i want to deploy Jenkins on EKS cluster and any one can access Jenkins url
i tried this and i change type: NodePort in service.yaml to LoadBalancer
but DNS didn't work
Your worker nodes will have to have a public IP, which is a big security risk.
Better to create a Kubernetes service of type LoadBalancer which in your case will expose the Jenkins service in AWS.
Related
I want statping to be independent of the infra it is monitoring. But I want to check the services uptime which are on clusterIP inside the k8s EKS cluster. Will setting up kubeconfig on the EC2 instance help ?
There are multiple ways to access Kubernetes Services from the statping EC2 Instance.
All of them are discussed in https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/
https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#so-many-proxies
kubectl proxy https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#using-kubectl-proxy is a good option for your use case if you already have kubeconfig on the statping EC2 Instance.
You can use https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#manually-constructing-apiserver-proxy-urls to construct the Proxy URLs.
I have a non-EKS AWS kubernetes cluster with 1 master 3 worker nodes
I am trying to install nginx ingress controller in order to use the cluster with a domain name but unfortunately it does not seem to work, the nginx ingress controller service is not taking automatically an IP and even if I set manually an external IP this IP is not answering in 80 port.
If you are looking for a public domain . Expose the nginx-ingress deployment(service) as a loadbalancer which will create an ALB.
You can then route the domain name to the ALB Alias in R53
The reason for External IP remaining in pending is that there is no load balancer in front of your cluster to provide it with external IP, like it would work EKS. You can achieve it by boostraping your cluster with --cloud-provider option using kubeadm.
You can follow these tutorials on how to successfully achieve it:
Kubernetes, Kubeadm, and the AWS Cloud Provider
Setting up the Kubernetes AWS Cloud Provider
Kubernetes: part 2 — a cluster set up on AWS with AWS cloud-provider and AWS LoadBalancer
There are a couple of different solutions to that.. my favorite solution is
Use an Ingress Controller like the ingress-nginx (there are multiple different Ingress Controllers available for Kubernetes, a very good comparison is provided here)
Configure the IngressController Service to use NodePort and use a port like 30080
Create an own AWS ALB with Terraform for an example and add the NodePort 30080 to the TargetGroup
Create a Ingress resource to configure the IngressController
The whole traffic flow could look like that:
If you still have some questions, just ask them here :)
Yes you will have to expose the deployment as a service
kubectl expose deployment {deploymentname} -n ns ==type=Loadbalancer --name={name}
I am having doubt with AWS EKS
i have EKS cluster (Private subnets) managed worker nodes( private subnets)
and i deployed nginx deplyoment with three replicas and did service internal loadbalancer
i can do curl
getting expected output
problem: How to expose my app outside cluster or vpc
Thanks
You can have your EKS nodes in private subnet of VPC but you need public subnets also for exposing your pods/containers.
So ideally you need to create a LB service for your nginx deployment.
The below blog helped me during my initial EKS setup hope it helps you too
Nginx ingress controller with NLB
You can have AWS Application Load Balancer added to your EKS cluster and have an ingress targeting your service.
https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html
Deploy ALB Controller in your cluster
Add new ingress pointing your service
Remember to make alb.ingress.kubernetes.io/scheme: internet-facing as you want to expose your service to public.
You can get DNS of new ingress in AWS Console(EC2/Load Balancer) or by describing ingress using kubectl.
I am new to Kubernetes and AWS and exploring different AWS technologies for a project. One thing I am doing as part of that is to see how we can have routes in API Gateway connect to an EKS cluster (in a VPC).
This is what I have working:
An EKS Cluster
In the EKS Cluster I have nginx ingress-controller running
I have an EC2 inside the VPC and verified that I can reach a service running in the cluster through EC2 by using the ingress-controller url
This is what I am trying:
I tried to create an API Gateway route to access the same service using the ingress-controller url -> To achieve that, I am trying the steps here (because my cluster is in a VPC): https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-nlb-for-vpclink-using-console.html
One thing that is not clear to me is that, how do I specify the ingress-controller url as a target for the NLB? The only targets that I can specify are EC2 instances, but I want to direct the traffic through the ingress-controller (which is a service of type loadbalancer in K8s).
If I am doing this wrong way, please advice the right way of exposing EKS cluster in API Gateway through the nginx ingress controller. Thanks!
I have found the problem. When using nginx-ingress-controller, I just had to specify the annotation that it is of type "nlb"
service.beta.kubernetes.io/aws-load-balancer-type: nlb
Once I deploy the ingress controller with this annotation, it automatically creates an nlb in aws and sets the target according to the ingress defined! I was creating a new nlb myself and then trying to point to the ingress-controller which is not needed (nor the right way).
I have a k8 cluster deployed in AWS using kube-aws. When I deploy a service, a new ELB is added for exposing the service to internet. Can I use ingress-controller to replace ELB or is there any other way to expose services other than ELB?
First, replace type: LoadBalancer with type: ClusterIP in your service definition. Then you have to configure the ingress and deploy a controller, like Nginx
If you are looking for a full example, I have one here: nginx-ingress-controller.
The ingress will expose you services using some of your workers public IPs, usually 2 of them. Just check your ingress kubectl get ing -o wide and create the DNS records.