CODEWITHSUNDEEP
amazon-web-servicesamazon-eksaws-application-load-balancerkongkong-ingress
anXler
anXler

Reputation: 317

Attach SSL Certificate to ALB for Kong Ingress Controller in EKS

I'm trying to deploy a Kong Ingress Controller on EKS using CDK (Python). I already have a public domain in Route53 and an SSL certificate in ACM via DNS validation. My current code creates the Ingress Controller and a Classic Load Balancer without attaching the SSL certificate, but I need an Application Load Balancer (ALB) with the SSL certificate attached with it. What I am missing here?

Here is my current code:

        certificate = acm.Certificate(
            scope=self, 
            id="Certificate",
            domain_name=domain_name,
            validation=acm.CertificateValidation.from_dns(hosted_zone=hosted_zone)
        )


       kong_chart = eks.HelmChart(
            scope=self, 
            id="KongIngressController",
            cluster=cluster,
            chart="kong",
            repository="https://charts.konghq.com",
            namespace="kong",
            release="kong",
            values={
                "ingressController": {
                    "enabled": True,
                    "annotations": {
                        "kubernetes.io/ingress.class": "alb",
                        "alb.ingress.kubernetes.io/certificate-arn": certificate.certificate_arn,
                        "alb.ingress.kubernetes.io/scheme": "internet-facing",
                        "alb.ingress.kubernetes.io/target-type": "ip",
                        "alb.ingress.kubernetes.io/listen-ports": '[{"HTTP": 80}, {"HTTPS": 443}]',
                        "alb.ingress.kubernetes.io/backend-protocol": "HTTPS",
                        "alb.ingress.kubernetes.io/healthcheck-path": "/health",
                        "alb.ingress.kubernetes.io/healthcheck-port": "traffic-port",
                        "alb.ingress.kubernetes.io/healthcheck-interval-seconds": "30",
                        "alb.ingress.kubernetes.io/healthcheck-timeout-seconds": "5",
                        "alb.ingress.kubernetes.io/healthy-threshold-count": "2",
                        "alb.ingress.kubernetes.io/unhealthy-threshold-count": "2",
                        "alb.ingress.kubernetes.io/actions.redirect": '{"Type": "redirect", "RedirectConfig": {"Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
                    }
                },
                "admin": {
                    "tls": {
                        "parameters": []
                    }
                },
                "autoscaling": {
                    "enabled": True,
                    "minReplicas": 1,
                    "maxReplicas": 2
                },
                "resources": {
                    "limits": {
                        "cpu": "1",
                        "memory": "2G"
                    },
                    "requests": {
                        "cpu": "1",
                        "memory": "2G"
                    }
                },
                "updateStrategy": {
                    "type": "RollingUpdate",
                    "rollingUpdate": {
                        "maxSurge": "100%",
                        "maxUnavailable": "0%"
                    }
                }
            }
        )

Upvotes: 0

Views: 113

Answers (0)

Related Questions