From 3e489b33f3a396e43da9ac2bb0eb30f60330c351 Mon Sep 17 00:00:00 2001
From: JJGadgets <git@jjgadgets.tech>
Date: Sun, 19 Feb 2023 19:54:04 +0800
Subject: [PATCH] feat(aws-lb): add AWS LB controller

Signed-off-by: JJGadgets <git@jjgadgets.tech>
---
 kube/3-kube-core/1-networking/2-aws-lb.yaml   | 59 +++++++++++++++++++
 .../1-networking/kustomization.yaml           |  1 +
 2 files changed, 60 insertions(+)
 create mode 100644 kube/3-kube-core/1-networking/2-aws-lb.yaml

diff --git a/kube/3-kube-core/1-networking/2-aws-lb.yaml b/kube/3-kube-core/1-networking/2-aws-lb.yaml
new file mode 100644
index 00000000..ea63e456
--- /dev/null
+++ b/kube/3-kube-core/1-networking/2-aws-lb.yaml
@@ -0,0 +1,59 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+    name: aws-lb
+    namespace: kube-system
+    annotations:
+        meta.helm.sh/release-name: aws-lb
+        meta.helm.sh/release-namespace: kube-system
+    labels:
+        app.kubernetes.io/managed-by: Helm
+spec:
+    interval: 5m
+    chart:
+        spec:
+            chart: aws-load-balancer-controller
+            version: 1.4.7
+            sourceRef:
+                kind: HelmRepository
+                name: aws-eks
+                namespace: flux-system
+            interval: 5m
+    install:
+        # perform remediation when helm install fails
+        remediation:
+            retries: 100
+    upgrade:
+        # perform remediation when helm upgrade fails
+        remediation:
+            retries: 100
+            # remediate the last failure, when no retries remain
+            remediateLastFailure: true
+        cleanupOnFail: true
+    values:
+        # hostNetwork used because Cilium is main CNI
+        hostNetwork: true
+        dnsPolicy: ClusterFirstWithHostNet
+        # auto create authz resources
+        serviceAccount:
+            create: true
+        rbac:
+            create: true
+        # select cluster and nodes
+        clusterName: Biohazard
+        nodeSelector:
+            kubernetes.io/hostname: aws1
+        tolerations:
+            tolerations:
+                - key: nodeType.jj
+                  operator: Equal
+                  value: awsingress
+        replicaCount: 1
+        # disable as much ingress stuff as possible, only TCP NLB will be used
+        ingressClassParams:
+            create: false
+        ingressClassConfig:
+            default: false
+        createIngressClassResource: false
+        disableIngressClassAnnotation: true
+        disableIngressGroupNameAnnotation: true
diff --git a/kube/3-kube-core/1-networking/kustomization.yaml b/kube/3-kube-core/1-networking/kustomization.yaml
index 71969a25..bf1a0342 100644
--- a/kube/3-kube-core/1-networking/kustomization.yaml
+++ b/kube/3-kube-core/1-networking/kustomization.yaml
@@ -3,3 +3,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - 1-cilium.yaml
+  - 2-aws-lb.yaml