By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

EKS AWS Load Balancer Controller - ALB is not created

0

Hello, Something is wrong with my ALB integration. Until now, it was working correctly using normal LoadBalancer in EKS, and when creating a service of type LoadBalancer, it was created without problems, so I known that the the integration with Load Balancing is working.

I them tried to go a step ahead, and use ALB instead. To do so, I followed de following steps:

1).- I created the policy AWSLoadBalancerControllerIAMPolicy as per AWS Documentation.

2).- I enabled OIDC ( eksctl utils associate-iam-oidc-provider --cluster eks-prod1 --approve ).

3).- I created the needed service account: ** eksctl create iamserviceaccount --cluster=eks-prod1 --namespace=kube-system --name=aws-load-balancer-controller --role-name "AmazonEKSLoadBalancerControllerRole" --attach-policy-arn=arn:aws:iam:<<myaccount>>:policy/AWSLoadBalancerControllerIAMPolicy –approve --override-existing-serviceaccounts **

4).- I installed the aws-load-balancer-controller using helm install aws-load-balancer-controller eks/aws-load-balancer-controller --set clusterName=eks-prod1 -n kube-system --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller

Is there any wrong above or something I am missing ? When I create the ingress, the ALB is not created, and there is no external IPs on my services.

Moreover, if do a kubectl describe service nginx-deployment-alb , i do not see any events generated on the service !! (it does not even try to create the ALB) See below:

kubectl describe service nginx-deployment-alb

Name: nginx-deployment-alb Namespace: default Labels: <none> Annotations: <none> Selector: app=nginx-deployment-alb Type: NodePort IP Family Policy: SingleStack IP Families: IPv4 IP: 10.100.251.114 IPs: 10.100.251.114 Port: <unset> 80/TCP TargetPort: 80/TCP NodePort: <unset> 32317/TCP Endpoints: 192.168.31.139:80,192.168.33.161:80 Session Affinity: None External Traffic Policy: Cluster Events: <none>

Is there any steps I am missing ?

Topics
ContainersNetworking & Content Delivery
Tags
Amazon Elastic Kubernetes ServiceElastic Load Balancing
Language
English
Andres
asked 8 months ago797 views
1 Answer
0
Accepted Answer

Hello,

Greetings for the day!!

I see that you have added AWS loadbalancer controller to your EKS cluster and after that you have tried to create an ingress so that you can make use of an ALB but the resource creation is not successful and you would like assistance with the same.

Whenever such issues are encountered, it is first advised to check if the AWS loabalancer controller is running or not, you can use the following command to verify the same: $ kubectl get deploy -n kube-system

If it is not running then I would request you to check the following documentation[1] to verify if any step is missed in AWS loadbalancer controller creation. You can also use the following command to check for any errors and proceed accordingly (kubectl describe pod <loadbalancer-controller-pod-name> -n kube-system)

From what you have mentioned, I see that some of your steps like identity provider creation are missing, please follow the below steps to properly install AWS loadbalancer controller:

-Create an IAM OIDC provider for your EKS cluster by following this documentation[2].

-Create an IAM policy as mentioned in this documentation[1].

-Create an IAM role and associate the IAM policy created in the above step to this role.

-Associate a trust relationship with the above role. Please refer the "AWS CLI and kubectl" section of the documentation[1] for steps to do this.

-Create a service account for the AWS loadbalancer controller. Please refer the "AWS CLI and kubectl" section of the documentation[1] for steps to do this.

-Use Helm to install the AWS loadbalancer controller.

-Verify of everything is running fine.

In case the loadbalancer controller is running fine then you can describe the ingress as well as check the loadbalancer controller logs to find the cause of the issue. Please use the below command to check ingress and AWS loadbalancer controller logs:

$ kubectl describe ingress <ingress-name> -n <namespace>

$ kubectl logs -n kube-system deployment.apps/aws-load-balancer-controller

In most cases, performing the above two checks are more than enough to identify the issue.

You can also follow the steps in this documentation[3] to troubleshoot issues related to ingress and loadbalancer creation when using AWS loadbalancer controller.

I hope this helps.

Reference:

[1] https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html

[2] https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html

AWS
Shabbar_H
answered 8 months ago
profile picture
EXPERT
Giovanni Lauria
reviewed a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content