This is a cache of https://docs.openshift.com/container-platform/4.11/networking/aws_load_balancer_operator/create-instance-aws-load-balancer-controller.html. It is a snapshot of the page at 2024-11-22T14:10:11.284+0000.
Creating an instance of the AWS Load Balancer Controller - AWS Load Balancer Operator | Networking | OpenShift Container Platform 4.11
×

After installing the Operator, you can create an instance of the AWS Load Balancer Controller.

Creating an instance of the AWS Load Balancer Controller using AWS Load Balancer Operator

You can install only a single instance of the aws-load-balancer-controller in a cluster. You can create the AWS Load Balancer Controller by using CLI. The AWS Load Balancer(ALB) Operator reconciles only the resource with the name cluster.

Prerequisites
  • You have created the echoserver namespace.

  • You have access to the OpenShift CLI (oc).

Procedure
  1. Create an aws-load-balancer-controller resource YAML file, for example, sample-aws-lb.yaml, as follows:

    apiVersion: networking.olm.openshift.io/v1alpha1
    kind: AWSLoadBalancerController (1)
    metadata:
      name: cluster (2)
    spec:
      subnetTagging: Auto (3)
      additionalResourceTags: (4)
        example.org/cost-center: 5113232
        example.org/security-scope: staging
      ingressClass: alb (5)
      config:
        replicas: 2 (6)
      enabledAddons: (7)
        - AWSWAFv2 (8)
    1 Defines the aws-load-balancer-controller resource.
    2 Defines the AWS Load Balancer Controller instance name. This instance name gets added as a suffix to all related resources.
    3 Valid options are Auto and Manual. When the value is set to Auto, the Operator attempts to determine the subnets that belong to the cluster and tags them appropriately. The Operator cannot determine the role correctly if the internal subnet tags are not present on internal subnet. If you installed your cluster on user-provided infrastructure, you can manually tag the subnets with the appropriate role tags and set the subnet tagging policy to Manual.
    4 Defines the tags used by the controller when it provisions AWS resources.
    5 The default value for this field is alb. The Operator provisions an IngressClass resource with the same name if it does not exist.
    6 Specifies the number of replicas of the controller.
    7 Specifies add-ons for AWS load balancers, which get specified through annotations.
    8 Enables the alb.ingress.kubernetes.io/wafv2-acl-arn annotation.
  2. Create a aws-load-balancer-controller resource by running the following command:

    $ oc create -f sample-aws-lb.yaml
  3. After the AWS Load Balancer Controller is running, create a deployment resource:

    apiVersion: apps/v1
    kind: Deployment (1)
    metadata:
      name: <echoserver> (2)
      namespace: echoserver
    spec:
      selector:
        matchLabels:
          app: echoserver
      replicas: 3 (3)
      template:
        metadata:
          labels:
            app: echoserver
        spec:
          containers:
            - image: openshift/origin-node
              args:
                - TCP4-LISTEN:8080,reuseaddr,fork
                - EXEC:'/bin/bash -c \"printf \\\"HTTP/1.0 200 OK\r\n\r\n\\\"; sed -e \\\"/^\r/q\\\"\"'
              imagePullPolicy: Always
              name: echoserver
              ports:
                - containerPort: 8080
    1 Defines the deployment resource.
    2 Specifies the deployment name.
    3 Specifies the number of replicas of the deployment.
  4. Create a service resource:

    apiVersion: v1
    kind: Service (1)
    metadata:
      name: <echoserver> (2)
      namespace: echoserver
    spec:
      ports:
        - port: 80
          targetPort: 8080
          protocol: TCP
      type: nodeport
      selector:
        app: echoserver
    1 Defines the service resource.
    2 Specifies the name of the service.
  5. Deploy an ALB-backed Ingress resource:

    apiVersion: networking.k8s.io/v1
    kind: Ingress (1)
    metadata:
      name: <echoserver> (2)
      namespace: echoserver
      annotations:
        alb.ingress.kubernetes.io/scheme: internet-facing
        alb.ingress.kubernetes.io/target-type: instance
    spec:
      ingressClassName: alb
      rules:
        - http:
            paths:
              - path: /
                pathType: Exact
                backend:
                  service:
                    name: <echoserver> (3)
                    port:
                      number: 80
    1 Defines the ingress resource.
    2 Specifies the name of the ingress resource.
    3 Specifies the name of the service resource.
Verification
  • Verify the status of the Ingress resource to show the host of the provisioned AWS Load Balancer (ALB) by running the following command:

    $ HOST=$(kubectl get ingress -n echoserver echoserver -o json | jq -r '.status.loadBalancer.ingress[0].hostname')
  • Verify the status of the provisioned AWS Load Balancer (ALB) host by running the following command:

    $ curl $HOST