Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
kubernetes 1.9 NLB example
apiVersion: v1
kind: Service
metadata:
name: nginx
namespace: default
annotations: {}
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
type: LoadBalancer
#!/usr/bin/env bash
export CLUSTER_NAME=${CLUSTER_NAME:-example.cluster.k8s.local}
export KUBERNETES_VERSION=${KUBERNETES_VERSION:-https://storage.googleapis.com/kubernetes-release/release/v1.9.0/}
export AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION:-us-west-2}
# Get all available AZs
export AWS_AVAILABILITY_ZONES="$(aws ec2 describe-availability-zones --query 'AvailabilityZones[].ZoneName' --output text | awk -v OFS="," '$1=$1')"
# Create a unique s3 bucket name, or use an existing S3_BUCKET environment variable
export S3_BUCKET=${S3_BUCKET:-kops-state-store-$(cat /dev/random | LC_ALL=C tr -dc "[:alpha:]" | tr '[:upper:]' '[:lower:]' | head -c 32)}
export KOPS_STATE_STORE=s3://$S3_BUCKET
echo "Using S3 bucket $S3_BUCKET: to use with kops run"
echo " export KOPS_STATE_STORE=s3://$S3_BUCKET"
echo " export S3_BUCKET=$S3_BUCKET"
echo " export CLUSTER_NAME=$CLUSTER_NAME"
# Create the bucket if it doesn't exist
_bucket_name=$(aws s3api list-buckets --query "Buckets[?Name=='$S3_BUCKET'].Name | [0]" --out text)
if [ $_bucket_name == "None" ]; then
aws s3api create-bucket --bucket $S3_BUCKET --create-bucket-configuration LocationConstraint=$AWS_DEFAULT_REGION
fi
kops create cluster --name $CLUSTER_NAME --zones $AWS_AVAILABILITY_ZONES --kubernetes-version $KUBERNETES_VERSION --yes
# To delete and cleanup
#kops delete cluster --name $CLUSTER_NAME --yes
#aws s3api delete-bucket --bucket $S3_BUCKET
# Hack until https://github.com/kubernetes/kops/pull/4095 lands in a release
cat << EOF > nlb-iam-permissions.json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "kopsK8sNLBMasterPermsRestrictive",
"Effect": "Allow",
"Action": [
"ec2:DescribeVpcs",
"elasticloadbalancing:AddTags",
"elasticloadbalancing:CreateListener",
"elasticloadbalancing:CreateTargetGroup",
"elasticloadbalancing:DeleteListener",
"elasticloadbalancing:DeleteTargetGroup",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:DescribeLoadBalancerPolicies",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:ModifyListener",
"elasticloadbalancing:ModifyTargetGroup",
"elasticloadbalancing:RegisterTargets",
"elasticloadbalancing:SetLoadBalancerPoliciesOfListener"
],
"Resource": [
"*"
]
}
]
}
EOF
aws iam put-role-policy \
--role-name masters.$CLUSTER_NAME \
--policy-name masters19.$CLUSTER_NAME \
--policy-document file://nlb-iam-permissions.json
#!/usr/bin/env bash
# Create the deployment
kubectl run nginx --image=nginx --port=80 --labels app=nginx
# Create the service
cat service.yaml
kubectl apply -f service.yaml
# View the running pods and new service
kubectl get pod,endpoints,service -l app=nginx -o wide
# Get the NLB address
NLB_ADDRESS=$(kubectl get svc nginx -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')
echo $NLB_ADDRESS
# Wait 3 or 4 minutes or the NLB to active and the target groups to be in service
curl http://$NLB_ADDRESS
# Query the nginx pod logs
NGINX_POD=$(kubectl get po -l app=nginx -o jsonpath='{.items[0].metadata.name}')
kubectl logs $NGINX_POD
# Scale up to 2 nginx pods, show which nodes they're on
kubectl scale deployment/nginx --replicas=2
kubectl get po -o custom-columns=NAME:.metadata.name,NODE:.spec.nodeName
apiVersion: v1
kind: Service
metadata:
name: nginx
namespace: default
labels:
app: nginx
annotations:
service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
spec:
externalTrafficPolicy: Local
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
type: LoadBalancer
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.