By using AWS re:Post, you agree to the AWS re:Post Terms of Use

LoadBalancer Controller not working in AWS EKS

0

I created eks cluster with eksctl and deplyed app , service and ingress but no loadbalancer has been created :(

kubectl version 1.23.6

eksctl version : 0.165.0

for Load Balancer Controller Installation i followed this guide https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/deploy/installation/

manifest files :

apiVersion: apps/v1
kind: Deployment
metadata:
  name: techcare-apigw
  namespace: techcare
spec:
  replicas: 1
  selector:
    matchLabels:
      app: techcare-apigw
  template:
    metadata:
      labels:
        app: techcare-apigw
    spec:
      containers:
        - name: techcare-apigw
          image: 435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway:1.0.57
          ports:
            - containerPort: 3000
              name: techcare-apigw
apiVersion: v1
kind: Service
metadata:
  name: techcare-apigw-s
  namespace: techcare
spec:
  selector:
    app: techcare-apigw
  ports:
    - protocol: TCP
      port: 80
      targetPort: 3000
      name: http
    - protocol: TCP
      port: 443
      targetPort: 3000
      name: https
  type: ClusterIP
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: example-ingress
  namespace: techcare
  annotations:
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: alb
spec:
  defaultBackend:
    service:
      name: techcare-apigw-s
      port:
        number: 80
  rules:
    - http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: techcare-apigw-s
                port:
                  number: 80

Descibed service pod and ingres:

kubectl describe pod  techcare-apigw-65f496dd85-f8s28 -n techcare                                                                                                        ✔  18.10.0 Node  18.10.0 Node  nbozic@techcare.eu-central-1.eksctl.io ○  10:36:20  
Name:         techcare-apigw-65f496dd85-f8s28
Namespace:    techcare
Priority:     0
Node:         ip-192-168-17-235.eu-central-1.compute.internal/192.168.17.235
Start Time:   Fri, 08 Dec 2023 22:09:36 +0100
Labels:       app=techcare-apigw
              pod-template-hash=65f496dd85
Annotations:  <none>
Status:       Running
IP:           192.168.3.4
IPs:
  IP:           192.168.3.4
Controlled By:  ReplicaSet/techcare-apigw-65f496dd85
Containers:
  techcare-apigw:
    Container ID:   containerd://cbf1050a4aca263fbc86c97c759dda48694dc637fe1da40dbf0430319d5da5ef
    Image:          435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway:1.0.57
    Image ID:       435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway@sha256:e362e6e1bf42002b510dff2a621e85e7f1fc304a1fef5c02095919129b0a0f45
    Port:           3000/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Fri, 08 Dec 2023 22:10:12 +0100
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-q92s4 (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      Tre 
Volumes:
  kube-api-access-q92s4:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type    Reason     Age   From               Message
  ----    ------     ----  ----               -------
  Normal  Scheduled  27m   default-scheduler  Successfully assigned techcare/techcare-apigw-65f496dd85-f8s28 to ip-192-168-17-235.eu-central-1.compute.internal
  Normal  Pulling    27m   kubelet            Pulling image "435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway:1.0.57"
  Normal  Pulled     26m   kubelet            Successfully pulled image "435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway:1.0.57" in 34.870208122s (34.870944373s including waiting)
  Normal  Created    26m   kubelet            Created container techcare-apigw
  Normal  Started    26m   kubelet            Started container techcare-apigw

kubectl describe ing example-ingress -n techcare                                                                                                                         ✔  18.10.0 Node  18.10.0 Node  nbozic@techcare.eu-central-1.eksctl.io ○  10:36:37  
Name:             example-ingress
Labels:           <none>
Namespace:        techcare
Address:          
Default backend:  techcare-apigw-s:80 (192.168.3.4:3000)
Rules:
  Host        Path  Backends
  ----        ----  --------
  *           
              /   techcare-apigw-s:80 (192.168.3.4:3000)
Annotations:  alb.ingress.kubernetes.io/scheme: internet-facing
              alb.ingress.kubernetes.io/target-type: alb
Events:       <none>


kubectl describe service techcare-apigw-s  -n techcare                                                                                                                   ✔  18.10.0 Node  18.10.0 Node  nbozic@techcare.eu-central-1.eksctl.io ○  10:35:56  
Name:              techcare-apigw-s
Namespace:         techcare
Labels:            <none>
Annotations:       <none>
Selector:          app=techcare-apigw
Type:              ClusterIP
IP Family Policy:  SingleStack
IP Families:       IPv4
IP:                10.100.50.10
IPs:               10.100.50.10
Port:              http  80/TCP
TargetPort:        3000/TCP
Endpoints:         192.168.3.4:3000
Port:              https  443/TCP
TargetPort:        3000/TCP
Endpoints:         192.168.3.4:3000
Session Affinity:  None
Events:            <none>

lobs from load balancer:

kubectl logs aws-load-balancer-controller-75776fdbcf-wrl5l -n kube-system                                                                                                ✔  18.10.0 Node  18.10.0 Node  nbozic@techcare.eu-central-1.eksctl.io ○  10:46:48  

{"level":"info","ts":"2023-12-08T21:05:24Z","msg":"version","GitVersion":"v2.6.2","GitCommit":"5e07dced064969588164c60cd493ce7921e913da","BuildDate":"2023-10-27T19:20:16+0000"}
{"level":"info","ts":"2023-12-08T21:05:24Z","logger":"controller-runtime.metrics","msg":"Metrics server is starting to listen","addr":":8080"}
{"level":"info","ts":"2023-12-08T21:05:24Z","logger":"setup","msg":"adding health check for controller"}
{"level":"info","ts":"2023-12-08T21:05:24Z","logger":"controller-runtime.webhook","msg":"Registering webhook","path":"/mutate-v1-pod"}
{"level":"info","ts":"2023-12-08T21:05:24Z","logger":"controller-runtime.webhook","msg":"Registering webhook","path":"/mutate-v1-service"}
{"level":"info","ts":"2023-12-08T21:05:24Z","logger":"controller-runtime.webhook","msg":"Registering webhook","path":"/validate-elbv2-k8s-aws-v1beta1-ingressclassparams"}
{"level":"info","ts":"2023-12-08T21:05:24Z","logger":"controller-runtime.webhook","msg":"Registering webhook","path":"/mutate-elbv2-k8s-aws-v1beta1-targetgroupbinding"}
{"level":"info","ts":"2023-12-08T21:05:24Z","logger":"controller-runtime.webhook","msg":"Registering webhook","path":"/validate-elbv2-k8s-aws-v1beta1-targetgroupbinding"}
{"level":"info","ts":"2023-12-08T21:05:24Z","logger":"controller-runtime.webhook","msg":"Registering webhook","path":"/validate-networking-v1-ingress"}
{"level":"info","ts":"2023-12-08T21:05:24Z","logger":"setup","msg":"starting podInfo repo"}
{"level":"info","ts":"2023-12-08T21:05:26Z","logger":"controller-runtime.webhook.webhooks","msg":"Starting webhook server"}
{"level":"info","ts":"2023-12-08T21:05:26Z","logger":"controller-runtime.certwatcher","msg":"Updated current TLS certificate"}
{"level":"info","ts":"2023-12-08T21:05:26Z","logger":"controller-runtime.webhook","msg":"Serving webhook server","host":"","port":9443}
{"level":"info","ts":"2023-12-08T21:05:26Z","msg":"Starting server","path":"/metrics","kind":"metrics","addr":"[::]:8080"}
{"level":"info","ts":"2023-12-08T21:05:26Z","msg":"Starting server","kind":"health probe","addr":"[::]:61779"}
{"level":"info","ts":"2023-12-08T21:05:26Z","logger":"controller-runtime.certwatcher","msg":"Starting certificate watcher"}
I1208 21:05:26.950628       1 leaderelection.go:248] attempting to acquire leader lease kube-system/aws-load-balancer-controller-leader..
kubectl get ingress --all-namespaces                                                                                                                                     ✔  18.10.0 Node  18.10.0 Node  nbozic@techcare.eu-central-1.eksctl.io ○  11:37:44  

NAMESPACE   NAME              CLASS    HOSTS   ADDRESS   PORTS   AGE
techcare    example-ingress   <none>   *                 80      5m51s

Enter image description here

1 Answer
0

Looks like you haven't configured the AWS Load Balancer in a proper manner. Follow this AWS documentation to get it running https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html

Also, revamp your ingress file annotations:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    alb.ingress.kubernetes.io/certificate-arn: <if you are serving the traffic on 443 give ACM Certificate ARN>
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/ssl-redirect: "443"
    alb.ingress.kubernetes.io/subnets: <give public subnets of your EKS VPC to host the load balancer>
    alb.ingress.kubernetes.io/target-type: ip
  name: ingress-ssl
spec:
  ingressClassName: alb
  rules:
    - host: <enter your host name. if nothing just put *>
      http:
        paths:
          - backend:
              service:
                name: api-np
                port:
                  number: 80
            path: /
            pathType: Prefix

Post here if any additional inputs needed. Quick oversight: You should share your AWS account id, ECR image URLs, logs directly.

profile picture
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions