Installation
Install on Amazon EKS
This guide shows you how to install HAProxy Kubernetes Ingress Controller in Amazon Elastic Kubernetes Service. We will use the Helm package manager.
Pre-installation checklist Jump to heading
- A running EKS Kubernetes cluster with a configured node group
- The AWS CLI
- The helm command-line tool
- The kubectl command-line tool
Connect to your EKS cluster Jump to heading
-
If you created your EKS cluster using the AWS Console, you were logged into the AWS Console as a certain user. Unless you’ve already configured additional RBAC users inside of your Kubernetes cluster, you must connect to the cluster using this same user. Follow these steps to connect to the cluster as that user:
- In the AWS Console, expand your account menu, located in the upper right, and select My Security Credentials.
- On the Your Security Credentials page, expand the Access keys section and create a new access key if you do not already have one stored. This will give you an Access Key ID and Secret Access key. Store these somewhere so that you have them later.
-
On your local workstation, configure a named profile for the AWS CLI to use when connecting to AWS. You can accomplish this by calling the
aws configure
command, which will prompt you for the necessary values, including your user’s Access Key ID and Secret Access key:bashaws configurebashaws configure -
Connect to your Kubernetes cluster using the AWS CLI. This will create a
~/.kube/config
file:bashaws eks --region [Your region] update-kubeconfig --name [Your cluster name]bashaws eks --region [Your region] update-kubeconfig --name [Your cluster name] -
Check that you can access the cluster by calling
kubectl get pods
bashkubectl get podsbashkubectl get podsoutputbashNo resources found in default namespace.outputbashNo resources found in default namespace.
Install Jump to heading
Choose one of the following installation methods:
Install with Helm Jump to heading
-
Add the HAProxy Technologies Helm repository:
bashhelm repo add haproxytech https://haproxytech.github.io/helm-chartsbashhelm repo add haproxytech https://haproxytech.github.io/helm-charts -
Update your list of Helm charts:
bashhelm repo updatebashhelm repo update -
Install the latest version of the ingress controller. Set
controller.service.type
toLoadBalancer
:bashhelm install haproxy-kubernetes-ingress haproxytech/kubernetes-ingress \--create-namespace \--namespace haproxy-controller \--set controller.service.type=LoadBalancerbashhelm install haproxy-kubernetes-ingress haproxytech/kubernetes-ingress \--create-namespace \--namespace haproxy-controller \--set controller.service.type=LoadBalancerThis will create an EC2 Classic Load Balancer that routes traffic to the ingress controller service. You can map the load balancer’s IP address to your public DNS domain name.
About ingress class
By default, the Helm chart adds
--ingress.class=haproxy
to the ingress controller. That means that it will useIngress
resources only if they specifyingressClassName: haproxy
. You can disable this by setting--set controller.ingressClass=null
when callinghelm install
.This change was introduced in version 1.6.
Install with kubectl Jump to heading
-
Download the latest source code from the HAProxy Kubernetes Ingress Controller GitHub page.
-
Edit the file
deploy/haproxy-ingress.yaml
. -
Change the Service resource in
haproxy-ingress.yaml
, setting itstype
field toLoadBalancer
, which is the preferred mode when running in the cloud:haproxy-ingress.yamlyamlapiVersion: v1kind: Servicemetadata:labels:run: haproxy-ingressname: haproxy-ingressnamespace: haproxy-controllerspec:selector:run: haproxy-ingresstype: LoadBalancerports:- name: httpport: 80protocol: TCPtargetPort: 80- name: httpsport: 443protocol: TCPtargetPort: 443- name: statport: 1024protocol: TCPtargetPort: 1024haproxy-ingress.yamlyamlapiVersion: v1kind: Servicemetadata:labels:run: haproxy-ingressname: haproxy-ingressnamespace: haproxy-controllerspec:selector:run: haproxy-ingresstype: LoadBalancerports:- name: httpport: 80protocol: TCPtargetPort: 80- name: httpsport: 443protocol: TCPtargetPort: 443- name: statport: 1024protocol: TCPtargetPort: 1024 -
Use the
kubectl apply
command to deploy the controller:bashkubectl apply -f haproxy-ingress.yamlbashkubectl apply -f haproxy-ingress.yamlThis will create an EC2 Classic Load Balancer that routes traffic to the ingress controller service. You can map the load balancer’s IP address to your public DNS domain name, for example by using Route53.
Check your installation Jump to heading
Verify that the controller is installed into your Kubernetes cluster by using the command kubectl get pods
:
bash
kubectl get pods --namespace haproxy-controller
bash
kubectl get pods --namespace haproxy-controller
outputbash
NAME READY STATUS RESTARTS AGEhaproxy-kubernetes-ingress-7dd4cc4b-x5fkv 1/1 Running 0 1m
outputbash
NAME READY STATUS RESTARTS AGEhaproxy-kubernetes-ingress-7dd4cc4b-x5fkv 1/1 Running 0 1m
Get the External IP, which you can use to access your cluster:
bash
kubectl get services --namespace haproxy-controller
bash
kubectl get services --namespace haproxy-controller
outputbash
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEhaproxy-kubernetes-ingress LoadBalancer 10.104.173.167 a1234-5678-9012.us-east-2.elb.amazonaws.com 80:30264/TCP,443:31575/TCP,1024:31785/TCP 157m
outputbash
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEhaproxy-kubernetes-ingress LoadBalancer 10.104.173.167 a1234-5678-9012.us-east-2.elb.amazonaws.com 80:30264/TCP,443:31575/TCP,1024:31785/TCP 157m
If this page was useful, please, Leave the feedback.