1. MobaXterm 접속 후 확인
➜ 인스턴스 퍼블릭 IP, 사용자 이름 : ec2-user, 키 페어 넣기
➜ 명령어 입력하여 확인
aws configure 설정
변수 설정
export CLUSTER_NAME=myeks
echo $CLUSTER_NAME
export VPCID=$(aws ec2 describe-vpcs --filters "Name=tag:Name,Values=$CLUSTER_NAME-VPC" | jq -r .Vpcs[].VpcId)
echo "export VPCID=$VPCID" >> /etc/profile
export PubSubnet1=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="$CLUSTER_NAME-PublicSubnet1" --query "Subnets[0].[SubnetId]" --output text)
export PubSubnet2=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="$CLUSTER_NAME-PublicSubnet2" --query "Subnets[0].[SubnetId]" --output text)
echo "export PubSubnet1=$PubSubnet1" >> /etc/profile
echo "export PubSubnet2=$PubSubnet2" >> /etc/profile
echo "export AWS_DEFAULT_REGION=ap-northeast-2" >> /etc/profile
echo $AWS_DEFAULT_REGION
echo $CLUSTER_NAME
echo $VPCID
echo $PubSubnet1
echo $PubSubnet2
설치 유틸들 확인
kubectl version --client=true -o yaml | yh
eksctl version
docker info
aws ec2 describe-instances
aws ec2 describe-vpcs
aws ec2 describe-subnets
명령어로 eks 설정
eksctl create cluster \
--name $CLUSTER_NAME \
--region=$AWS_DEFAULT_REGION \
--nodegroup-name=$CLUSTER_NAME-nodegroup \
--node-type=t3.medium \
--node-volume-size=30 \
--vpc-public-subnets "$PubSubnet1,$PubSubnet2" \
--version 1.27 \
--ssh-access \
--external-dns-access \
--verbose 4
➜ 노드 확인
✅ 인스턴스 > 네트워킹
✅ kubectl get node
✅ kubectl get node -o wide
✅ curl -ks https://784916454242ADBCBD5AF3166AF1CECD.gr7.ap-northeast-2.eks.amazonaws.com
✅ curl -ks https://784916454242ADBCBD5AF3166AF1CECD.gr7.ap-northeast-2.eks.amazonaws.com/version
✅ kubectl get node -o wide -v=6
➜ 통신 확인
✅ kubectl cluster-info
➜ 변수 선언
✅ kubectl get node -o jsonpath={.items[0].status.addresses[0].address}
✅ kubectl get node -o jsonpath={.items[1].status.addresses[0].address}
✅ export N1=$(kubectl get node -o jsonpath={.items[0].status.addresses[0].address})
✅ export N2=$(kubectl get node -o jsonpath={.items[1].status.addresses[0].address})
✅ echo "export N1=$N1" >> /etc/profile
✅ echo "export N2=$N2" >> /etc/profile
✅ echo $N1
✅ echo $N2
➜ eksctl delete cluster --name myeks
✅ 모두 지우는 명령어
2. 새로운 실습
➜ YAML 파일로 스택 생성하여 기본만 구축
더보기
AWSTemplateFormatVersion: '2010-09-09'
Description: CloudFormation template to create a VPC, Subnets, Internet Gateway, Route Tables, Security Group, and a configured EC2 instance.
Parameters:
ClusterBaseName:
Type: String
Description: The base name for the EKS cluster.
Default: myeks # 기본값 설정 (필요시 변경 가능)
LatestAmazonLinux2023AmiId:
Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
Default: "/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64"
Description: "The latest Amazon Linux 2023 AMI ID from SSM Parameter Store"
Resources:
# VPC
MyVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 192.168.0.0/16
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: myeks-VPC
# Public Subnets
MyPublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 192.168.1.0/24
AvailabilityZone: ap-northeast-3a
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: myeks-PublicSubnet1
MyPublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 192.168.2.0/24
AvailabilityZone: ap-northeast-3b
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: myeks-PublicSubnet2
MyPublicSubnet3:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 192.168.3.0/24
AvailabilityZone: ap-northeast-3c
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: myeks-PublicSubnet3
# Private Subnets
MyPrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 192.168.11.0/24
AvailabilityZone: ap-northeast-3a
Tags:
- Key: Name
Value: myeks-PrivateSubnet1
MyPrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 192.168.12.0/24
AvailabilityZone: ap-northeast-3b
Tags:
- Key: Name
Value: myeks-PrivateSubnet2
MyPrivateSubnet3:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 192.168.13.0/24
AvailabilityZone: ap-northeast-3c
Tags:
- Key: Name
Value: myeks-PrivateSubnet3
# Internet Gateway
MyInternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: myeks-IGW
MyVPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref MyVPC
InternetGatewayId: !Ref MyInternetGateway
# Route Tables for Public and Private Subnets
MyPublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyVPC
Tags:
- Key: Name
Value: myeks-PublicSubnetRT
MyPrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyVPC
Tags:
- Key: Name
Value: myeks-PrivateSubnetRT
# Public Route for Internet Gateway
MyPublicRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref MyPublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref MyInternetGateway
# Associate Public Subnets with Public Route Table
PublicSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref MyPublicSubnet1
RouteTableId: !Ref MyPublicRouteTable
PublicSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref MyPublicSubnet2
RouteTableId: !Ref MyPublicRouteTable
PublicSubnet3RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref MyPublicSubnet3
RouteTableId: !Ref MyPublicRouteTable
# Associate Private Subnets with Private Route Table
PrivateSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref MyPrivateSubnet1
RouteTableId: !Ref MyPrivateRouteTable
PrivateSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref MyPrivateSubnet2
RouteTableId: !Ref MyPrivateRouteTable
PrivateSubnet3RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref MyPrivateSubnet3
RouteTableId: !Ref MyPrivateRouteTable
# Security Group for EC2
MySecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow SSH and other necessary traffic
VpcId: !Ref MyVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
Tags:
- Key: Name
Value: myeks-host-SG
# EC2 Instance
EC2Instance:
Type: AWS::EC2::Instance
Properties:
AvailabilityZone: ap-northeast-3a
InstanceType: t3.medium
ImageId: !Ref LatestAmazonLinux2023AmiId
KeyName: nana
Tags:
- Key: Name
Value: myeks-host
NetworkInterfaces:
- AssociatePublicIpAddress: true
DeviceIndex: 0
SubnetId: !Ref MyPublicSubnet1
GroupSet:
- !Ref MySecurityGroup
UserData:
Fn::Base64:
!Sub |
#!/bin/bash
hostnamectl --static set-hostname "myeks-bastion-EC2"
echo 'alias vi=vim' >> /etc/profile
echo "sudo su -" >> /home/ec2-user/.bashrc
cd /root
yum -y install tree jq git htop lynx
install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
mv /tmp/eksctl /usr/local/bin
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip >/dev/null 2>&1
sudo ./aws/install
complete -C '/usr/local/bin/aws_completer' aws
cho 'export AWS_PAGER=""' >>/etc/profile
export AWS_DEFAULT_REGION="ap-northeast-3"
echo "export AWS_DEFAULT_REGION=$AWS_DEFAULT_REGION" >> /etc/profile
unzip yh-linux-amd64.zip
mv yh /usr/local/bin/
tar zxvf krew-linux_amd64.tar.gz
./krew-linux_amd64 install krew
export PATH="$PATH:/root/.krew/bin"
echo 'export PATH="$PATH:/root/.krew/bin"' >> /etc/profile
kubectl krew install ctx ns get-all df-pv # ktop mtail tree
echo 'source <(kubectl completion bash)' >> /etc/profile
echo 'alias k=kubectl' >> /etc/profile
echo 'complete -F __start_kubectl k' >> /etc/profile
git clone https://github.com/jonmosco/kube-ps1.git /root/kube-ps1
cat <<"EOT" >> /root/.bash_profile
source /root/kube-ps1/kube-ps1.sh
KUBE_PS1_SYMBOL_ENABLE=false
function get_cluster_short() {
echo "$1" | cut -d . -f1
}
KUBE_PS1_CLUSTER_FUNCTION=get_cluster_short
KUBE_PS1_SUFFIX=') '
PS1='$(kube_ps1)'$PS1
EOT
yum install docker -y
systemctl start docker && systemctl enable docker
ssh-keygen -t rsa -N "" -f /root/.ssh/id_rsa
export AWS_ACCESS_KEY_ID="AKIAQXPZC24ZZP57O4J4"
export AWS_SECRET_ACCESS_KEY="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"
export AWS_DEFAULT_REGION="ap-northeast-3"
export ACCOUNT_ID=$(aws sts get-caller-identity --query 'Account' --output text)
echo "export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" >> /etc/profile
echo "export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> /etc/profile
echo "export AWS_DEFAULT_REGION=$AWS_DEFAULT_REGION" >> /etc/profile
echo "export ACCOUNT_ID=$(aws sts get-caller-identity --query 'Account' --output text)" >> /etc/profile
export CLUSTER_NAME="myeks"
echo "export CLUSTER_NAME=$CLUSTER_NAME" >> /etc/profile
export KUBERNETES_VERSION="1.27"
echo "export KUBERNETES_VERSION=$KUBERNETES_VERSION" >> /etc/profile
export VPCID=$(aws ec2 describe-vpcs --filters "Name=tag:Name,Values=myeks-VPC" | jq -r .Vpcs[].VpcId)
echo "export VPCID=$VPCID" >> /etc/profile
export PubSubnet1=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="myeks-PublicSubnet1" --query "Subnets[0].[SubnetId]" --output text)
export PubSubnet2=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="myeks-PublicSubnet2" --query "Subnets[0].[SubnetId]" --output text)
export PubSubnet3=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="myeks-PublicSubnet3" --query "Subnets[0].[SubnetId]" --output text)
echo "export PubSubnet1=$PubSubnet1" >> /etc/profile
echo "export PubSubnet2=$PubSubnet2" >> /etc/profile
echo "export PubSubnet3=$PubSubnet3" >> /etc/profile
export PrivateSubnet1=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="myeks-PrivateSubnet1" --query "Subnets[0].[SubnetId]" --output text)
export PrivateSubnet2=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="myeks-PrivateSubnet2" --query "Subnets[0].[SubnetId]" --output text)
export PrivateSubnet3=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="myeks-PrivateSubnet3" --query "Subnets[0].[SubnetId]" --output text)
echo "export PrivateSubnet1=$PrivateSubnet1" >> /etc/profile
echo "export PrivateSubnet2=$PrivateSubnet2" >> /etc/profile
echo "export PrivateSubnet3=$PrivateSubnet3" >> /etc/profile
eksctl create cluster --name $CLUSTER_NAME --region=$AWS_DEFAULT_REGION --nodegroup-name=ng1 --node-type=t3.medium --nodes 3 --node-volume-size=30 --vpc-public-subnets "$PubSubnet1","$PubSubnet2","$PubSubnet3" --version 1.27 --ssh-access --ssh-public-key nana --with-oidc --external-dns-access --full-ecr-access --dry-run > myeks.yaml
sed -i 's/certManager: false/certManager: true/g' myeks.yaml
sed -i 's/ebs: false/ebs: true/g' myeks.yaml
cat <<EOT >> myeks.yaml
addons:
- name: vpc-cni # no version is specified so it deploys the default version
version: latest
attachPolicyARNs:
- arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
- name: kube-proxy
version: latest # auto discovers the latest available
- name: coredns
version: latest # v1.9.3-eksbuild.2
EOT
nohup eksctl create cluster -f myeks.yaml --verbose 4 --kubeconfig "/root/.kube/config" 1> /root/create-eks.log 2>&1 &
echo 'cloudinit End!'
➜ 주의 cloudformation 리소스를 삭제하고 나서 삭제 안된 리소스 확인하고 수동으로 전부 지우기
✅ 다음 구동시에 충돌 남
'AWS' 카테고리의 다른 글
| [ 5 ] - pv, pvc 관련 실습 (0) | 2024.09.25 |
|---|---|
| [ 4 ] (0) | 2024.09.13 |
| [ 2 ] (0) | 2024.09.11 |
| [ 1 ] - 기본 Setting (0) | 2024.09.10 |
| [ AWS batch & ECR ] (0) | 2024.09.06 |