I'm trying to use annotations on an Ingress to create an Application Load Balancer for a service in a private EKS cluster.
Here is a list of things that are true or I have tried
- Everything runs on Fargate, I've registered a few different profiles for coredns, kube-system, cert-manager and default
- I have the VPC-CNI, kube-proxy and coredns addons installed
- I installed the cert-manager and ALB controller version 2.7.0 using
kubectl apply
. There are a couple of things that needed changing including running the cert-manager-webhook on port 10260
, and adding region, vpc, cluster name and disabling shield and waf on the alb-controller manifest.
- The service works, I can curl to the specific pod ip address and I get a successful response. I have tried multiple replicas and they all work.
- The application load balancer is registered, listener rules created, and a target group is defined, but no targets are registered
- I have also tried using annotations on the service as a loadbalancer instead of defining an ingress. A very similar thing happens, I get a load balancer, listener rules and a target group with no targets registered.
- There are no errors, the targets are just not registered. The ingress reconciles fine and the logs on the alb controller show now errors.
- If i manually register the targets, i can access the service just fine.
I am not sure what to try next.
additional context https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/3569