반응형
Intro
- EKS Nodegroup 생성 전략 4가지 중 Managed NodeGroup + Managed AMI을 생성해보도록 하겠습니다.
- EKS 구축은 eksctl을 사용하도록 하겠습니다.
- 참고 URL1 : EKS NodeGroup 생성 전략 4가지 https://kim-dragon.tistory.com/54
- 참고 URL2 : eksctl yaml example github URL https://github.com/weaveworks/eksctl/tree/main/examples
작업순서
- eksctl yaml파일 작성
eksctl create cluster -f eksctl-managedng-managedami-my-vpc.yaml명령어 실행하여 생성
eksctl install on MAC OS
- homebrew 설치 (설치 되어있다면 생략)
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"- weaveworks/tap 설정 (tap은 homebrew 소프트웨어 저장소라고 생각하면됨)
brew tap weaveworks/tap- eksctl install
brew install weaveworks/tap/eksctl- 설치 확인 및 버전확인
eksctl version
eksctl yaml - 기존에 VPC/SUBNET가 생성되어 있는 경우
- eksctl-managedng-managedami-my-vpc.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: EKSCTL-TEST
region: ap-northeast-2
vpc:
id: "vpc-05d00b602d1620000"
# (optional, must match VPC ID used for each subnet below)
#cidr: "10.144.0.0/16"
# (optional, must match CIDR used by the given VPC)
subnets:
# must provide 'private' and/or 'public' subnets by availibility zone as shown
### public
public:
public-a:
id: "subnet-06fb73df586ec0000"
#cidr: "10.144.10.0/24"
# (optional, must match CIDR used by the given subnet)
public-c:
id: "subnet-07c47dbd3cadf0000"
#cidr: "10.144.20.0/24"
# (optional, must match CIDR used by the given subnet)
### private
private:
private-frontend-a:
id: "subnet-085c37d277deb0000"
#cidr: "10.144.152.0/25"
# (optional, must match CIDR used by the given subnet)
private-frontend-c:
id: "subnet-0b0e51e1564e00000"
#cidr: "10.144.152.128/25"
# (optional, must match CIDR used by the given subnet)
private-backend-a:
id: "subnet-01572e5b923430000"
#cidr: "10.144.152.128/25"
# (optional, must match CIDR used by the given subnet)
private-backend-c:
id: "subnet-0df15081b72840000"
#cidr: "10.144.152.128/25"
# (optional, must match CIDR used by the given subnet)
private-manage-a:
id: "subnet-0207fdd851e020000"
#cidr: "10.144.152.128/25"
# (optional, must match CIDR used by the given subnet)
private-manage-c:
id: "subnet-0f18b6ac70cec0000"
#cidr: "10.144.152.128/25"
# (optional, must match CIDR used by the given subnet)
managedNodeGroups:
- name: managed-ng-public
instanceType: m5.large
minSize: 1
desiredCapacity: 1
maxSize: 2
volumeSize: 20
privateNetworking: true
subnets:
- private-backend-a
- private-backend-c
# security group을 미리 생성한 경우 사용
#securityGroups:
# attachIDs: ["sg-1", "sg-2"]
ssh:
allow: true
publicKeyName: GSN-KYM
# ssh 용 security group을 미리 생성한 경우 사용
# new feature for restricting SSH access to certain AWS security group IDs
#sourceSecurityGroupIds: ["sg-00241fbb12c607007"]
labels: {role: worker}
# Note: unmanaged nodegroups (`nodeGroups` field) use a different structure (map[string]string) to express taints
# optional
# taints:
# - key: key1
# value: value1
# effect: NoSchedule
# - key: key2
# effect: NoExecute
# tags:
# nodegroup-role: worker
# iam:
# withAddonPolicies:
# externalDNS: true
# certManager: true
반응형
'IT > AWS' 카테고리의 다른 글
| [AWS] EKS Node조인 실패 트러블슈팅(Nodes fail to join cluster) (0) | 2021.06.25 |
|---|---|
| [AWS] eksctl을 이용한 EKS 생성 (Managed NodeGroup with Launchtemplate + Custom AMI) (0) | 2021.06.24 |
| [AWS] EKS IAM USER 추가 하기 (0) | 2021.06.22 |
| [AWS] ECS 생성하기 Demo (with 유튜브 영상) (0) | 2021.06.16 |
| [AWS]EKS Securitygroup(보안그룹) 파헤치기 (3) | 2021.06.09 |