📌 AWS-EKS
📙 인스턴스 생성
이름 : docker
유형 t2.micro
키페어 만들어둔 것 설정
네트워크 - my-vpc, 서브넷 - public subnet 2a
보안그룹 - MY-SG-WEB 새로 생성
사용자 데이터(cloud init):
#!/bin/bash
cd /tmp
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
./aws/install
amazon-linux-extras install docker -y
systemctl enable --now docker
curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker -o /etc/bash_completion.d/docker.sh
usermod -a -G docker ec2-user
docker run -d -p 80:80 --name=test-site mj030kk/web-site:v2.0📙 route53도메인 할당
📙 ECR - 리포지토리 생성
✔️ EKS-ECR-리포지토리 생성
✔️ 퍼블릭
이름 : test-site
리포지토리 생성
📙 CLI - aws credential
mabaxterm으로 진입하여 진행
[ec2-user@ip-10-14-11-61 ~]$ aws configure
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [None]: ap-northeast-2
Default output format [None]: json
📙 이미지 Push
✔️리포지토리 클릭하고 푸시 명령 보기 - AWS CLI사용 복사해서 mobaxterm에서 붙여넣기.
$ aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/-
✔️tag 및 push
[ec2-user@ip-10-14-11-61 ~]$ docker tag mj030kk/web-site:v2.0 public.ecr.aws/-/test-site:eagle ## 리포지토리 URI와 버전
[ec2-user@ip-10-14-11-61 ~]$ docker push public.ecr.aws/-/test-site:eagle
✔️ 확인
📙 사용자 로그인 (firefox)
📙 EKS (firefox)
✔️1. EKS - 클러스터 추가
이름 : EKS-CLUSTER
버전 : 1.22
역할 : 어제 만들어둔 eksClusterRole
✔️2. VPC: MY-VPC
서브넷: public 2C,2A
보안그룹 : MY-SG-WEB
✔️3. 로깅구성 전부 활성화
✔️4. 생성
📙 kubectl 설치(CLI)
https://docs.aws.amazon.com/ko_kr/eks/latest/userguide/install-kubectl.html
-> 1.22 버전, amd.
[ec2-user@ip-10-14-11-61 ~]$ curl -o kubectl https://s3.us-west-2.amazonaws.com/amazon-eks/1.22.6/2022-03-09/bin/linux/amd64/kubectl
[ec2-user@ip-10-14-11-61 ~]$ chmod +x ./kubectl
[ec2-user@ip-10-14-11-61 ~]$ sudo mv ./kubectl /usr/local/bin
[ec2-user@ip-10-14-11-61 ~]$ source <(kubectl completion bash)
[ec2-user@ip-10-14-11-61 ~]$ echo "source <(kubectl completion bash)" >> ~/.bashrc
[ec2-user@ip-10-14-11-61 ~]$ kubectl version --short --client
Client Version: v1.22.6-eks-7d68063
[ec2-user@ip-10-14-11-61 ~]$ aws eks --region ap-northeast-2 update-kubeconfig --name EKS-CLUSTER ## 클러스터 활성 확인 후 연결
Added new context arn:aws:eks:ap-northeast-2:872979928596:cluster/EKS-CLUSTER to /home/ec2-user/.kube/config
[ec2-user@ip-10-14-11-61 ~]$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 4m8s
📙 노드그룹 추가 (firefox)
✔️ 생성한 클러스터 - 하단 컴퓨팅 - 노드그룹 추가
✔️ 이름 : NODEGROUP-SPOT
역할 : nodeGroupRole
✔️AMI : amazon linux2
용량 유형 : spot
인스턴스 유형 : t2.micro
노드그룹조정 : 2,2,4
✔️서브넷 public2a,2c
SSH 액세스 구성 활성화
키페어 선택, 액세스 권한 모두
✔️생성
📙 pod 확인 (firefox) 및 생성 (CLI)
EKS > 클러스터 > EKS-CLUSTER > Node: ip-10-14-
[ec2-user@ip-10-14-11-61 ~]$ kubectl run nginx-pod1 --image=nginx
pod/nginx-pod1 created
[ec2-user@ip-10-14-11-61 ~]$ kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-pod1 0/1 ContainerCreating 0 10s <none> ip-10-14-44-249.ap-northeast-2.compute.internal <none> <none>
[ec2-user@ip-10-14-11-61 ~]$ kubectl run nginx-pod2 --image=nginx
pod/nginx-pod2 created
[ec2-user@ip-10-14-11-61 ~]$ kubectl get po -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-pod1 1/1 Running 0 79s 10.14.36.62 ip-10-14-44-249.ap-northeast-2.compute.internal <none> <none>
nginx-pod2 1/1 Running 0 54s 10.14.37.103 ip-10-14-44-249.ap-northeast-2.compute.internal <none> <none>
📙 SVC 생성(loadbalancer)
[ec2-user@ip-10-14-11-61 ~]$ kubectl expose pod nginx-pod1 --name loadbalancer --type LoadBalancer --port 80
service/loadbalancer exposed
[ec2-user@ip-10-14-11-61 ~]$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 57m
loadbalancer LoadBalancer 172.20.191.254 a0c52c4ac7e30411f9afc386dbf256bf-1783297533.ap-northeast-2.elb.amazonaws.com 80:31411/TCP 4s
📙 route53 CNAME 해보기
별칭이 바람직하긴 함(별칭이 더 저렴-비용효율적) 그냥 실습.
📙 HTTPS 사용
✔️로드밸런서 - 생성되어있는 clb선택 - 리스터 - 편집 - SSL(보안 TCP) - SSL 인증서 변경 클릭, ACM 선택 후 저장
✔️ 보안그룹 설정
해당 보안그룹 ID 선택해서 인바운드 규칙 편집
규칙추가
✔️보안그룹 정책?
eks cluster sg에서 자기자신에 대한(소스) 전체 트래픽이 열려있기 때문에 worker1,2끼리 ping 나감.
[ec2-user@ip-10-14-44-249 ~]$ ping 10.14.6.21
PING 10.14.6.21 (10.14.6.21) 56(84) bytes of data.
64 bytes from 10.14.6.21: icmp_seq=1 ttl=255 time=1.10 ms
64 bytes from 10.14.6.21: icmp_seq=2 ttl=255 time=1.05 ms
64 bytes from 10.14.6.21: icmp_seq=3 ttl=255 time=1.17 ms
물론 자기자신을 열지 않고 그냥 ICMP, anywhere해도 핑 나감 .근데 일일이 포트 열어주기가 번거로움. ( 추후 노드포트라든지..)
그래서 모든 트래픽을 열고, 자기자신(EKS-cluster)을 소스로 하면 그 안에서는 통신할 수 있으며 안전함. -> 동일한 보안그룹 내에 있는 VM 들끼리는 모든 포트가 열려있어서 뭐든 할 수 있다.
📙 노드그룹 삭제 후 재생성
✔️ondemand, t2.micro,448,모두
✔️인스턴스에서 퍼블릭 IP 확인 네임태그 달아주기
✔️ 레코드 생성해서 도메인 만들어 준 후 mobaxterm으로 진입해두기
✔️ 노드 확인과 이전시간에 만들어둔 파드와 서비스 삭제
[ec2-user@ip-10-14-11-61 ~]$ kubectl get node ##master client
NAME STATUS ROLES AGE VERSION
ip-10-14-33-7.ap-northeast-2.compute.internal Ready <none> 6m35s v1.22.9-eks-810597c
ip-10-14-37-108.ap-northeast-2.compute.internal Ready <none> 6m38s v1.22.9-eks-810597c
ip-10-14-6-217.ap-northeast-2.compute.internal Ready <none> 6m28s v1.22.9-eks-810597c
ip-10-14-6-234.ap-northeast-2.compute.internal Ready <none> 6m35s v1.22.9-eks-810597c
[ec2-user@ip-10-14-11-61 ~]$ kubectl delete pod,svc --all
📙 replica manifest
[ec2-user@ip-10-14-11-61 ~]$ mkdir test && cd $_
[ec2-user@ip-10-14-11-61 test]$ vi replica-loadbalancer.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: nginx-replicaset
spec:
replicas: 3 # desired state (kube-controller-manager)
selector:
matchLabels:
app: nginx-replicaset
template:
metadata:
name: nginx-replicaset
labels:
app: nginx-replicaset
spec:
containers:
- name: nginx-replicaset-container
image: nginx
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: loadbalancer-service-replicaset
spec:
type: LoadBalancer
# externalIPs:
# - 172.25.0.137
selector:
app: nginx-replicaset
ports:
- protocol: TCP
port: 80
targetPort: 80
[ec2-user@ip-10-14-11-61 test]$ kubectl apply -f replica-loadbalancer.yaml
[ec2-user@ip-10-14-11-61 test]$ kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-replicaset-bn7hd 1/1 Running 0 33s
pod/nginx-replicaset-frq7t 1/1 Running 0 33s
pod/nginx-replicaset-z4xsh 1/1 Running 0 33s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 5m41s
service/loadbalancer-service-replicaset LoadBalancer 172.20.12.111 ab5c6bf5a4d5f48be906c0518d6771b0-457932185.ap-northeast-2.elb.amazonaws.com 80:30758/TCP 33s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-replicaset 3 3 3 33s
✔️ replica 4개로 바꾸기
[ec2-user@ip-10-14-11-61 test]$ kubectl edit replicasets.apps nginx-replicaset
[ec2-user@ip-10-14-11-61 test]$ kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-replicaset-bn7hd 1/1 Running 0 8m8s
nginx-replicaset-frq7t 1/1 Running 0 8m8s
nginx-replicaset-rvhrr 1/1 Running 0 2m34s
nginx-replicaset-z4xsh 1/1 Running 0 8m8s
✔️ 서버 구분하기 위한 수정
[ec2-user@ip-10-14-11-61 test]$ kubectl exec nginx-replicaset-bn7hd -- sh -c "echo 'web01' > /usr/share/nginx/html/index.html
> "
[ec2-user@ip-10-14-11-61 test]$ kubectl exec nginx-replicaset-frq7t -- sh -c "echo 'web02' > /usr/share/nginx/html/index.html"
[ec2-user@ip-10-14-11-61 test]$ kubectl exec nginx-replicaset-rvhrr -- sh -c "echo 'web03' > /usr/share/nginx/html/index.html"
[ec2-user@ip-10-14-11-61 test]$ kubectl exec nginx-replicaset-z4xsh -- sh -c "echo 'web04' > /usr/share/nginx/html/index.html"
로드밸런서 확인
✔️replicaset 지워도 바로 서버 올라오는 것 확인
[ec2-user@ip-10-14-11-61 test]$ kubectl delete pod nginx-replicaset-frq7t
pod "nginx-replicaset-frq7t" deleted
kube[ec2-user@ip-10-14-11-61 test]$ kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-replicaset-6lng9 1/1 Running 0 5s
nginx-replicaset-bn7hd 1/1 Running 0 13m
nginx-replicaset-rvhrr 1/1 Running 0 7m27s
nginx-replicaset-z4xsh 1/1 Running 0 13m
✔️삭제
[ec2-user@ip-10-14-11-61 test]$ kubectl delete -f replica-loadbalancer.yaml
replicaset.apps "nginx-replicaset" deleted
service "loadbalancer-service-replicaset" deleted
📙 deploy manifest
[ec2-user@ip-10-14-11-61 test]$ vi deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 4
selector:
matchLabels:
app: nginx-deployment
template:
metadata:
name: nginx-deployment
labels:
app: nginx-deployment
spec:
containers:
- name: nginx-deployment-container
image: nginx
ports:
- containerPort: 80
[ec2-user@ip-10-14-11-61 test]$ kubectl apply -f deployment.yaml
[ec2-user@ip-10-14-11-61 test]$ kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-deployment-55cb6f9cb7-4csjr 1/1 Running 0 43s
pod/nginx-deployment-55cb6f9cb7-ktvq8 1/1 Running 0 43s
pod/nginx-deployment-55cb6f9cb7-r6pr4 1/1 Running 0 43s
pod/nginx-deployment-55cb6f9cb7-rcqbl 1/1 Running 0 43s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 25m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-deployment 4/4 4 4 43s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-deployment-55cb6f9cb7 4 4 4 43s
✔️ ClusterIP 서비스 추가
[ec2-user@ip-10-14-11-61 test]$ vi clusterip-deployment.yaml
apiVersion: v1
kind: Service
metadata:
name: clusterip-service-deployment
spec:
type: ClusterIP
externalIPs:
- 10.14.6.234 # worker1 ip a 해서 나온 사설 IP (eth0:)
selector:
app: nginx-deployment
ports:
- protocol: TCP
port: 80
targetPort: 80
[ec2-user@ip-10-14-11-61 test]$ kubectl apply -f clusterip-deployment.yaml
service/clusterip-service-deployment created
[ec2-user@ip-10-14-11-61 test]$ kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-deployment-55cb6f9cb7-4csjr 1/1 Running 0 5m26s
pod/nginx-deployment-55cb6f9cb7-ktvq8 1/1 Running 0 5m26s
pod/nginx-deployment-55cb6f9cb7-r6pr4 1/1 Running 0 5m26s
pod/nginx-deployment-55cb6f9cb7-rcqbl 1/1 Running 0 5m26s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/clusterip-service-deployment ClusterIP 172.20.222.212 10.14.6.234 80/TCP 13s
service/kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 30m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-deployment 4/4 4 4 5m26s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-deployment-55cb6f9cb7 4 4 4 5m26s
보안그룹 eks-remoteAccess 에서 80포트 열어주기 (0.0.0.0/0)
[ec2-user@ip-10-14-11-61 test]$ curl 10.14.6.234
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
✔️ external IP에 worker IP 모두 추가 ( 사설 IP - node IP)
[ec2-user@ip-10-14-11-61 test]$ vi clusterip-deployment.yaml
apiVersion: v1
kind: Service
metadata:
name: clusterip-service-deployment
spec:
type: ClusterIP
externalIPs:
- 10.14.6.234
- 10.14.6.217
- 10.14.37.108
- 10.14.33.7
selector:
app: nginx-deployment
ports:
- protocol: TCP
port: 80
targetPort: 80
도메인으로 접속 or 인스턴스 퍼블릭 IP로 접속해서 확인 가능.
✔️ loadbalancer
[ec2-user@ip-10-14-11-61 test]$ kubectl delete svc clusterip-service-deployment
service "clusterip-service-deployment" deleted
[ec2-user@ip-10-14-11-61 test]$vi loadbalancer-deployment.yaml
apiVersion: v1
kind: Service
metadata:
name: loadbalancer-service-deployment
spec:
type: LoadBalancer
externalIPs:
- 10.14.6.234
- 10.14.6.217
- 10.14.37.108
- 10.14.33.7
selector:
app: nginx-deployment
ports:
- protocol: TCP
port: 80
targetPort: 80
[ec2-user@ip-10-14-11-61 test]$ kubectl apply -f loadbalancer-deployment.yaml
📙 deployment rolling update
✔️ 레포지토리 URI 확인
[ec2-user@ip-10-14-11-61 test]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
public.ecr.aws/n3l5a9n9/test-site eagle cde791130344 9 days ago 172MB
mj030kk/web-site v2.0 cde791130344 9 days ago 172MB
✔️ 롤링업데이트
[ec2-user@ip-10-14-11-61 test]$ kubectl set image deployment.apps/nginx-deployment nginx-deployment-container=public.ecr.aws/n3l5a9n9/test-site:eagle
✔️ revision 확인
[ec2-user@ip-10-14-11-61 test]$ kubectl rollout history deployment nginx-deployment
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none>
2 <none>
[ec2-user@ip-10-14-11-61 test]$ kubectl rollout history deployment nginx-deployment --revision 1
deployment.apps/nginx-deployment with revision #1
Pod Template:
Labels: app=nginx-deployment
pod-template-hash=55cb6f9cb7
Containers:
nginx-deployment-container:
Image: nginx
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
[ec2-user@ip-10-14-11-61 test]$ kubectl rollout history deployment nginx-deployment --revision 2
deployment.apps/nginx-deployment with revision #2
Pod Template:
Labels: app=nginx-deployment
pod-template-hash=6496bdd586
Containers:
nginx-deployment-container:
Image: public.ecr.aws/n3l5a9n9/test-site:eagle
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
✔️ 더 많은 revision 생성 ( 롤링 업데이트)
[ec2-user@ip-10-14-11-61 test]$ kubectl set image deployment.apps/nginx-deployment nginx-deployment-container=halilinux/test-home:v1.0
[ec2-user@ip-10-14-11-61 test]$ kubectl set image deployment.apps/nginx-deployment nginx-deployment-container=halilinux/test-home:v0.0
[ec2-user@ip-10-14-11-61 test]$ kubectl set image deployment.apps/nginx-deployment nginx-deployment-container=halilinux/test-home:v2.0
[ec2-user@ip-10-14-11-61 test]$ kubectl rollout history deployment nginx-deployment
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none>
2 <none>
3 <none>
4 <none>
5 <none>
✔️ rollout undo (rollback)
[ec2-user@ip-10-14-11-61 test]$ kubectl rollout history deployment nginx-deployment --revision 3
deployment.apps/nginx-deployment with revision #3
Pod Template:
Labels: app=nginx-deployment
pod-template-hash=794df5fcdc
Containers:
nginx-deployment-container:
Image: halilinux/test-home:v1.0
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
[ec2-user@ip-10-14-11-61 test]$ kubectl rollout history deployment nginx-deployment --revision 4
deployment.apps/nginx-deployment with revision #4
Pod Template:
Labels: app=nginx-deployment
pod-template-hash=69b55fbfdd
Containers:
nginx-deployment-container:
Image: halilinux/test-home:v0.0
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
[ec2-user@ip-10-14-11-61 test]$ kubectl rollout history deployment nginx-deployment --revision 5
deployment.apps/nginx-deployment with revision #5
Pod Template:
Labels: app=nginx-deployment
pod-template-hash=7656d75994
Containers:
nginx-deployment-container:
Image: halilinux/test-home:v2.0
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
[ec2-user@ip-10-14-11-61 test]$ kubectl rollout undo deployment nginx-deployment --to-revision 2 ## revision 2로 롤백
revision 5
revision 2 ( rollout undo 후)
✔️revision 2로 롤백해서 revision2는 6으로 바뀜. (가장 최근의 이미지가 가장 큰 수)
->새로운 이미지의 경우에는 새로운 revision이 생김.
[ec2-user@ip-10-14-11-61 test]$ kubectl rollout history deployment nginx-deployment
deployment.apps/nginx-deployment
REVISION CHANGE-CAUSE
1 <none>
3 <none>
4 <none>
5 <none>
6 <none>
✔️ revision 목록 갯수 늘리기
[ec2-user@ip-10-14-11-61 test]$ kubectl edit deployments.apps nginx-deployment
deployment.apps/nginx-deployment edited
10개 -> 20개
📙 wordpress
하나의 파드에 두개이상의 컨테이너.
[ec2-user@ip-10-14-11-61 ~]$ mkdir wordpress && cd $_
apiVersion: v1
kind: Pod
metadata:
name: wordpress-pod
labels:
app: wordpress-pod
spec:
containers:
- name: mysql-container
image: mysql:5.7
env:
- name: MYSQL_ROOT_HOST
value: '%' # wpuser@%
- name: MYSQL_ROOT_PASSWORD
value: kosa0401
- name: MYSQL_DATABASE
value: wordpress
- name: MYSQL_USER
value: wpuser
- name: MYSQL_PASSWORD
value: wppass
ports:
- containerPort: 3306
- name: wordpress-container
image: wordpress
env:
- name: WORDPRESS_DB_HOST
value: wordpress-pod:3306
- name: WORDPRESS_DB_USER
value: wpuser
- name: WORDPRESS_DB_PASSWORD
value: wppass
- name: WORDPRESS_DB_NAME
value: wordpress
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: loadbalancer-service-deployment-wordpress
spec:
type: LoadBalancer
externalIPs:
- 192.168.0.10
selector:
app: wordpress-pod
ports:
- protocol: TCP
port: 80
[ec2-user@ip-10-14-11-61 wordpress]$ kubectl apply -f wordpress-pod-svc.yaml
[ec2-user@ip-10-14-11-61 wordpress]$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 128m
loadbalancer-service-deployment LoadBalancer 172.20.218.87 ae8ff9e64d7ad4ac58f23f7d449dbfcc-2071515703.ap-northeast-2.elb.amazonaws.com,10.14.6.234,10.14.6.217,10.14.37.108,10.14.33.7 80:32746/TCP 67m
loadbalancer-service-deployment-wordpress LoadBalancer 172.20.173.218 a7b30d4e1c9684ce39bcf2c89cd1fbc0-767305826.ap-northeast-2.elb.amazonaws.com 80:30025/TCP 50s
✔️레코드 별칭생성. (clb) , HTTPS
로드밸런서에서 리스너 추가
kubectl get svc해서 해당 로드밸런서 잘 확인해서 보안그룹 편집(추가).
도메인으로 진입
설치완료
워드프레스에서 https 플러그인 설치 - 활성화
완료!
📙metallb
[ec2-user@ip-10-14-11-61 ~]$ kubectl delete all --all ## 다 지우고 시작
#git clone https://github.com/hali-linux/_Book_k8sInfra.git
# kubectl apply -f ~/_Book_k8sInfra/ch3/3.3.4/metallb.yaml
# kubectl get pods -n metallb-system -o wide
# vi metallb-l2config.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: nginx-ip-range
protocol: layer2
addresses:
- 10.14.6.234
- 10.14.6.217
- 10.14.37.108
- 10.14.33.7->이러다가 끝!
📙✔️✏️📢⭐️📌
📌 기타
⭐️리포지토리
레지스트리 > 리포지토리 - 이미지
⭐️노드그룹 역할 (복습)
AmazonEKSWorkerNodePolicy
AmazonEC2ContainerRegistryReadOnly
AmazonEKS_CNI_Policy
⭐️ ad-hoc 포트번호
# kubectl expose pod nginx-pod --name clusterip --type=ClusterIP --port 80 # 타겟포트,컨테이너 포트 , nginx 포트
# kubectl expose pod nginx-pod --name nodeport --type=NodePort --port 80
# kubectl expose pod nginx-pod --name loadbalancer --type=LoadBalancer --external-ip 192.168.56.103 --port 80 # 컨테이너 포트
꾸준히, 차근차근