CI/CD를 위한 Github Action
.github/workflows/deploy.yml
name: Terraform Deployment
on:
push:
branches:
- main
env:
AWS_REGION: ap-northeast-2 # seoul, korea
jobs:
terraform:
name: Apply Terraform
runs-on: ubuntu-latest
steps:
- name: 코드 체크아웃
uses: actions/checkout@v4
# AWS 설정
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
# Terraform step
- name: Terraform 설치
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.11.1
- name: Terraform 초기화
run: terraform init
- name: Terraform Format Check
run: terraform fmt -check
- name: Terraform Validate
run: terraform validate
- name: Terraform 실행 계획 확인
run: terraform plan
- name: Terraform 적용
run: terraform apply -auto-approve
deploy_k8s:
name: Deploy to EKS
needs: terraform
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Install kubectl
run: |
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin/
- name: Update kubeconfig
run: aws eks update-kubeconfig --name my-cluster --region us-west-2
- name: Deploy to EKS
run: kubectl apply -f k8s/
- name: Verify Deployment
run: kubectl get pods -n default
deploy_k8s 수정 계획
EKS를 외부 CLI(AWS)로 동작 예정
두 가지 동작
- ArgoCD 설치
- Helm (Prometheus 설치, Grafana 설치)
IaC으로 설치
resource "helm_release" "prometheus"{
...
클라우드 엔지니어 준비