Skip to main content

Microk8s With Aws LoadBalancer Controller (ALB)

·264 words·2 mins
O11y | Cloud
Author
O11y | Cloud
Site Reliability Engineer
Table of Contents

Install
#

Create Ubuntu EC2 Instance
#

Tested with Ubuntu 22.04 ami-05998db572bb53e73 in t3.small.

Install MicroK8s
# 

snap install microk8s --classic
sudo microk8s enable dns ingress

Create EC2 Role for AWS LoadBalancer
#

Docs

Create an IAM role and attach the official AWS Load Balancer Controller policy:

  • Download policy
  • Create IAM policy
  • Attach it to an EC2 role
  • Attach the role to your instance (via instance profile)

Note: For non-EKS clusters (MicroK8s), attach the role directly to the EC2 instance.

Add AWS LoadBalancer Controller Helm Repo
# 

helm repo add eks https://aws.github.io/eks-charts
helm repo update

Patch MicroK8s Node with EC2 Metadata
# 

INSTANCE_ID=$(curl http://169.254.169.254/latest/meta-data/instance-id)
AVAILABILITY_ZONE=$(curl http://169.254.169.254/latest/meta-data/placement/availability-zone)
NODE=$(microk8s kubectl get nodes -o jsonpath='{.items[0].metadata.name}')

echo "Instance ID: $INSTANCE_ID, Availability Zone: $AVAILABILITY_ZONE, Node: $NODE"

# patch node with providerID
microk8s kubectl patch node $NODE -p '{"spec":{"providerID":"aws:///'$AVAILABILITY_ZONE'/'$INSTANCE_ID'"}}'

Install AWS LoadBalancer Controller Helm
# 

helm install aws-load-balancer-controller \
    eks/aws-load-balancer-controller \
    -n kube-system \
    --set clusterName=microk8s-cluster

# Check 2 pods exist
kubectl get pods -n kube-system

You should see 2 pods starting with aws*.

Configure
#

Configure Ingress with Share Group
#

Share group enables Ingresses to share AWS load balancer to save cost and make management more efficient. Each Ingress will update AWS ALB with its rules. You can manage the rules prioriti using additional annotations.

Here is example Ingress configuration for OpenTelemetry Collector acting as gateway for logs.

ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: instance

    # group.name must match across Ingresses
    # It will update AWS ALB tag: stack
    alb.ingress.kubernetes.io/group.name: otel-shared
    alb.ingress.kubernetes.io/group.order: "10"
  hosts:
    - host: ""
      paths:
        - path: /v1/logs
          pathType: Prefix
          port: 4318