In today's article, I will show you how to install AWS LoadBalancer Controller on EKS cluster along with fixing some common issues. This controller help to manage Elastic Load Balancers for a Kubernetes cluster. Let's get started.

Prerequisites

Before you start, we need following things:
  • An existing Amazon EKS cluster
  • eksctl installed
  • kubectl installed
  • Create IAM OIDC provider

    Firstly, you need to create an IAM OIDC provider for your cluster, this helps to verify the identity of the End-User based on the authentication performed by an Authorization Server. To do this, you need to run the following command:

    1
    eksctl utils associate-iam-oidc-provider --region ${AWS_REGION} --cluster ${EKS_CLUSTER_NAME} --approve

    Download IAM Policy for the ALB

    Now we need to download the IAM Policy to create the AWS Load Balancer Controller. You can download the required JSON file by running following command:

    1
    curl -fsSL -o iam-policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.0/docs/install/iam_policy.json

    Above command downloads the IAM Policy to the current directory.

    Create IAM Policy for the ALB

    Now we need to create the IAM Policy for the AWS Load Balancer Controller using the above downloaded JSON. To do this, you need to run the following command:

    1
    aws iam create-policy --policy-name AWSLoadBalancerControllerIAMPolicy --policy-document file://iam_policy.json

    Create IAM Role & Service Account

    Now we need to create an IAM Role and Service Account for the AWS Load Balancer Controller by attaching the policy we have created in our previous step. To do this, you need to run the following command:

    1
    eksctl create iamserviceaccount --cluster=${EKS_CLUSTER_NAME} --namespace=kube-system --name=aws-load-balancer-controller --attach-policy-arn=arn:aws:iam::${AWS_ACCOUNT_ID}:policy/AWSLoadBalancerControllerIAMPolicy --override-existing-serviceaccounts --region ${AWS_REGION} --approve

    Install the Target Group Binding CRDs

    Now we need to install the Target Group Binding CRDs. This Target Group Binding helps to expose our pods using Application Load Balancers & Network Load Balancers. To do this, you need to run the following command:

    1
    kubectl apply -k "github.com/aws/eks-charts/stable/aws-load-balancer-controller//crds?ref=master"

    After running the above command, you can verify the installation by running the following command:

    1
    kubectl get crd

    Deploy the Helm chart

    Add the EKS chart repo to helm. To do this, you need to run the following command:

    1
    helm repo add eks https://aws.github.io/eks-charts

    Install the AWS Load Balancer Controller

    Now we need to install the AWS Load Balancer Controller. To do this, you need to run the following command:

    1
    helm upgrade install aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=${EKS_CLUSTER_NAME} --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller

    Warning: Sometime it said that failed to download "eks/aws-load-balancer-controller". To avoid it use below command:

    1
    helm upgrade --install  aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=${EKS_CLUSTER_NAME} --set serviceAccount.create=false --set region=${AWS_REGION} --set image.repository=${AWS_IMAGE_REPOSITORY}/amazon/aws-load-balancer-controller --set serviceAccount.name=aws-load-balancer-controller

    Make sure to replace EKS_CLUSTER_NAME, AWS_REGION & AWS_IMAGE_REPOSITORY values according to your requirement. You can find required AWS_IMAGE_REPOSITORY from here.

    For more detials please visit here

    Verify the installation

    Now we need to verify the installation. To do this, you need to run the following command:

    1
    kubectl get deployment -n kube-system aws-load-balancer-controller

    Deploy sample application

    Now we are going to verify the AWS Load Balancer Controller by deploying a sample application. To do this, you need to run the following command:

    1
    kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/main/docs/examples/2048/2048_full.yaml

    After few minutes, you can verify the ingress by running the following command:

    1
    kubectl get ingress/ingress-2048 -n game-2048

    It will show your ingress details. You can copy the address and paste it in your browser. You will see the sample application running on the browser. You can get ingress from your AWS Management Console also, if you navigate to the EC2 dashboard and the select Load Balancers from the menu on the left-pane, you should see the details of the ALB instance created for your application.

    Troubleshooting

    For general troubleshootings, please refer this documentation or this documentation

    Conclusion

    In this tutorial, we have learned how to install AWS Load Balancer Controller in your EKS Cluster. For more details you can check the AWS Load Balancer Controller official documentation. You can obtain all the required script from this GitHub repository. If you have any issue regarding this tutorial, mention your issue in the comment section or reach me through my E-mail.

    Happy Coding