AWS Load Balancer Controller

AWS Load Balancer Controller用于为EKS管理创建ELB,提供以下两种资源:

  • 当创建Ingress对象时,创建ALB
  • 当创建LoadBalancer类型的service时,创建NLB。在以前,NLB用于创建instance类型的target、ALB用于创建IP类型的target;在v2.3.0之后,AWS Load Balancer Controller可以为NLB创建两种类型的target

image-20221101225627579

安装

# 创建IAM policy,让AWS Load Balancer Controller可以调用相关的AWS API
curl -o iam_policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.0/docs/install/iam_policy.json

aws iam create-policy \
    --policy-name AWSLoadBalancerControllerIAMPolicy \
    --policy-document file://iam_policy.json

# 创建aws-load-balancer-controller service account, 将my-cluster替换为集群名称,将111122223333替换为account id
eksctl create iamserviceaccount \
  --cluster=my-cluster \
  --namespace=kube-system \
  --name=aws-load-balancer-controller \
  --attach-policy-arn=arn:aws:iam::111122223333:policy/AWSLoadBalancerControllerIAMPolicy \
  --override-existing-serviceaccounts \
  --approve

# 使用helm安装repo
helm repo add eks https://aws.github.io/eks-charts
helm repo update

如果在非us-west-2region部署,需要在helm命令设置account和region-code:

--set image.repository=${account}.dkr.ecr.${region-code}.amazonaws.com/amazon/aws-load-balancer-controller

对应的值可以在 https://docs.aws.amazon.com/eks/latest/userguide/add-ons-images.html 找到


cluster-name做替换,安装:

helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
  -n kube-system \
  --set clusterName=${cluster-name} \
  --set serviceAccount.create=false \
  --set serviceAccount.name=aws-load-balancer-controller

确认已安装完成:

kubectl get deployment -n kube-system aws-load-balancer-controller

NAME                           READY   UP-TO-DATE   AVAILABLE   AGE
aws-load-balancer-controller   2/2     2            2           84s

参考:

https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html