Deploy a deploy

来自linuxsa wiki
跳转到导航 跳转到搜索

have an eks cluster and install dashboard

EKS Fundamentals

install alb

install eksctl

https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_Linux_amd64.tar.gz


aws eks update-kubeconfig --region <your region> --name <clustername>
kubectl get nodes



AWS Load Balancer Controller

kubectl get deployment -n kube-system aws-load-balancer-controller
if return Error from server (NotFound)

# 1. 创建IAM policy(如果还没创建过)
curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.13.0/docs/install/iam_policy.json

aws iam create-policy \
  --policy-name AWSLoadBalancerControllerIAMPolicy \
  --policy-document file://iam_policy.json

# 2. 创建IAM Service Account(需要先启用OIDC provider,如果没启用先跑这行)
#eksctl utils associate-iam-oidc-provider --cluster=<集群名> --approve
eksctl utils associate-iam-oidc-provider --region=ap-east-1 --cluster=my-eks --approve

eksctl create iamserviceaccount \
  --cluster=<集群名> \
  --namespace=kube-system \
  --name=aws-load-balancer-controller \
  --attach-policy-arn=arn:aws:iam::<你的account-id>:policy/AWSLoadBalancerControllerIAMPolicy \
  --override-existing-serviceaccounts \
  --approve

# 3. Helm安装controller
helm repo add eks https://aws.github.io/eks-charts
helm repo update
helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
  -n kube-system \
  --set clusterName=<集群名> \
  --set serviceAccount.create=false \
  --set serviceAccount.name=aws-load-balancer-controller

kubectl get deployment -n kube-system aws-load-balancer-controller
kubectl get pods -n kube-system | grep aws-load-balancer
NAME                           READY   UP-TO-DATE   AVAILABLE   AGE
aws-load-balancer-controller   2/2     2            2           84s
aws-load-balancer-controller-644668f56c-7nnkh   1/1     Running   0          84s
aws-load-balancer-controller-644668f56c-qzhdl   1/1     Running   0          84s
➜  claude ls


ng demo


ALB Controller装好了,2个pod都Running。现在可以部署应用了。

**1. 创建Deployment**

```bash
cat <<EOF > deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: hello-app
spec:
  replicas: 2
  selector:
    matchLabels:
      app: hello-app
  template:
    metadata:
      labels:
        app: hello-app
    spec:
      containers:
      - name: hello-app
        image: nginxdemos/hello
        ports:
        - containerPort: 80
EOF

kubectl apply -f deployment.yaml
```

**2. 创建Service**

```bash
cat <<EOF > service.yaml
apiVersion: v1
kind: Service
metadata:
  name: hello-app-svc
spec:
  selector:
    app: hello-app
  ports:
  - port: 80
    targetPort: 80
  type: ClusterIP
EOF

kubectl apply -f service.yaml
```

**3. 创建Ingress(走ALB)**

```bash
cat <<EOF > ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: hello-app-ingress
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
spec:
  rules:
  - http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: hello-app-svc
            port:
              number: 80
EOF

kubectl apply -f ingress.yaml
```

**4. 检查pod状态**

```bash
kubectl get pods -w
```

等pod都Running后,Ctrl+C退出,然后检查Ingress的ALB地址:

```bash
kubectl get ingress hello-app-ingress
```

ADDRESS字段出现域名(通常要等1-2分钟)后,浏览器访问那个地址就能看到nginx的hello页面了。

有个小提醒:用ALB internet-facing需要确认你的public子网有打上 `kubernetes.io/role/elb` 标签,且Ingress Controller的IAM权限里要能访问对应的子网,不然ALB可能创建失败或者一直显示无ADDRESS。如果卡住了告诉我,我们一起排查。

result

文件:Alb-2d.png