K
Q

Unable to create Kubernetes service with AWS Elastic LoadBalancer

2/1/2019

I created aws application load balancer myservices and I got following DNS name listed in aws console - internal-myservices-987070943.us-east-1.elb.amazonaws.com

I also has Target Groups created and showing below under Description - Name as myservices-LB, Protocol as HTTPS , port as 443, Target type as instance, Load Balancer as myservices Under Targets tab I can see Registered targets showing my Instance ID as i-02dbf9b3a7d9163e7 with Port as 443 and other details… This instance ID is my ec2 instance which I have configured as master node of my kubernetes cluster.

Actually both my loadbalancer as well as EC2 instances are in same VPC.

From my local machine now I am able to access this URL https://internal-myservices-987070943.us-east-1.elb.amazonaws.com What I did was - 1) health check was failing in HTTPS 443 port and 2) Installed web server nginx in my EC2 Instance. So installing nginx and opening SSL port automatically resolved health check issue and I am able to browse the internal LB URL using https.

But still my main problem of creating a loadbalancer using kubernetes svc is not resolved :( It still shows <pending> for EXTERNAL_IP. My doubt is since both EC2 instance and LB are in same VPC, why isnt traceroute internal-myservices-987070943.us-east-1.elb.amazonaws.com not tracing it? I am getting all * * * for all 30 hops. But from my local machine I am able to trace it successfully. So this is the reason why its not creating any external ip ?

I did all the things needed for AWS cloud integration with kubernetes..

1) My hostname of both master and worker nodes in kube cluster same as EC2 instance DNS names.

2) Added tags for EC2 instances and in kubelet service

3) Added cloud-config tags for kube-api and kube-controller-manager POD's

4) I see elasticloadbalancing:* Action having Allow for my policy in AWS for my role.

Also I wonder how is it when nginx installed in my EC2 instance is able to access my LoadBalancer but Traceroute is not able to access it.

Is it possible to directly access my service using Loadbalancer which I manually created via AWS console?? Maybe with NodePort or ingress or something..??

So I am stuck with this :( Please help..

-- Gopi
amazon-elb
aws-application-load-balancer
aws-load-balancer
kubernetes
kubernetes-ingress

Similar Questions

Error: validation failed: unable to recognize "": no matches for kind "EtcdCluster" in version "etcd.database.coreos.com/v1beta2"
Logs when Kubernetes OpenID Connect authentication fails
Access denied when pulling private registry image using helm with gitlab runner helm chart and ci job
Kubernetes ServiceAccount have roles and rolesbinding permissions can't create roles
Connecting Node js application with redis using Kubernetes
When Pods scheduled on a particular worker node it always fails. How to debug it?
Kubernetes readinessProbe initialDelaySeconds Doesn&#39;t working

1 Answer

2/6/2019

I had to set proxy as an env variable inside the kube-controller yaml. Also, had to set some ec2 metadata ip address in no_proxy variable for this to work.

-- Gopi
Source: StackOverflow