aws guide additions (#112)

* add aws policy tag suggestion * add new aws annotations * mention possibility to use nodeport services
nrwl · Nov 5, 2024 · e1f8e81 · e1f8e81
1 parent 577eebc
commit e1f8e81
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/aws-guide/AWS-GUIDE.md b/aws-guide/AWS-GUIDE.md
@@ -253,4 +253,7 @@ eksctl create iamserviceaccount \
    - If that doesn't work, try changing the [`alb.ingress.kubernetes.io/target-type`](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/ingress/annotations/#traffic-routing) to `ip` 
 
 2. If you experience S3 permissions issues when trying to retrieve an artefact with the NxCloud runner:
-   3. If your bucket is encrypted, you need to add the `kms:GenerateDataKey` to the S3 access policy
+   3. If your bucket is encrypted, you need to add the `kms:GenerateDataKey` to the S3 access policy
+
+3. If you don't see a Load Balancer EC2 instance being created, you might need crated in step 3.1. above [like this](https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/3399#issuecomment-1733186035)
+   - You can also try setting your [frontend service type to be NodePort](https://github.com/nrwl/nx-cloud-helm/blob/main/charts/nx-cloud/values.yaml#L35) as well as the [nx-api service type to be NodePort](https://github.com/nrwl/nx-cloud-helm/blob/main/charts/nx-cloud/values.yaml#L59) 
diff --git a/aws-guide/helm-values.yml b/aws-guide/helm-values.yml
@@ -4,10 +4,11 @@ image:
 nxCloudAppURL: 'https://your-domain-nx-cloud.com' # <-- if you are using HTTPS and you know your domain name, change this value now. Otherwise, we'll configure it later below.
 
 ingress:
-  class: 'alb'
-  albScheme: 'internet-facing'
-  albListenPorts: '[{"HTTPS":443}]' # this can also be "HTTP":80 if you skipped the certificate part above
-  albCertificateArn: 'arn:aws:acm:us-east-1:411686525067:certificate/8adf7812-a1af-4eae-af1b-ea425a238a67' # your certificate ARN here which you copied above. Remove this option if you only want HTTP.
+  kubernetes.io/ingress.class: alb
+  alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:411686525067:certificate/8adf7812-a1af-4eae-af1b-ea425a238a67
+  alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443, "HTTP": 80}]' # this can also be "HTTP":80 if you skipped the certificate part above
+  alb.ingress.kubernetes.io/scheme: internet-facing
+  alb.ingress.kubernetes.io/target-type: ip
 
 secret:
   name: 'nx-cloud-k8s-secret'