Publish Express API to EKS Fargate
A step-by-step guide on deploying an Express API to Amazon Elastic Kubernetes Service (EKS) running on AWS Fargate.
Table of contents
- Create and Setup Cluster and required policies
- 1. Create Fargate Cluster
- 2. Enable cluster to use IAM
- 3. Download the IAM policy to allow AWS Load Balancer Controller to make requests to AWS API's
- 4. Create an IAM policy with the file downloaded in step 3
- 5. To create a service account named aws-load-balancer-controller in the kube-system namespace for the AWS Load Balancer Controller, run the following command:
- 6. To verify that the new service role is created, run one of the following commands:
- Install the AWS Load Balancer Controller using Helm
- Setup AWS Load Balancer Controller
Important: This tutorial assume you already has installed and know how to use, aws cli, kubectl and eksctl
Create and Setup Cluster and required policies
1. Create Fargate Cluster
eksctl create cluster --region us-west-1 --name express-api --version 1.25 --fargate
Note: This command create a stack in cloudformation
2. Enable cluster to use IAM
eksctl utils associate-iam-oidc-provider --region us-west-1 --cluster express-api --approve
3. Download the IAM policy to allow AWS Load Balancer Controller to make requests to AWS API's
curl -o iam_policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.4/docs/install/iam_policy.json
4. Create an IAM policy with the file downloaded in step 3
aws iam create-policy \
--policy-name AWSLoadBalancerControllerIAMPolicy \
--policy-document file://iam_policy.json
5. To create a service account named aws-load-balancer-controller in the kube-system namespace for the AWS Load Balancer Controller, run the following command:
eksctl create iamserviceaccount \
--cluster=express-api \
--namespace=kube-system \
--name=aws-load-balancer-controller \
--attach-policy-arn=arn:aws:iam::{org-id}:policy/AWSLoadBalancerControllerIAMPolicy \
--override-existing-serviceaccounts \
--approve \
--region us-west-1
Note: This command create a stack in cloudformation
6. To verify that the new service role is created, run one of the following commands:
eksctl get iamserviceaccount --region us-west-1 --cluster express-api --name aws-load-balancer-controller --namespace kube-system
#or
kubectl get serviceaccount aws-load-balancer-controller --namespace kube-system
Install the AWS Load Balancer Controller using Helm
1. Add the Amazon EKS chart repo to Helm
helm repo add eks https://aws.github.io/eks-charts
2. Install the TargetGroupBinding custom resource definitions (CRDs)
kubectl apply -k "github.com/aws/eks-charts/stable/aws-load-balancer-controller//crds?ref=master"
3. Install helm chart
helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
--set clusterName=express-api \
--set serviceAccount.create=false \
--set region=us-west-1 \
--set vpcId={vpc-id} \
--set serviceAccount.name=aws-load-balancer-controller \
-n kube-system
Setup AWS Load Balancer Controller
1. Create a Fargate profile
eksctl create fargateprofile --cluster express-api --region us-west-1 --name express-api-profile --namespace express-api-namespace
2. Deploy YML file
Download: gist.github.com/diegofcornejo/5b271c7ec69b2..
kubectl apply -f express-api-alb.yml
Note: If you want https on your load balancer, you need to create it before in the same region when you are deployed your cluster (us-west-1 for this example), then pass the certificate arn in the file.yml
3. Verify that the Ingress resource was created
kubectl get ingress/express-api-ingress -n express-api-namespace
#or
kubectl get ingresses.networking.k8s.io express-api-ingress -n express-api-namespace
Output:
NAME CLASS HOSTS ADDRESS PORTS AGE
express-api-ingress alb * k8s-expressa-expressa-xxxxxxxxxx-xxxxxxxx.us-west-2.elb.amazonaws.com 80 12m
Note: If your Ingress isn't created after several minutes, view the AWS Load Balancer Controller logs by running the following command:
kubectl logs -n kube-system deployment.apps/aws-load-balancer-controller
4. Open the browser and paste the load balancer url or your custom domain
Note: Remember create an A record in route 53 or your domain admin point to load balancer
5. Scale your deployment
kubectl scale deployments express-api-deployment --replicas=3 -n express-api-namespace
References
repost.aws/knowledge-center/eks-alb-ingress..
aws.amazon.com/blogs/containers/how-to-expo..
Delete Cluster
eksctl delete cluster --region us-west-1 --name express-api