aws-load-balancer-controller: Installation of AWS load balancer failed to deploy successfully

Describe the bug

I followed https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html to install the AWS load balancer in our EKS cluster.

The final state should be a successfully deployed AWS load balancer:

NAME                           READY   UP-TO-DATE   AVAILABLE   AGE
aws-load-balancer-controller   2/2     2            2           84s

However what I see is:

 ~/Downloads/ kubectl get deployment -n kube-system aws-load-balancer-controller
NAME                           READY   UP-TO-DATE   AVAILABLE   AGE
aws-load-balancer-controller   0/2     0            0           15d

When I describe the deployment, I see:

 ~/Downloads/ kubectl describe deployment -n kube-system aws-load-balancer-controller
Name:                   aws-load-balancer-controller
Namespace:              kube-system
CreationTimestamp:      Mon, 19 Dec 2022 14:19:09 -0800
Labels:                 app.kubernetes.io/instance=aws-load-balancer-controller
                        app.kubernetes.io/managed-by=Helm
                        app.kubernetes.io/name=aws-load-balancer-controller
                        app.kubernetes.io/version=v2.4.5
                        helm.sh/chart=aws-load-balancer-controller-1.4.6
Annotations:            deployment.kubernetes.io/revision: 1
                        meta.helm.sh/release-name: aws-load-balancer-controller
                        meta.helm.sh/release-namespace: kube-system
Selector:               app.kubernetes.io/instance=aws-load-balancer-controller,app.kubernetes.io/name=aws-load-balancer-controller
Replicas:               2 desired | 0 updated | 0 total | 0 available | 2 unavailable
StrategyType:           RollingUpdate
MinReadySeconds:        0
RollingUpdateStrategy:  25% max unavailable, 25% max surge
Pod Template:
  Labels:           app.kubernetes.io/instance=aws-load-balancer-controller
                    app.kubernetes.io/name=aws-load-balancer-controller
  Annotations:      prometheus.io/port: 8080
                    prometheus.io/scrape: true
  Service Account:  aws-load-balancer-controller
  Containers:
   aws-load-balancer-controller:
    Image:       602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller:v2.4.5
    Ports:       9443/TCP, 8080/TCP
    Host Ports:  0/TCP, 0/TCP
    Command:
      /controller
    Args:
      --cluster-name=eventplatform0
      --ingress-class=alb
    Liveness:     http-get http://:61779/healthz delay=30s timeout=10s period=10s #success=1 #failure=2
    Environment:  <none>
    Mounts:
      /tmp/k8s-webhook-server/serving-certs from cert (ro)
  Volumes:
   cert:
    Type:               Secret (a volume populated by a Secret)
    SecretName:         aws-load-balancer-tls
    Optional:           false
  Priority Class Name:  system-cluster-critical
Conditions:
  Type             Status  Reason
  ----             ------  ------
  Available        False   MinimumReplicasUnavailable
  ReplicaFailure   True    FailedCreate
  Progressing      False   ProgressDeadlineExceeded
OldReplicaSets:    <none>
NewReplicaSet:     aws-load-balancer-controller-6d9d9fc86c (0/2 replicas created)
Events:            <none>

What does “MinimumReplicasUnavailable” mean?

Steps to reproduce

Follow the guide at https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html.

Expected outcome

 ~/Downloads/ kubectl get deployment -n kube-system aws-load-balancer-controller
NAME                           READY   UP-TO-DATE   AVAILABLE   AGE
aws-load-balancer-controller   2/2     2            2           84s

Environment

  • AWS Load Balancer controller version: seems to be v2.4.5.
 ~/Downloads/ helm list -a -A                                                             
NAME                        	NAMESPACE   	REVISION	UPDATED                             	STATUS  	CHART                             	APP VERSION
aws-load-balancer-controller	kube-system 	1       	2022-12-19 14:19:03.986723 -0800 PST	deployed	aws-load-balancer-controller-1.4.6	v2.4.5     
cert-manager                	kube-system 	1       	2022-07-14 16:08:11.149648 -0700 PDT	deployed	cert-manager-v1.5.4               	v1.5.4     
event-platform-pulsar-0     	pulsar      	15      	2022-12-06 18:00:28.480601 -0800 PST	deployed	sn-1.5.5-alpha.1                  	2.9        
pulsar-operator             	sn-operators	4       	2022-11-21 16:28:44.960682 -0800 PST	deployed	pulsar-operator-0.10.0            	0.9.4
  • Kubernetes version
  • Using EKS (yes/no), if so version? Yes. Server version seems to be v1.21.14-eks-fb459a0.
 ~/Downloads/ kubectl version
Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.4", GitCommit:"b695d79d4f967c403a96986f1750a35eb75e75f1", GitTreeState:"clean", BuildDate:"2021-11-17T15:48:33Z", GoVersion:"go1.16.10", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"21+", GitVersion:"v1.21.14-eks-fb459a0", GitCommit:"b07006b2e59857b13fe5057a956e86225f0e82b7", GitTreeState:"clean", BuildDate:"2022-10-24T20:32:54Z", GoVersion:"go1.16.15", Compiler:"gc", Platform:"linux/amd64"}

Additional Context:

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Comments: 21 (1 by maintainers)

Most upvoted comments

@ta1meng, the gov cloud permissions don’t work on other regions. For us-east-1 region, you’d need to refer to https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.4/docs/install/iam_policy.json

+1
kishorj on Jan 5, 2023
Read more comments on GitHub
← aws-load-balancer-controller: HTTP to HTTPS Redirect Issue: Infinite loop issue with Custom Query Param
aws-load-balancer-controller: Internal error occurred: failed calling webhook "webhook.cert-manager.io" →