-
-
Save micahhausler/4f3a2ee540f5714e6dd91b4bacace3ae to your computer and use it in GitHub Desktop.
kubernetes 1.9 NLB example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: nginx | |
| namespace: default | |
| annotations: {} | |
| spec: | |
| ports: | |
| - name: http | |
| port: 80 | |
| protocol: TCP | |
| targetPort: 80 | |
| selector: | |
| app: nginx | |
| type: LoadBalancer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| export CLUSTER_NAME=${CLUSTER_NAME:-example.cluster.k8s.local} | |
| export KUBERNETES_VERSION=${KUBERNETES_VERSION:-https://storage.googleapis.com/kubernetes-release/release/v1.9.0/} | |
| export AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION:-us-west-2} | |
| # Get all available AZs | |
| export AWS_AVAILABILITY_ZONES="$(aws ec2 describe-availability-zones --query 'AvailabilityZones[].ZoneName' --output text | awk -v OFS="," '$1=$1')" | |
| # Create a unique s3 bucket name, or use an existing S3_BUCKET environment variable | |
| export S3_BUCKET=${S3_BUCKET:-kops-state-store-$(cat /dev/random | LC_ALL=C tr -dc "[:alpha:]" | tr '[:upper:]' '[:lower:]' | head -c 32)} | |
| export KOPS_STATE_STORE=s3://$S3_BUCKET | |
| echo "Using S3 bucket $S3_BUCKET: to use with kops run" | |
| echo " export KOPS_STATE_STORE=s3://$S3_BUCKET" | |
| echo " export S3_BUCKET=$S3_BUCKET" | |
| echo " export CLUSTER_NAME=$CLUSTER_NAME" | |
| # Create the bucket if it doesn't exist | |
| _bucket_name=$(aws s3api list-buckets --query "Buckets[?Name=='$S3_BUCKET'].Name | [0]" --out text) | |
| if [ $_bucket_name == "None" ]; then | |
| aws s3api create-bucket --bucket $S3_BUCKET --create-bucket-configuration LocationConstraint=$AWS_DEFAULT_REGION | |
| fi | |
| kops create cluster --name $CLUSTER_NAME --zones $AWS_AVAILABILITY_ZONES --kubernetes-version $KUBERNETES_VERSION --yes | |
| # To delete and cleanup | |
| #kops delete cluster --name $CLUSTER_NAME --yes | |
| #aws s3api delete-bucket --bucket $S3_BUCKET | |
| # Hack until https://github.com/kubernetes/kops/pull/4095 lands in a release | |
| cat << EOF > nlb-iam-permissions.json | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "kopsK8sNLBMasterPermsRestrictive", | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ec2:DescribeVpcs", | |
| "elasticloadbalancing:AddTags", | |
| "elasticloadbalancing:CreateListener", | |
| "elasticloadbalancing:CreateTargetGroup", | |
| "elasticloadbalancing:DeleteListener", | |
| "elasticloadbalancing:DeleteTargetGroup", | |
| "elasticloadbalancing:DescribeListeners", | |
| "elasticloadbalancing:DescribeLoadBalancerPolicies", | |
| "elasticloadbalancing:DescribeTargetGroups", | |
| "elasticloadbalancing:DescribeTargetHealth", | |
| "elasticloadbalancing:ModifyListener", | |
| "elasticloadbalancing:ModifyTargetGroup", | |
| "elasticloadbalancing:RegisterTargets", | |
| "elasticloadbalancing:SetLoadBalancerPoliciesOfListener" | |
| ], | |
| "Resource": [ | |
| "*" | |
| ] | |
| } | |
| ] | |
| } | |
| EOF | |
| aws iam put-role-policy \ | |
| --role-name masters.$CLUSTER_NAME \ | |
| --policy-name masters19.$CLUSTER_NAME \ | |
| --policy-document file://nlb-iam-permissions.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Create the deployment | |
| kubectl run nginx --image=nginx --port=80 --labels app=nginx | |
| # Create the service | |
| cat service.yaml | |
| kubectl apply -f service.yaml | |
| # View the running pods and new service | |
| kubectl get pod,endpoints,service -l app=nginx -o wide | |
| # Get the NLB address | |
| NLB_ADDRESS=$(kubectl get svc nginx -o jsonpath='{.status.loadBalancer.ingress[0].hostname}') | |
| echo $NLB_ADDRESS | |
| # Wait 3 or 4 minutes or the NLB to active and the target groups to be in service | |
| curl http://$NLB_ADDRESS | |
| # Query the nginx pod logs | |
| NGINX_POD=$(kubectl get po -l app=nginx -o jsonpath='{.items[0].metadata.name}') | |
| kubectl logs $NGINX_POD | |
| # Scale up to 2 nginx pods, show which nodes they're on | |
| kubectl scale deployment/nginx --replicas=2 | |
| kubectl get po -o custom-columns=NAME:.metadata.name,NODE:.spec.nodeName |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: nginx | |
| namespace: default | |
| labels: | |
| app: nginx | |
| annotations: | |
| service.beta.kubernetes.io/aws-load-balancer-type: "nlb" | |
| spec: | |
| externalTrafficPolicy: Local | |
| ports: | |
| - name: http | |
| port: 80 | |
| protocol: TCP | |
| targetPort: 80 | |
| selector: | |
| app: nginx | |
| type: LoadBalancer |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment