To test this sample repository you need an Amazon EKS cluster with AWS Load Balancer Controller installed. Follow the instructions below to create a new cluster.
NOTE: This sample creates an EKS cluster with 2 m6i.large nodes. The total cost of running the infrastructure for this sample in us-west-2 is approximately $0.40 / hour (considering EKS control plane, EC2 instances, Network Load Balancer and NAT Gateway costs). Remember to delete the cluster once you're finished testing.
-
Download and install eksctl. You can find instructions here.
-
Download and install the AWS CLI. You can find instructions here.
-
Create an IAM Policy to grant permissions to AWS Load Balancer Controller to create and manage Load Balancers. We will use eksctl later to create an IAM Role for the aws-load-balancer-controller Service account.
curl -o iam_policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.5.4/docs/install/iam_policy.json aws iam create-policy \ --policy-name AWSLoadBalancerControllerIAMPolicy \ --policy-document file://iam_policy.json
IMPORTANT NOTE: The above IAM policies contain permissive configuration for
ec2:AuthorizeSecurityGroupIngressandec2:RevokeSecurityGroupIngress. Follow instructions here so scope it down. -
Clone this GitHub repository and change to the repository directory.
git clone https://github.com/aws-samples/flux-eks-gitops-config.git cd flux-eks-gitops-config -
Within
docs/examples/cluster.yaml, in theiam:section, we're defining an IAM Role for service account aws-load-balancer-controller in the kube-system namespace. Update line 24 with the IAM policy ARN of the policy you've created in the prior step.arn:aws:iam::(your_aws_account_number_here):policy/AWSLoadBalancerControllerIAMPolicy -
Create the EKS cluster running the following command. It will take 15-20 minutes to create the cluster.
eksctl create cluster -f docs/examples/eks-cluster/cluster.yaml
You're all set. You can now go to the .