EKS (Amazon Elastic Kubernetes Service)
AWS 클라우드와 온프레미스 데이터 센터에서 Kubernetes를 실행하는 데 사용되는 관리형 Kubernetes 서비스
EKS 생성 방법
- Amazon EKS 클러스터 생성
https://docs.aws.amazon.com/ko_kr/eks/latest/userguide/create-cluster.html
- 관리형 노드 그룹 생성
https://docs.aws.amazon.com/ko_kr/eks/latest/userguide/create-managed-node-group.html
#1 VPC 생성 - CloudFormation을 이용
https://s3.us-west-2.amazonaws.com/amazon-eks/cloudformation/2020-10-29/amazon-eks-vpc-private-subnets.yaml
#2 클러스터 서비스 역할을 생성
컨트롤 플레인이 사용자를 대신해서 AWS 리소스를 관리하는데 사용하는 역할 (마스터 노드)
#3 클러스터 생성
클러스터 엔드포인트
- private : vpc내 특정 호스트를 통해서만 접근가능
- public : kubectl이 컴퓨터에 설치되어 있어 kubectl을 통해 접근해보기위해
#4 생성된 클러스터와 kubectl이 통신하도록 설정
C:\Users\User>aws eks update-kubeconfig --region ap-northeast-2 --name MyEKSCluster
Added new context arn:aws:eks:ap-northeast-2:561845507088:cluster/MyEKSCluster to C:\Users\user\.kube\config
** error
토큰 오류가 발생하는 경우 액세스 키를 새로 발급한 후 aws configure 명령으로 등록
C:\Users\User>aws eks update-kubeconfig --region ap-northeast-2 --name MyEKSCluster
An error occurred (UnrecognizedClientException) when calling the DescribeCluster operation:
The security token included in the request is invalid.
C:\Users\User>aws configure
AWS Access Key ID [****************HJ2B]: 발급받은 access Key
AWS Secret Access Key [****************gk6f]: 발급받은 secret Key
Default region name [ap-northeast-2]:
Default output format [json]:
C:\Users\User>aws sts get-caller-identity <= 등록 되었는지 확인
{
"UserId": "748619042828",
"Account": "748619042828",
"Arn": "arn:aws:iam::748619042828:root"
}
#5 EKS 노드 역할을 생성
https://docs.aws.amazon.com/ko_kr/eks/latest/userguide/create-node-role.html
#6 노드 그룹 생성
노드그룹 = 쿠버네티스에서 관리하는 오토스케일링 그룹
C:\Users\user> kubectl get node
NAME STATUS ROLES AGE VERSION
ip-192-168-176-11.ap-northeast-2.compute.internal Ready <none> 103s v1.28.3-eks-e71965b
ip-192-168-195-146.ap-northeast-2.compute.internal Ready <none> 102s v1.28.3-eks-e71965b
C:\Users\user> kubectl get ns
NAME STATUS AGE
default Active 27m
kube-node-lease Active 27m
kube-public Active 27m
kube-system Active 27m
C:\Users\user> kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
aws-node-b9rrn 2/2 Running 0 2m40s
aws-node-sz57m 2/2 Running 0 2m41s
coredns-6fbff78dcc-6dqxr 1/1 Running 0 27m
coredns-6fbff78dcc-nvcgk 1/1 Running 0 27m
kube-proxy-7dfrm 1/1 Running 0 2m41s
kube-proxy-xl6pj 1/1 Running 0 2m40s
#7 클러스터에 디플로이먼트 및 서비스 생성
webserver 3개 실행 & 로드밸런서 실행
c:\aws\hostname-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: hostname-deployment
spec:
replicas: 3
selector:
matchLabels:
app: webserver
template:
metadata:
name: my-webserver
labels:
app: webserver
spec:
containers:
- name: my-webserver
image: alicek106/rr-test:echo-hostname
ports:
- containerPort: 80/home/vagrant/hostname-loadbalancer.yaml
apiVersion: v1
kind: Service
metadata:
name: hostname-loadbalancer
spec:
type: LoadBalancer
selector:
app: webserver
ports:
- name: web-port
port: 80
targetPort: 80C:\aws> kubectl apply -f hostname-deployment.yaml
deployment.apps/hostname-deployment created
C:\aws> kubectl apply -f hostname-loadbalancer.yaml
service/hostname-loadbalancer created
C:\aws> kubectl get all
NAME READY STATUS RESTARTS AGE
pod/hostname-deployment-7f7d7755d8-6qhgk 1/1 Running 0 49s
pod/hostname-deployment-7f7d7755d8-9qcgl 1/1 Running 0 49s
pod/hostname-deployment-7f7d7755d8-czxk5 1/1 Running 0 49s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/hostname-loadbalancer LoadBalancer 10.100.159.81 a4631ffd13c82447a83077629518842a-701860891.ap-northeast-2.elb.amazonaws.com 80:32253/TCP 14s
service/kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 34m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/hostname-deployment 3/3 3 3 50s
NAME DESIRED CURRENT READY AGE
replicaset.apps/hostname-deployment-7f7d7755d8 3 3 3 50s| C:\aws> kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES hostname-deployment-7f7d7755d8-6qhgk 1/1 Running 0 2m24s 192.168.251.136 ip-192-168-195-146.ap-northeast-2.compute.internal <none> <none> hostname-deployment-7f7d7755d8-9qcgl 1/1 Running 0 2m24s 192.168.227.0 ip-192-168-195-146.ap-northeast-2.compute.internal <none> <none> hostname-deployment-7f7d7755d8-czxk5 1/1 Running 0 2m24s 192.168.166.25 ip-192-168-176-11.ap-northeast-2.compute.internal <none> <none> C:\aws> kubectl get node -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME ip-192-168-176-11.ap-northeast-2.compute.internal Ready <none> 11m v1.28.3-eks-e71965b 192.168.176.11 <none> Amazon Linux 2 5.10.198-187.748.amzn2.x86_64 containerd://1.6.19 ip-192-168-195-146.ap-northeast-2.compute.internal Ready <none> 11m v1.28.3-eks-e71965b 192.168.195.146 <none> Amazon Linux 2 5.10.198-187.748.amzn2.x86_64 containerd://1.6.19 |
#8 service/hostname-loadbalancer의 external -IP 를 통해 브라우저에서 접속 가능
http://a4631ffd13c82447a83077629518842a-701860891.ap-northeast-2.elb.amazonaws.com/
* EKS 를 통해 쿠버네티스를 실행할경우 장점
노드의 개수 - 내부적으로 노드에 부화가 생기면 추가 생성
파드의 개수도 쉽게 증가시킬수 있음
리소스 정리
EKS 노드 그룹 삭제
EKS 클러스터 삭제 → 인스턴스, 시작템플릿, ASG 등을 확인
CloudFormation 스택 삭제
VPC 삭제
계정, 역할 삭제
'AWS' 카테고리의 다른 글
| AWS - CodeDeploy / GitHub Actions _ Flask (0) | 2023.11.24 |
|---|---|
| AWS - Flask / MySQL / react 배포 (2) | 2023.11.24 |
| Terraform - 선언 블록 (0) | 2023.11.22 |
| AWS - Terraform (ASG , LB) (1) | 2023.11.21 |
| AWS - 웹 서비스 환경 구성 실습 (0) | 2023.11.20 |
