brunch

You can make anything
by writing

C.S.Lewis

by Master Seo Jul 04. 2021

쿠버1탄-17. 쿠버네티스-AWS
CLB, NLB 사용

다음은 쿠버네티스 스터디 자료를 참고해  정리한 내용입니다.



구조

외부------- Load Balancer --------- Node1, Node2 등 각 포트에 접속 ------- 클러스터 -- Pod 접속



<1> 디플로이 먼트 생성

<2>  nlb, clb 생성

<3> 동작 확인

<4> 안되는것 ?

<5> 삭제

<6> 정리






<1>  디플로이먼트 생성


0

터미널2로 모니터링


기존 테스트 환경 삭제

kubectl delete deploy,svc,pod --all


watch -d 'kubectl get pods,svc,ep -o wide'



1

cat << EOF > echo-pod.yaml

apiVersion: apps/v1

kind: Deployment

metadata:

  name: deploy-echo

spec:

  replicas: 3

  selector:

    matchLabels:

      app: deploy-websrv

  template:

    metadata:

      labels:

        app: deploy-websrv

    spec:

      containers:

      - name: cndk-websrv

        image: k8s.gcr.io/echoserver:1.5

        ports:

        - containerPort: 8080

EOF




2

kubectl apply -f echo-pod.yaml

deployment.apps/deploy-echo created



3

kubectl get pod -o wide -l app=deploy-websrv |awk 'NR>1 {print $6}'

100.99.79.135

100.97.177.71

100.97.177.72


4

kubectl get pod -l app=deploy-websrv -o=name

pod/deploy-echo-56f947c867-9fbbt

pod/deploy-echo-56f947c867-9tjw8

pod/deploy-echo-56f947c867-blqdb


5

for pod in $(kubectl get pod -o wide -l app=deploy-websrv |awk 'NR>1 {print $6}'); do curl -s $pod:8080 | egrep '(Hostname|nginx|client_address)' ; done

Hostname: deploy-echo-56f947c867-9fbbt

        server_version=nginx: 1.13.0 - lua: 10008

        client_address=100.127.206.64

Hostname: deploy-echo-56f947c867-9tjw8

        server_version=nginx: 1.13.0 - lua: 10008

        client_address=100.127.206.64

Hostname: deploy-echo-56f947c867-blqdb

        server_version=nginx: 1.13.0 - lua: 10008

        client_address=100.127.206.64


//접근하는 client_address  나옴



6

kubectl logs -l app=deploy-websrv -f




<2>  nlb, clb 생성


clear


1

cat << EOF >aws-svc-clb.yaml

apiVersion: v1

kind: Service

metadata:

  name: aws-svc-clb

spec:

  ports:

    - name: awsclb-webport

      port: 80

      targetPort: 8080

      nodePort: 30000

  selector:

    app: deploy-websrv

  type: LoadBalancer

EOF


// 타입은 LoadBalancer


2

cat << EOF > aws-svc-nlb.yaml

apiVersion: v1

kind: Service

metadata:

  name: aws-svc-nlb

  annotations:

    service.beta.kubernetes.io/aws-load-balancer-type: "nlb"

spec:

  ports:

    - name: awsnlb-webport

      port: 80

      targetPort: 8080

      nodePort: 31000

  selector:

    app: deploy-websrv

  type: LoadBalancer

EOF



 // annotations:

    service.beta.kubernetes.io/aws-load-balancer-type: "nlb"

AWS nlb 생성함



3

kubectl apply -f aws-svc-clb.yaml

kubectl apply -f aws-svc-nlb.yaml



4

elb ip 확인

clb , nlb ip 확인된다.

kubectl get svc -o wide

NAME          TYPE           CLUSTER-IP       EXTERNAL-IP      PORT(S)        AGE     SELECTOR

aws-svc-clb   LoadBalancer   100.65.163.138   ab862245ca11745f3b7b1e13fa97578b-383114406.ap-northeast-1.elb.amazonaws.com     80:30000/TCP   2m17s   app=deploy-websrv

aws-svc-nlb   LoadBalancer   100.64.174.228   a7821a00ee52e453d9eda57907d3b204-95fc02f785020d14.elb.ap-northeast-1.amazonaws.com 80:31000/TCP  2m  app=deploy-websrv



5

ep 확인

kubectl get endpoints

NAME          ENDPOINTS                                                  AGE

aws-svc-clb   100.97.177.83:8080,100.97.177.84:8080,100.99.79.145:8080   4m26s

aws-svc-nlb   100.97.177.83:8080,100.97.177.84:8080,100.99.79.145:8080   4m25s

kubernetes    172.20.46.120:443                                          12m


6

log 확인

kubectl logs -l app=deploy-websrv -f

100.99.79.128 - - [04/Jul/2021:10:51:44 +0000] "GET /.env HTTP/1.1" 200 722 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"

100.97.177.64 - - [04/Jul/2021:10:51:45 +0000] "POST / HTTP/1.1" 200 792 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"



7

AWS 콘솔 로그인

ELB가서 ELB 생성 확인




<3> 동작 확인


1

별도   외부  client에서 확인

EXIP1=a873edadd1c614d398fdea5e84000984-897524637.ap-northeast-1.elb.amazonaws.com

EXIP2=a2046905c10124f67b3d3bc3ef143a98-321370f9fcbc32a8.elb.ap-northeast-1.amazonaws.com


2

curl -s --connect-timeout 1 $EXIP1 | egrep '(Hostname|nginx|client_address)'

curl -s --connect-timeout 1 $EXIP2 | egrep '(Hostname|nginx|client_address)'


Hostname: deploy-echo-56f947c867-ln28j

        server_version=nginx: 1.13.0 - lua: 10008

        client_address=100.127.206.64


Hostname: deploy-echo-56f947c867-hk4j5

        server_version=nginx: 1.13.0 - lua: 10008

        client_address=100.127.206.64




3

분산 확인?


for i in {1..100}; do curl -s $EXIP1 | grep Hostname ; done | sort | uniq -c | sort -nr

     36 Hostname: deploy-echo-56f947c867-rqtvc

     36 Hostname: deploy-echo-56f947c867-ln28j

     28 Hostname: deploy-echo-56f947c867-hk4j5


for i in {1..100}; do curl -s $EXIP2 | grep Hostname ; done | sort | uniq -c | sort -nr

     37 Hostname: deploy-echo-56f947c867-ln28j

     36 Hostname: deploy-echo-56f947c867-rqtvc

     27 Hostname: deploy-echo-56f947c867-hk4j5




4

// client 접속 IP 확인이 가능하다.


for i in {1..100}; do curl -s $EXIP1 | grep client_address ; done | sort | uniq -c | sort -nr

    100         client_address=100.127.206.64


for i in {1..100}; do curl -s $EXIP2 | grep client_address ; done | sort | uniq -c | sort -nr

    100         client_address=100.127.206.64



5

while true; do curl -s --connect-timeout 1 $EXIP1 | egrep '(Hostname|nginx|client_address)'; echo "--------------" ; date "+%Y-%m-%d %H:%M:%S" ; sleep 1; done


while true; do curl -s --connect-timeout 1 $EXIP2 | egrep '(Hostname|nginx|client_address)'; echo "--------------" ; date "+%Y-%m-%d %H:%M:%S" ; sleep 1; done


Hostname: deploy-echo-56f947c867-hk4j5

        server_version=nginx: 1.13.0 - lua: 10008

        client_address=100.127.206.64

--------------

2021-07-04 10:58:48

Hostname: deploy-echo-56f947c867-ln28j

        server_version=nginx: 1.13.0 - lua: 10008

        client_address=100.127.206.64


<4> 안되는것 ?


1

안되는것 ?

HTTP/HTTS  처리

TLS   종료

도메인 기반 라우팅 처리


2

대안?

인그레스

HTTP/HTTPS  처리 가능.

하지만,  TCP/UDP 처리 불가여서 TCP/UDP 처리 위해서는  LoadBalancer  사용해야 한다.



<5> 삭제


kubectl delete deploy,svc --all




<6> 정리


구조

외부------- Load Balancer --- Node1, Node2 등 각 포트에 접속 ------- 클러스터 -- Pod 접속





 다음 과정

https://brunch.co.kr/@topasvga/1686


감사합니다.

브런치는 최신 브라우저에 최적화 되어있습니다. IE chrome safari