Amazon EKS

This section shows you how to install the HAProxy Kubernetes Ingress Controller in Amazon Elastic Kubernetes Service.

Pre-installation checklist

Connect to your EKS cluster

  1. If you created your EKS cluster using the AWS Console, you were logged into the AWS Console as a certain user. Unless you've already configured additional RBAC users inside of your Kubernetes cluster, you must connect to the cluster using this same user. Follow these steps to connect to the cluster as that user:

    • In the AWS Console, expand your account menu, located in the upper right, and select My Security Credentials.

    • On the Your Security Credentials page, expand the Access keys section and create a new access key if you do not already have one stored. This will give you an Access Key ID and Secret Access key. Store these somewhere so that you have them later.

  2. On your local workstation, configure a named profile for the AWS CLI to use when connecting to AWS. You can accomplish this by calling the aws configure command, which will prompt you for the necessary values, including your user's Access Key ID and Secret Access key.

    $ aws configure
  3. Connect to your Kubernetes cluster using the AWS CLI. This will create a ~/.kube/config file:

    $ aws eks --region [Your region] update-kubeconfig --name [Your cluster name]
  4. Check that you can access the cluster by calling kubectl get pods:

    $ kubectl get pods
    
    No resources found in default namespace.

Install

Choose one of the following installation methods:

Install with Helm

  1. Add the HAProxy Technologies Helm repository:

    $ helm repo add haproxytech https://haproxytech.github.io/helm-charts
  2. Update your list of charts:

    $ helm repo update
  3. Install the latest version of the ingress controller with type set to LoadBalancer:

    $ helm install kubernetes-ingress haproxytech/kubernetes-ingress \
        --set controller.service.type=LoadBalancer

    This will create an EC2 Classic Load Balancer that routes traffic to the ingress controller service. You can map the load balancer's IP address to your public DNS domain name.

Install with kubectl

  1. Download the deployment YAML file: https://raw.githubusercontent.com/haproxytech/kubernetes-ingress/master/deploy/haproxy-ingress.yaml

  2. Edit the haproxy-ingress Service object in the YAML file, setting its type field to LoadBalancer:

    apiVersion: v1
    kind: Service
    metadata:
      labels:
        run: haproxy-ingress
      name: haproxy-ingress
      namespace: haproxy-controller
    spec:
      selector:
        run: haproxy-ingress
      type: LoadBalancer
      ports:
      - name: http
        port: 80
        protocol: TCP
        targetPort: 80
      - name: https
        port: 443
        protocol: TCP
        targetPort: 443
      - name: stat
        port: 1024
        protocol: TCP
        targetPort: 1024
  3. Use the kubectl apply command to deploy the controller:

    $ kubectl apply -f haproxy-ingress.yaml

    This will create an EC2 Classic Load Balancer that routes traffic to the ingress controller service. You can map the load balancer's IP address to your public DNS domain name.

Check your installation

Verify that the controller is installed into your Kubernetes cluster by using the command kubectl get pods -A:

$ kubectl get pods -A

  NAMESPACE   NAME                                                  READY   STATUS    RESTARTS   AGE
  default     kubernetes-ingress-7dd4cc4b-x5fkv                     1/1     Running   0          1m
  default     kubernetes-ingress-default-backend-5579b8796c-dkk4v   1/1     Running   0          1m

Get the External IP, which you can use to access your cluster:

$ kubectl get services -A

  NAMESPACE   NAME                 TYPE           CLUSTER-IP      EXTERNAL-IP                                    PORT(S)                                     AGE
  default     kubernetes-ingress   LoadBalancer   10.100.187.10   a1234-5678-9012.us-east-2.elb.amazonaws.com   80:32024/TCP,443:32609/TCP,1024:32312/TCP   8m35s

Next up

Azure