EKS

Update kubeconfig

aws eks update-kubeconfig --name <cluster name> --region <region>

Assign OIDC provider

eksctl utils associate-iam-oidc-provider --region=eu-west-1 --cluster=<CLUSTER NAME> --approve

Install Nginx ingress controller

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/static/provider/aws/deploy.yaml

Nginx ingress TLS termination on NLB

wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.48.1/deploy/static/provider/aws/deploy-tls-termination.yaml
# Change VPC CIDR and ACM ID
k apply -f deploy-tls-termination.yaml

Example service using nginx ingress

apiVersion: v1
kind: Namespace
metadata:
  name: demo-ns
  annotations:
    iam.amazonaws.com/permitted: ".*"
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
  namespace: demo-ns
spec:
  ports:
  - port: 80
    protocol: TCP
  selector:
    app: nginx
--- 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  namespace: demo-ns
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
        - name: nginx
          image: nginx
          ports:
          - containerPort: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: demo-ingress
  annotations:
    # use the shared ingress-nginx
    kubernetes.io/ingress.class: "nginx"
    ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: demo.mijndertstuij.nl
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: nginx-service
            port:
              number: 80