Kubernetes Ingress Controllers with AWS ELB

Question

Pulumi · Accepted Answer

To create a Kubernetes Ingress Controller with an AWS Elastic Load Balancer (ELB), we'll go through the following steps:

1. **Provision an Amazon EKS cluster**: Amazon Elastic Kubernetes Service (EKS) is a managed Kubernetes service that makes it easy to run Kubernetes on AWS without needing to install and manage your own Kubernetes control plane.

2. **Deploy the NGINX Ingress Controller using Helm**: The NGINX Ingress Controller is a popular choice for managing access to services in a Kubernetes cluster by routing HTTP and HTTPS traffic to the appropriate backend services.

3. **Configure Ingress resource that uses the Ingress Controller**: This resource will define the access rules and routing for traffic entering the Kubernetes cluster, to be handled by our Ingress Controller.

4. **Associate an AWS ELB with the Ingress Controller Service**: This will automatically be done when the Service of type LoadBalancer is created for the NGINX Ingress Controller. AWS will provision an ELB and expose it to the internet, providing an entry point for traffic into your Kubernetes services.

Now, let's go through the actual Pulumi code to accomplish this setup.

```python
import pulumi
import pulumi_awsx as awsx
import pulumi_kubernetes as k8s
import pulumi_eks as eks
from pulumi_kubernetes.helm.v3 import Chart, ChartOpts, FetchOpts

# Step 1: Provision an Amazon EKS cluster.
eks_cluster = eks.Cluster("eks-cluster")

# Step 2: Deploy the NGINX Ingress Controller using Helm.
nginx_ingress = Chart(
    "nginx-ingress",
    config=ChartOpts(
        chart="ingress-nginx",
        version="3.7.1",
        fetch_opts=FetchOpts(
            # Replace with the repository that hosts the nginx-ingress Helm chart.
            repo="https://kubernetes.github.io/ingress-nginx",
        ),
    ),
    opts=pulumi.ResourceOptions(provider=eks_cluster.provider),
)

# Step 3: Configure an Ingress resource that uses the NGINX Ingress Controller.
# This is usually done by writing Kubernetes YAML configuration and applying it
# through `kubectl`. With Pulumi, you'll define the Ingress resource programmatically.
app_labels = {"app": "myapp"}
app_ingress = k8s.networking.v1.Ingress(
    "app-ingress",
    metadata=k8s.meta.v1.ObjectMetaArgs(labels=app_labels, namespace=eks_cluster.core_v1_namespace_id),
    spec=k8s.networking.v1.IngressSpecArgs(
        rules=[
            k8s.networking.v1.IngressRuleArgs(
                host="myapp.example.com",
                http=k8s.networking.v1.HTTPIngressRuleValueArgs(
                    paths=[
                        k8s.networking.v1.HTTPIngressPathArgs(
                            path="/",
                            path_type="Prefix",
                            backend=k8s.networking.v1.IngressBackendArgs(
                                service=k8s.networking.v1.IngressServiceBackendArgs(
                                    name="myapp-service",   # Name of the service to route to
                                    port=k8s.networking.v1.ServiceBackendPortArgs(number=80),
                                ),
                            ),
                        ),
                    ],
                ),
            ),
        ],
    ),
    opts=pulumi.ResourceOptions(provider=eks_cluster.provider),
)

# Step 4: The AWS ELB is associated automatically when the Service of type LoadBalancer is created.
# In this case, the nginx-ingress Helm chart we've deployed will take care of this. Once deployed,
# the ingress controller's service with type LoadBalancer would create an AWS ELB.

# Export the cluster name and kubeconfig.
pulumi.export("cluster_name", eks_cluster.eks_cluster.name)

# To obtain the kubeconfig file to interact with the cluster using kubectl,
# we can export the kubeconfig generated by Pulumi.
p