1. GCP-테라폼-쿠버네티스,LB 사용하기
<1> 인증하기
<2> 코드 이해
<3> 초기와 적용하기
<4> 리소스 확인과 접속
<1> 인증하기
1
gcloud auth list
2
gcloud config list project
<2> 코드 이해
1
version.tf
terraform {
required_version = ">= 0.12"
}
# 테러폼 0.12 버전 이상
2
$ more main.tf
variable "region" {
type = string
description = "Region for the resource."
}
variable "location" {
type = string
description = "Location represents region/zone for the resource."
}
variable "network_name" {
default = "tf-gke-k8s"
}
provider "google" {
region = var.region
}
resource "google_compute_network" "default" {
name = var.network_name
auto_create_subnetworks = false
}
resource "google_compute_subnetwork" "default" {
name = var.network_name
ip_cidr_range = "10.127.0.0/20"
network = google_compute_network.default.self_link
region = var.region
private_ip_google_access = true
}
data "google_client_config" "current" {
}
data "google_container_engine_versions" "default" {
location = var.location
}
resource "google_container_cluster" "default" {
name = var.network_name
location = var.location
initial_node_count = 3
min_master_version = data.google_container_engine_versions.default.latest_master_version
network = google_compute_subnetwork.default.name
subnetwork = google_compute_subnetwork.default.name
// Use legacy ABAC until these issues are resolved:
// https://github.com/mcuadros/terraform-provider-helm/issues/56
// https://github.com/terraform-providers/terraform-provider-kubernetes/pull/73
enable_legacy_abac = true
// Wait for the GCE LB controller to cleanup the resources.
// Wait for the GCE LB controller to cleanup the resources.
provisioner "local-exec" {
when = destroy
command = "sleep 90"
}
}
output "network" {
value = google_compute_subnetwork.default.network
}
output "subnetwork_name" {
value = google_compute_subnetwork.default.name
}
output "cluster_name" {
value = google_container_cluster.default.name
}
output "cluster_region" {
value = var.region
}
output "cluster_location" {
value = google_container_cluster.default.location
}
3
$ more k8s.tf
provider "kubernetes" {
version = "~> 1.10.0"
host = google_container_cluster.default.endpoint
token = data.google_client_config.current.access_token
client_certificate = base64decode(
google_container_cluster.default.master_auth[0].client_certificate,
)
client_key = base64decode(google_container_cluster.default.master_auth[0].client_key)
cluster_ca_certificate = base64decode(
google_container_cluster.default.master_auth[0].cluster_ca_certificate,
)
}
resource "kubernetes_namespace" "staging" {
metadata {
name = "staging"
}
}
resource "google_compute_address" "default" {
name = var.network_name
region = var.region
}
resource "kubernetes_service" "nginx" {
metadata {
namespace = kubernetes_namespace.staging.metadata[0].name
name = "nginx"
}
spec {
selector = {
run = "nginx"
}
session_affinity = "ClientIP"
port {
protocol = "TCP"
port = 80
target_port = 80
}
type = "LoadBalancer"
load_balancer_ip = google_compute_address.default.address
}
}
resource "kubernetes_replication_controller" "nginx" {
metadata {
name = "nginx"
namespace = kubernetes_namespace.staging.metadata[0].name
labels = {
run = "nginx"
}
}
spec {
selector = {
run = "nginx"
}
template {
metadata {
name = "nginx"
labels = {
run = "nginx"
}
}
spec {
container {
image = "nginx:latest"
name = "nginx"
resources {
limits {
cpu = "0.5"
memory = "512Mi"
}
requests {
cpu = "250m"
memory = "50Mi"
}
}
}
}
}
}
}
output "load-balancer-ip" {
value = google_compute_address.default.address
}
<3> 초기와 적용하기
1
terraform init
2
terraform apply -var="region="Region to be allocated"" -var="location="Zone to be allocated""
<4> 리소스 확인과 접속
1
쿠버네티스 Endpoints IP 확인
2
브라우저로 접속
다음 보기
https://brunch.co.kr/@topasvga/3391
전체 보기
https://brunch.co.kr/@topasvga/3394
감사합니다.
