I have deployed atlantis based on original documents on EKS, text I have added ingress to use AWS-loadbalancer-controller to create ALb with ACM certificate for encryption and using externalDNS to create DNS record on Route53. Now Atlantis is running and the loadbalancer created and the Record on Route53 is created as well, the Atlantis webpage is broken and not loading correctly ( below snapshot)
apiVersion: apps/v1
kind: Deployment
metadata:
name: atlantis
namespace: atlantis
labels:
app.kubernetes.io/name: atlantis
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: atlantis
template:
metadata:
labels:
app.kubernetes.io/name: atlantis
spec:
containers:
- name: atlantis
image: ghcr.io/runatlantis/atlantis:v0.27.1 # 1. Replace <VERSION> with the most recent release.
env:
- name: ATLANTIS_REPO_ALLOWLIST
value: github.com/**********/test/* # 2. Replace this with your own repo allowlist.
### GitHub Config ###
- name: ATLANTIS_GH_USER
value: test-user # 3i. If you're using GitHub replace <YOUR_GITHUB_USER> with the username of your Atlantis GitHub user without the `@`.
- name: ATLANTIS_GH_TOKEN
valueFrom:
secretKeyRef:
name: atlantis-vcs
key: token
- name: ATLANTIS_GH_WEBHOOK_SECRET
valueFrom:
secretKeyRef:
name: atlantis-vcs
key: webhook-secret
### End GitHub Config ###
- name: ATLANTIS_PORT
value: "4141" # Kubernetes sets an ATLANTIS_PORT variable so we need to override.
ports:
- name: atlantis
containerPort: 4141
resources:
requests:
memory: 512Mi
cpu: 100m
limits:
memory: 512Mi
cpu: 100m
livenessProbe:
# We only need to check every 60s since Atlantis is not a
# high-throughput service.
periodSeconds: 60
httpGet:
path: /healthz
port: 4141
# If using https, change this to HTTPS
scheme: HTTP
readinessProbe:
periodSeconds: 60
httpGet:
path: /healthz
port: 4141
# If using https, change this to HTTPS
scheme: HTTP
---
apiVersion: v1
kind: Service
metadata:
name: atlantis
namespace: atlantis
spec:
type: ClusterIP
ports:
- name: atlantis
port: 80
targetPort: 4141
selector:
app.kubernetes.io/name: atlantis
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: atlantis
namespace: atlantis
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/group.name: atlantis
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:****************
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
alb.ingress.kubernetes.io/ssl-redirect: '443'
spec:
ingressClassName: alb
rules:
- host: atlantis.example.com
http:
paths:
- path: /
pathType: Exact
backend:
service:
name: atlantis
port:
number: 80
The same deployment without ingress, exposing the service as LoadBalancer can load the page correctly
The
pathType
in theIngress
shouldPrefix
. Since the path isExact
, only the HTML which is actually served at the root path is being served, and other queries are rejected.Prefix
type will allow all requests as long as those match the root pathSee the following description from the docs:
Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#path-types