AWS
EC2
인스턴스 생성
- 이름 : docker
ECR
- 단독으로 있지 않아서 ECS/EKS를 통해 접속
- 리포지토리 > 퍼블릭
- 이름 : test-site
mobaxterm에서
- aws configure
- 인증 토큰을 검색하고 레지스트리에 대해 Docker 클라이언트를 인증 실행
- 이미지 다운
[ec2-user@ip-10-24-0-73 ~]$ docker tag seozzang3/web-site:v1.0 public.ecr.aws/c1w2a5l4/test-site:eagle
[ec2-user@ip-10-24-0-73 ~]$ docker push public.ecr.aws/c1w2a5l4/test-site:eagle
The push refers to repository [public.ecr.aws/c1w2a5l4/test-site]
9571ae99d4b4: Pushed
e96ade5e718b: Pushed
09ecc8000b0f: Pushed
2ec7c2de402a: Pushed
95129a5fe07e: Pushed
eagle: digest: sha256:5851b79ec525d6bdbef2a35d65b38d1e45adf0a7155af7c706082b49b8c5e9c1 size: 1371IAM 사용자로 로그인
EKS
클러스터 생성
- 이름 : EKS-CLUSTER
- 버전 : 1.22
- 역할 : eksClusterRole
- VPC : MY-VPC
- 서브넷 : MY-PUBLIC-SUBNET-2A / MY-PUBLIC-SUBNET-2C
- 보안그룹 : MY-SG-WEB
- 로깅 구성 : 전부선택
mobaxterm
- eks cli
$ aws eks --region ap-northeast-2 update-kubeconfig --name EKS-CLUSTER
$ curl -o kubectl https://amazon-eks.s3-us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/kubectl
$ chmod +x ./kubectl
$ sudo mv ./kubectl /usr/local/bin
$ source <(kubectl completion bash)
$ echo "source <(kubectl completion bash)" >> ~/.bashrc
$ kubectl version --short --client노드 그룹 추가
- 이름 : NODEGROUP-SPOT
- 노드 IAM 역할 : nodeGroupRole
- 용량 유형 : on demand
- 인스턴스 유형 : t2.micro
- 최대크기 : 4
- 노드에 대한 SSH 액세스 구성 활성화
- 키 페어 : docker-key
- 권한 허용 대상 : 모두
-> 모든 트래픽을 열고 자기 자신 보안그룹을 소스로 설정하면 같은 보안그룹 내의 vm은 모두 통신 가능
인스턴스 4개 생성
- replica-loadbalancer.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: nginx-replicaset
spec:
replicas: 3 # desired state (kube-controller-manager) 선언적 API, 자가치유
selector:
matchLabels:
app: nginx-replicaset
template:
metadata:
name: nginx-replicaset
labels:
app: nginx-replicaset
spec:
containers:
- name: nginx-replicaset-container
image: nginx
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: loadbalancer-service-replicaset
spec:
type: LoadBalancer
# externalIPs:
# - 172.25.0.137
selector:
app: nginx-replicaset
ports:
- protocol: TCP
port: 80
targetPort: 80
[ec2-user@ip-10-24-0-73 test]$ kubectl apply -f replica-loadbalancer.yaml
replicaset.apps/nginx-replicaset created
service/loadbalancer-service-replicaset created-deployment.yaml # 매니페스트(manifest)
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 4
selector:
matchLabels:
app: nginx-deployment
template:
metadata:
name: nginx-deployment
labels:
app: nginx-deployment
spec:
containers:
- name: nginx-deployment-container
image: nginx
ports:
- containerPort: 80remote=> 다이렉트로 들어갈때
- clusterip-deployment.yaml
apiVersion: v1
kind: Service
metadata:
name: clusterip-service-deployment
spec:
type: ClusterIP
externalIPs:
- 3.34.142.14
selector:
app: nginx-deployment
ports:
- protocol: TCP
port: 80
targetPort: 80- loadbalancer-deployment.yaml
apiVersion: v1
kind: Service
metadata:
name: loadbalancer-service-deployment
spec:
type: LoadBalancer
externalIPs: # aws 프라이빗 ip 기입
- 10.24.2.49
- 10.24.10.144
- 10.24.38.53
- 10.24.36.63
selector:
app: nginx-deployment
ports:
- protocol: TCP
port: 80
targetPort: 80
[ec2-user@ip-10-24-0-73 test]$ kubectl apply -f loadbalancer-deployment.yaml
service/loadbalancer-service-deployment created
