New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS alb-ingress-controller failed to create ALB in EKS with fargate #1202
Comments
Hi, would you help share the logs from the controller pod? BTW, where is your controller running? if it's running as a fargate pod itself, you need to specify --aws-vpc-id and --aws-region |
@M00nF1sh, The ingress controllers (pods) were running in kube-system namespace. I did specify was-vpc-id and aws-region in the deployment yaml. For this pic, I didn't have any node group, just a fargate profile. Here is my ingress yaml, https://raw.githubusercontent.com/aspnet4you/eks-fargate-poc/master/alb-ingress-controller.yaml |
@aspnet4you From the controller-log, you should see what's wrong, typically it's iam permission or a subnet misttaged. |
@M00nF1sh, I was overly cautious on subnet tags and both the public and private pairs were tagged correctly. Learned that from previous poc with eks and ec2! Matter of fact, eksctl tool did that for me with security groups wide open to all traffic all ports! |
@M00nF1sh , kubectl logs -p alb-ingress-controller-5db898488b-bqrf6 -n kube-system AWS ALB Ingress controller
|
@M00nF1sh : AWS ALB Ingress controller
|
Hi @M00nF1sh, Thanks, |
@aspnet4you |
also, specify these settings without the quote:
to
You can see the error message of |
@M00nF1sh, I liked how alb auto adjusts the target backed. I changed the scaleset from 2 to 3 pods and I can see new IP is auto added to the target. Nice. :)- This is the reason I didn't want to add alb manually and deal with the auto scaling. Here is my ingress definition: Thanks, |
cool, glad it works :D |
I have the exact same issue, I can't figure out what's causing it. Pod Logs:
Container args:
Role policy:
The public subnets tagged with:
Private are basically the same, but with |
@zquintana, Do you want to double check your vpc subnet tags for private subnet? As per documentation, it should be internal-elb and not elb-internal. Key: kubernetes.io/role/internal-elb Things may have changed a bit since I performed the poc. I have all the supporting files in github.com and entrypoint is https://github.com/aspnet4you/eks-fargate-poc/blob/master/eks-fargate-alb-ingress-v2.ps1 |
@aspnet4you , yea looks like it's |
Turns out my issue was this #1360, core dns wasn't setup for fargate only cluster. |
I was trying to follow the documentation below to create an alb-ingress-controller with ingress resources- https://aws.amazon.com/blogs/containers/using-alb-ingress-controller-with-amazon-eks-on-fargate/
It's supposed to create an alb and bind the address field of Kubernetes ingress but the address field of ingress is empty! No error. Fargate profile has been given proper IAM permissions and service account is given RBAC based on the documentation.
I documented the steps in my blog with screenshots at https://blogs.aspnet4you.com/2020/03/17/run-serverless-kubernetes-pods-using-amazon-eks-and-aws-fargate/ and you can see address of ingress is empty! Ingress PODs are running fine.
I could create an alb manually which is what I did but it defeats the purpose. Any idea why alb didn't get created?
Thanks,
Prodip
The text was updated successfully, but these errors were encountered: