eks provisioning

configure profile 설정 | DevOps R&D Centerdevops-lab.meiko.co.kr

위에서 aws configure 설정 필요

eks worker node t3.large로 다시 해봐야함


aws cloudformation create-stack --stack-name main-vpc-stack --template-body file://vpc-stack.yaml

VPC_STACK="main-vpc-stack"
outputs=$(aws cloudformation describe-stacks --stack-name $VPC_STACK --query "Stacks[0].Outputs" --output json)
VPC_ID=$(echo $outputs | jq -r '.[] | select(.OutputKey=="VPCId").OutputValue')
PUBLIC_SUBNET_A_ID=$(echo $outputs | jq -r '.[] | select(.OutputKey=="PublicSubnetAId").OutputValue')
PUBLIC_SUBNET_B_ID=$(echo $outputs | jq -r '.[] | select(.OutputKey=="PublicSubnetBId").OutputValue')
PUBLIC_SUBNET_C_ID=$(echo $outputs | jq -r '.[] | select(.OutputKey=="PublicSubnetCId").OutputValue')
PRIVATE_SUBNET_A_ID=$(echo $outputs | jq -r '.[] | select(.OutputKey=="PrivateSubnetAId").OutputValue')
PRIVATE_SUBNET_B_ID=$(echo $outputs | jq -r '.[] | select(.OutputKey=="PrivateSubnetBId").OutputValue')
PRIVATE_SUBNET_C_ID=$(echo $outputs | jq -r '.[] | select(.OutputKey=="PrivateSubnetCId").OutputValue')

echo "VPC_STACK: $VPC_STACK"
echo "VPC_ID: $VPC_ID"
echo "PUBLIC_SUBNET_A_ID: $PUBLIC_SUBNET_A_ID"
echo "PUBLIC_SUBNET_B_ID: $PUBLIC_SUBNET_B_ID"
echo "PUBLIC_SUBNET_C_ID: $PUBLIC_SUBNET_C_ID"
echo "PRIVATE_SUBNET_A_ID: $PRIVATE_SUBNET_A_ID"
echo "PRIVATE_SUBNET_B_ID: $PRIVATE_SUBNET_B_ID"
echo "PRIVATE_SUBNET_C_ID: $PRIVATE_SUBNET_C_ID"

cat <<EOF > eksctl-cluster-config.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata:
  name: main
  region: ap-southeast-1
  version: "1.29"
  tags:
    Environment: "Production"

addons:
  - name: vpc-cni
    version: latest
  - name: coredns
    version: latest
  - name: kube-proxy
    version: latest

iam:
  withOIDC: true

vpc:
  id: $VPC_ID
  nat:
    gateway: HighlyAvailable
  subnets:
    private:
      ap-southeast-1a:
        id: $PRIVATE_SUBNET_A_ID
        name: "main-private-subnet-a"
      ap-southeast-1b:
        id: $PRIVATE_SUBNET_B_ID
        name: "main-private-subnet-b"
      ap-southeast-1c:
        id: $PRIVATE_SUBNET_C_ID
        name: "main-private-subnet-c"
    public:
      ap-southeast-1a:
        id: $PUBLIC_SUBNET_A_ID
        name: "main-public-subnet-a"
      ap-southeast-1b:
        id: $PUBLIC_SUBNET_B_ID
        name: "main-public-subnet-b"
      ap-southeast-1c:
        id: $PUBLIC_SUBNET_C_ID
        name: "main-public-subnet-c"

managedNodeGroups:
  - name: manage-group
    instanceType: t3.large
    desiredCapacity: 3
    minSize: 3
    maxSize: 5
    privateNetworking: true
    volumeSize: 20
    ssh:
      allow: true
      publicKeyName: "common"
    iam:
      withAddonPolicies:
        autoScaler: true
        ebs: true
        albIngress: true
    tags:
      eksctl.io/nodegroup-name: "manage-group"

  - name: service-group
    instanceType: t3.large
    desiredCapacity: 1
    minSize: 1
    maxSize: 5
    privateNetworking: true
    volumeSize: 20
    ssh:
      allow: true
      publicKeyName: "common"
    iam:
      withAddonPolicies:
        autoScaler: true
        ebs: true
        albIngress: true
    tags:
      eksctl.io/nodegroup-name: "service-group"
EOF

common.pem 파일 추가 필요
ssm 못하도록 하는 설정 추가 필요

eksctl create cluster -f eksctl-cluster-config.yaml

aws eks --region ap-southeast-1 update-kubeconfig --name main --alias main

k get all

PreviousEKS Nextalb controller, istio

Last updated 1 year ago

Was this helpful?