSocket:
              port: 80
            timeoutSeconds: 10
          livenessProbe:
            failureThreshold: 6
            initialDelaySeconds: 30
            periodSeconds: 10
            successThreshold: 1
            tcpSocket:
              port: 80
            timeoutSeconds: 10            
          resources:
            limits:
              cpu: 100m
              memory: 200Mi
            requests:
              cpu: 100m
              memory: 200Mi
          volumeMounts:
            - name: host-time
              mountPath: /etc/localtime
            - name: applog
              mountPath: /var/log/nginx
      volumes:
        - hostPath:
            path: /etc/localtime
            type: ""
          name: host-time
        - name: applog
          emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-demo
  namespace: demo
spec:
  ports:
    - name: web
      port: 80
      targetPort: 80
    - name: webssl
      port: 443
      targetPort: 443
  selector:
    app: nginx-demo

部署demo-ingrss

cat demo-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: demo-ingress
  namespace: demo
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip  
spec:
  rules:
  - http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: nginx-demo
            port:
              number: 80

kubectl apply -f demo-ingress.yaml
kubectl get ing -n demo

参考文档

https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress....
https://zhuanlan.zhihu.com/p/458454919

从0到1：AWS DevOps实践（三）

为EKS集群配置ALB

架构图

实战思维导图

附录及测试

参考文档

你可能感兴趣的:(从0到1：AWS DevOps实践（三）)