►
From YouTube: Knative November Meetup Demo: Knative Serving on EKS with Istio and ALB by Timam (Al-Amin Talukdar)
Description
With default Knative installation on EKS creates a classic load balancer, which is not cloud friendly. In the demo Timam shares the steps he took to configure it with ALB.
A
A
It
was
quite
hectic
for
me,
so
I
thought
if
it
can
help
community.
That
will
be
great.
So
on
that
note,
I
will
I
start
presenting
our
tip,
but
before
going
over
there,
I
would
like
to
mention
that
all
of
the
resources
on
the
on
the
slide
deck
I
have
mentioned
I
will
be
mentioning
that
will
be
available
on
medium
as
a
blog
post.
Also,
the
resources
will
be
available
on
my
GitHub.
That
I
will
share
so
why
we
chose
Canada
serving
so.
The
possibilities
are
endless.
A
The
scale
down
to
zero
that
I
personally
like
and
try
to
play
with
it,
and
that
that
leads
us
to
deploying
Kennedy
on
our
on
our
AWS
account.
So
we
are
heavily
using
AWS.
A
We
are
heavily
using
AWS
for
all
of
our
workloads,
so
I'm
a
fan
of
eks,
you
can
say
so
I
was
trying
to
deploy,
but
what
I
found
that
there
are
good
official
documentations
are
available
there,
but
there
are
some
things:
I
had
to
tweak
or
I
had
to
figure
out
myself,
so
I
will
be
sharing
those
knowledgeable,
so
the
fasting
fast
are.
The
partials
are
quite
felt
important
to
me.
A
So
if
you
are
using
HTO
and
trying
to
install
it,
go
over
this
link
and
you
will
find
which
version
is
tested
with
which
connective
version,
so
it
will
give
you
a
quite
confident
it
will
give
you
confident
that
which
will
be
working
or
which
will
not
be
working
or
something
like
that
I
would
I
would
say,
go
over
the
tested,
one
with
tested
versions,
so
other
than
that,
as
you
already
know,
I
was
using
eks.
So
my
case
version
was
1.22.
I
was
using
AWS
load,
balancer
controller.
A
The
version
was
2.41
and
aw
I
installed
it
with
hell,
so
the
health
chart
version
was
1.4.1,
I'm,
not
sure
if
that
is
helping.
But
there
are
another
tools
like
PPI
had
to
enable
VPC,
cni,
so
vpcc
and
I.
It
will
be
needed
for
your
load,
balancing
and
other
purposes
so
v1.10.1
eks
build.
That
was
what
I
was
using
by
this
time.
It
is
quite
so
eks
23
is
available
at
this
moment,
so
you
can
use
that
as
well.
A
But,
like
I
said
you
should
go
over
the
versioning
page
and
find
out
which
version
you
want,
minister,
so
from
the
official
documentation,
if
you
go
over
this
place,
you
will
find
that
a
quite
simple
installation
process.
So
you
go
over
your
terminal.
Your
I
believe
you
already
have
at
this
point.
I
believe
you
will
already
have
your
request
up
and
running
just
run
the
Kennedy
install
commands
over
there
I
installed
this
I
installed
the
declarative
method,
so
first
I
installed
the
crds
and
then
the
the
serving
core
components.
A
So
there
are
a
lot
of
components
over
there.
You
will
need
at
least
I
think
two
good
servers
to
host
this
host
this
Native
over
there.
So
once
that
application
is
done,
you
can
verify
over
there.
So
I'm
not
gonna
break
down
all
the
all
the
details.
What
is
the
components
over
there
I
think
you
I
think
you
will
find
that
on
on
the
documentation
as
well.
A
So,
but
what
you
can
do
is
for
verifying
you
can
run
qct
and
get
pods
or
qct
will
get
all
minus
M,
K
native
serving
so
that
all
the
all
the
resources
are
visible
to
you.
So
in
this,
in
this
page,
I
try
to
segregate
all
of
them
one
by
one.
So
you
will
have
deployments
replica
set
HPA
for
services
ATC,
so
HPA
is
important
and
you
thought
that
you
will
need
Cube
Matrix,
so
you
can
I
I
tested
with
multiple
Cube
Matrix.
A
It
works
fine,
so
you
you
will
be
of
okay
with
that.
So
once
we
have
installed
the
K
native
version
Kennedy
with
the
declarative.
Now
it
is
time
to
install
istio
so
for
istio
installation,
I
used
the
custom
approach
and
I
am
installing
SEO
with
istio
CTL.
So
getting
started
is
really
too
easy,
so
you
just
need
to
install
istio
install
minus
y,
so
it
will
get
you
started
and
after
that
you
need
to
label
it.
A
So
I
I
am
just
enabling
the
istio
namespace
injection
enable
to
connective
serving
and
after
that,
I
am
creating
a
so
istio
has
still
works
with
TLS,
and
there
are
other
configurations
that
are
needed,
so
I
am
enabling
the
previous
security
pre-authentication
so
that
it
works
with
SSL
non-ssl
with
both
versions.
So
once
that
is
done,
I'm
I'm
going
to
install
the
core
versions
with
this
specific
command.
So
it
is,
it
is
all
available
on
official
documentation.
A
You
can
just
follow
it
from
there
as
well,
and
the
next
step
is
obviously
verifying
the
student
installation.
You
can
get
the
details
of
all
the
pods
running
here.
If
everything.
If,
if
something
goes
wrong,
yeah
goes
wrong,
you
can
obviously
go
back
and
troubleshoot.
You
can
find
a
logs
over
there
as
well.
So
previously,
what
I
showed
that
you
can
run
connective
serving
and
get
all
the
ports
here
couple
of
new
things
are
there
after
installing
istio,
mostly
they
are
connected
to
controller
and
webbook.
A
So
each
book
and
SEO
controller
so
go
over
there
and
try
to
run
it
as
well,
so
that
you,
you
will
have
a
confidence
that
your
istio
installation
is
completed.
So
now
your
stereo
is
installed
after
this
installing
istio.
What
you
will
have
is
like
this
one,
so
you
you
definitely
want
to
expose
your
service
through
some
domain.
In
my
case,
I
am
using
kn.cream.io,
which
is
my
domain,
so
you
need
to
patch
the
serving
config
map
for
that
config
domain
config
map.
A
For
that,
after
that
I
created
a
name.
Is
this
hello
world
to
start
the
application
from
that
name?
Is
space
and
created
a
ksbc
or
a
service
in
Kennedy
service
over
there
it
is
very
straightforward
and
I
think
you
already
know
about
that,
and
in
The
Next
Step,
if
I
describe
it,
I
can
go
to
it
gives
me
a
nice
URL
go
dot,
hello,
world.ken.io!
It
is
very
long,
but
if
you
go
over
there
it
should
it
should
say
hello
world
or
something
like
that.
Now
next
is
confident
getting
ALB.
A
So
when
we
are
using
eks,
we
want
our
service
exposed
through
ALB
by
default
when
it
still
installs
or
the
installation
process
I
followed.
It
gives
us
a
classic
load.
Balancer
I
found
couple
of
issues
while
scaling
in
classic
load
balancers.
So
sometimes
it
the
target
groups
are
not
attaching
by
itself.
So
there
are
some
kind
of
issues
over
there
so
and
a
classic
load.
Balancer
is
a
couple
I
think.
A
If,
if
it
is
not
the
told,
maybe
maybe
we
so
it
is
so
what
I
am
trying
to
say
is
the
load.
Balancer
is
classic
load,
balancer
is
quite
old
and
there
are
too
much
too
much
features
available
in
AWS
load
balancers,
so
you
should
obviously
consider
it
while
using
with
eks.
So
now
what
I
did
is
I
installed
the
pro
the
gateways
with
it
and
everything.
A
So
what
I
try
to
explain
what
I
needed
is
from
here
is
the
ports,
so
you
can
see
I
configured
it
with,
so
it
gives
me
Port,
note
port
and
then
Target
Port.
So
with
those
information,
what
I
create
needed
to
create
is
a
load
balancer
configuration
or
Ingress.
What
I
can
say
so
on
on
there
I
I
specifically
mentioned
what
is
the
health
check
path?
What
are
the
ports?
A
We
will
be
listening
so
here
maybe
the
maybe
documentation
doesn't
say
what
we
needed
to
be
specifically,
but
I
found
that
if
you
don't
specifically
mention
the
security
groups,
thus
load
balancer
will
not
be
created,
so
make
sure
you
mention
all
all
the
all
the
softness,
Security
Group
Health
check
and
health
check
path
forward
with
it.
A
So
after
that,
if
you
create
clear,
if
you
just
run
Cube
City
apply,
istio,
install
or
or
your
invest.tml,
it
will
create
a
load
balancer
for
you,
and
it
will
give
you
a
nice
output
like
this
one.
So
once
you
get
that
what
you
need
to
do
is
go
over
your
domain,
you
need
to
mention
or
create
a
c
name
with
the
associated
domain
names
with
the
load
balancer
long
URL.
So
once
you
do
that,
you
will
get,
you
will
get
that
it
will.
It
is
working.
A
Let
me
get
the
what
my
application
first.
A
It
gives
me
my
application
URL,
let
me
call
it
so
it
should
greet
us.
It
says
hello
from
Canada,
so
this
is
the
this
on
on
behind.
Let
me
go
over
my
browser,
and
you
can
see
here
is
my
load.
Balancer
I
in
load,
balancer
I
have
listeners.
I
am
going
to
two
listeners
later,
but
for
now
you
can
see
that
there
there
is
listener
and
in
load
balancer.
If
you
go
rules,
you
can
say
all
the
path
is
configured
to
or
directed
to
this
Target
group.
A
So
if
I
expand
the
target
group,
you
will
see
that
the
port
is
on.
The
check
is
unhealthy.
I
at
this
moment,
I
was
not
able
to
get
it
out,
I
think
in
few
in
future
days,
I
will
be
able
to
do
that,
but
in
the
workloads
are
so
whenever
the
E
case
needs
to
scale
up,
it
automatically
comes
over
there,
so
it
it
doesn't
give
me
that
much
pain
next
is
the
certificate
one.
So
obviously
we
don't
want
our
service
to
be
exposed
with
HTTP.
A
So
we
need.
We
need
a
few
things
like.
We
need
our
custom
domain.
What
we
need
to
also
the
https,
so
what
I
have
done
is
I
have
created?
I,
have
created
a
sem
certificate
over
there
and
I
just
add
a
series
to
load
balancer.
You
can
configure
it
with
yml
as
well.
You
can
find
it
on
seeks
the
the
documentation
for
and
load
balancer
over
there.
So
now,
let
me
go
over
the
terminal
again.
A
So
it
is
eventually
pointing
to
the
same
service
we
can.
We
can
go
over
the
https
as
well.
Let
me
see
if
it
works
with
https
I'm,
just
copying
from
here.
A
A
Few
few
lines
of
EML
course
so
here
I
have
NS
I
just
created
a
a
name
space
over
here
then
I
have
ksbc.
A
A
There
are
two
parts
over
here:
fast
is
a
custom
domain
claim
and
then
is
a
map
domain
mapping.
So
with
this
simple,
simple
line
of
code,
I
was
able
to
deploy
my
fast
service
over
Kennedy
and
for
that
I
was
using
uks.
So
that
was
my
starting
journey
of
my.
So
if
you
I
think
there
are
a
couple
of
hands
over
there,
so
if
you
have
questions,
I
will
try
to
answer
them.