When using existing VPC/Subnets I don't get a host name for the ALB

mreferre / knative-on-fargate

Setup instructions to deploy Google Knative on top of AWS Fargate

Apache License 2.0

45 stars 4 forks source link

When using existing VPC/Subnets I don't get a host name for the ALB #1

Closed loffelmacher closed 3 years ago

loffelmacher commented 3 years ago

This is something that I'm running up against, not sure why this is happening, but it doesn't seem to happen every time, but most of the time, yes.

mreferre commented 3 years ago

Thanks for giving it a try. I am not actively working on this as I only built it as a proof of concept. I have seen you have closed this issue though and wondering if you found the root cause (for the benefits of others that may see the same problem). Thank you!

loffelmacher commented 3 years ago

Sure, and thank you for putting this PoC together, it's really helpful!

I think what was ultimately the issue was a missing IAM permission for a new AWS API wafv2. So I made a local copy of the albiampolicy.json and added this block to it:

    {
      "Effect": "Allow",
      "Action": [
        "wafv2:GetWebACLForResource"
      ],
      "Resource": "*"
    }

I believe that I spotted the problem by adding the --aws-api-debug into my ALB Controller's YAML then tailing the logs on the pod for the ALB Controller.