AWS Logo
Menu
How to Set Up an EKS Cluster with AWS Load Balancer Controller and Kubernetes Dashboard

How to Set Up an EKS Cluster with AWS Load Balancer Controller and Kubernetes Dashboard

In this comprehensive guide, we walk through creating a fully functional Amazon EKS environment, complete with IAM Roles for Service Accounts, the AWS Load Balancer Controller, and a production-ready Kubernetes Dashboard. You’ll learn how to associate an OIDC provider with your cluster, set up the AWS Load Balancer Controller via Helm, and expose the Kubernetes Dashboard with a secure, external Application Load Balancer using SSL certificates.

Published Dec 16, 2024
In this guide, we’ll walk through the process of creating an Amazon Elastic Kubernetes Service
(EKS) cluster, enabling IAM Roles for Service Accounts (IRSA), deploying the AWS Load Balancer Controller, and configuring the Kubernetes Dashboard behind an Application Load Balancer. By the end, you’ll have a production-ready environment with a clean web interface to manage your Kubernetes resources.
Prerequisites:
  • AWS CLI configured with appropriate IAM permissions
  • eksctl CLI tool installed and configured
  • helm CLI tool installed
  • kubectl configured to interact with your EKS cluster
For demonstration purposes, we’ll assume:
  • Kubernetes version: 1.30 (or your preferred supported version)
  • EKS Cluster name: PoC

Step 1: Create Your EKS Cluster

Use eksctl to create an EKS cluster. Ensure you specify your desired region, node configuration, and Kubernetes version. For example:
This will take several minutes. Once completed, your kubectl context will automatically be set to interact with the new cluster.

Step 2: Associate an OIDC Provider with Your EKS Cluster

To use IAM Roles for Service Accounts (IRSA), you must associate your cluster with an OIDC provider:
This command configures the cluster to trust IAM roles bound to specific Kubernetes service accounts.

Step 3: Deploy the AWS Load Balancer Controller

The AWS Load Balancer Controller manages ALBs and NLBs for Kubernetes services, providing a dynamic and managed way to route traffic to workloads running in your cluster.
a. Download the IAM Policy for the Controller
b. Create the IAM Policy
c. Create the IAM Service Account for the Controller
Bind the IAM policy to a Kubernetes service account using IRSA:
Replace <YOUR_ACCOUNT_ID> with your AWS account ID.
d. Add the EKS Helm Repository
e. Install the AWS Load Balancer Controller
This will create the necessary resources to manage AWS load balancers in your cluster.

Step 4: Deploy the Kubernetes Dashboard

The Kubernetes Dashboard provides a convenient web UI for monitoring and managing your cluster’s resources. Here, we will configure it to be accessible via an external ALB.
a. Pull the Helm Chart
This will download and extract the Kubernetes Dashboard Helm chart locally.
b. Configure Ingress in values.yaml
Edit the values.yaml file to enable ingress and add the following annotations:
Replace the alb.ingress.kubernetes.io/certificate-arn value with the correct Amazon Certificate Manager (ACM) ARN for your SSL certificate.
c. Install or Upgrade the Kubernetes Dashboard

Step 5: Accessing the Kubernetes Dashboard

After a few moments, the Application Load Balancer will be provisioned by the AWS Load Balancer Controller. You can retrieve the ALB’s hostname from the created Ingress resource:
Use the returned hostname to access the dashboard in your browser. The Dashboard requires a bearer token for authentication. You can use the token from the admin-user service account or any other configured service account with the necessary permissions.
For example, to retrieve the token for the admin-user (if you’ve previously set one up):
Copy the returned token, navigate to the dashboard URL, and paste the token when prompted.

Conclusion

By following the steps above, you’ve successfully:
  • Created an EKS Cluster and enabled OIDC for IRSA
  • Deployed and configured the AWS Load Balancer Controller
  • Installed the Kubernetes Dashboard behind an ALB with a secure SSL configuration
This setup not only provides a user-friendly UI to manage your Kubernetes resources but also leverages AWS-native features for secure, scalable, and highly-available load balancing.
You now have a powerful, production-ready Kubernetes environment at your fingertips.
 

Comments