From f5b4a7d323dfd4761f7a41a297dca63db267a4ff Mon Sep 17 00:00:00 2001 From: Patrick MARIE Date: Sat, 12 Feb 2022 10:02:17 +0100 Subject: [PATCH] Create a LoadBalancer for nginx. --- README.md | 29 ++++++++++++++++++++++++++++- eks/vpc.tf | 3 ++- k8s/nginx.tf | 23 ++++++++++++++++++++++- k8s/output.tf | 4 ++++ 4 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 k8s/output.tf diff --git a/README.md b/README.md index 4b8fc63..5d47759 100644 --- a/README.md +++ b/README.md @@ -126,6 +126,8 @@ nginx NodePort 172.20.10.182 80:31234/TCP 6m8s app=Nginx ### Reaching the app. +#### Using the NodePort + It is not possible with terraform output to retrieve the configured nodes. However, it is possible to retrieve IPs for our nodes using aws cli: ```sh @@ -146,6 +148,31 @@ $ curl http://$CLUSTER_IP:31234/ ``` +#### Using the LoadBalancer + +This approach is simpler, as it is just needed to retrieve the created the LoadBalancer external address, either by using `kubectl` or `terraform output`: + +```sh +$ kubectl get svc -n testaroo nginx-lb +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +nginx-lb LoadBalancer 172.20.149.132 a34059e68106b41a292730b5defe734b-581837320.eu-west-3.elb.amazonaws.com 80:31698/TCP 3m50s + +$ terraform output 09:59:47 +lb-address = "a34059e68106b41a292730b5defe734b-581837320.eu-west-3.elb.amazonaws.com" +``` + +The service should be reachable directly using it: + +```sh +$ curl http://$(terraform output -raw lb-address):80/ + + + +Welcome to nginx! +... +``` + + ### Reaching the/a node ssh port: Still using the AWS CLI to retrieve nodes, just: @@ -182,7 +209,7 @@ PID USER TIME COMMAND $ kubectl exec -ti -n testaroo alpine -- sh / # echo "hello world" hello world -/ # +/ # ``` ## Todo: diff --git a/eks/vpc.tf b/eks/vpc.tf index d99812f..9c7e182 100644 --- a/eks/vpc.tf +++ b/eks/vpc.tf @@ -20,10 +20,11 @@ resource "aws_subnet" "subnets" { tags = { Name = "${each.key}-${var.environment}" Env = var.environment - "kubernetes.io/cluster/eks-cluster-${var.environment}" = "shared" + "kubernetes.io/cluster/eks-cluster-${var.environment}" = "owned" } } +// The internet gateway is required so nodes can connect to the control plane resource "aws_internet_gateway" "nat_gateway" { vpc_id = aws_vpc.main.id } diff --git a/k8s/nginx.tf b/k8s/nginx.tf index c5d64b9..f5ae8c3 100644 --- a/k8s/nginx.tf +++ b/k8s/nginx.tf @@ -59,7 +59,7 @@ resource "kubernetes_service" "testaroo" { count = var.enable_nginx metadata { - name = "nginx" + name = "nginx-np" namespace = kubernetes_namespace.testaroo.metadata.0.name } @@ -76,3 +76,24 @@ resource "kubernetes_service" "testaroo" { } } } + +resource "kubernetes_service" "testaroo-lb" { + count = var.enable_nginx + + metadata { + name = "nginx-lb" + namespace = kubernetes_namespace.testaroo.metadata.0.name + } + + spec { + selector = { + app = kubernetes_deployment.testaroo[0].spec.0.template.0.metadata.0.labels.app + } + + type = "LoadBalancer" + port { + port = 80 + target_port = 80 + } + } +} diff --git a/k8s/output.tf b/k8s/output.tf new file mode 100644 index 0000000..02beaf9 --- /dev/null +++ b/k8s/output.tf @@ -0,0 +1,4 @@ +output "lb-address" { + description = "load balancer hosntame" + value = flatten(kubernetes_service.testaroo-lb[0].status[*].load_balancer[*].ingress[*].hostname)[0] +}