I installed aws-load-balancer-controller on new EKS cluster (version v1.21.5-eks-bc4871b).
I installed by this guide https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.3/deploy/installation/ step by step but when I'm trying to deploy ingress object I'm getting the error I mentioned in the title. I tried to do as github issues questions like here https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/2039 but didn't find any answer.
What else can I do for checking this?
load-balancer-controller pod description for more details It may happen that the image is not available at the ECR
I assume you are getting an error message like the following, if is not the case, please post your error.
Error from server (InternalError): error when creating "anymanifest.yaml": Internal error occurred: failed calling webhook "vingress.elbv2.k8s.aws": Post "https://aws-load-balancer-webhook-service.kube-system.svc:443/validate-networking-v1beta1-ingress?timeout=10s": context deadline exceededUsually, it happens due to EKS control plane can't communicate with nodes using the webhook port.
Checkout the logs of the aws-load-balancer-controller pods to check the port it started to listen
{"level":"info","ts":1643365219.2410042,"logger":"controller-runtime.webhook","msg":"serving webhook server","host":"","port":9443}In order to fix that, in the security group of the worker nodes, allow communications of port 9443 from EKS control plane
In case it might help others - I also had the original issue using fargate profile and worker-node for core-dns. The solution for me I found in another place was just adding
node_security_group_additional_rules = {
ingress_allow_access_from_control_plane = {
type = "ingress"
protocol = "tcp"
from_port = 9443
to_port = 9443
source_cluster_security_group = true
description = "Allow access from control plane to webhook port of AWS load balancer controller"
}
}