실습 자료
https://catalog.us-east-1.prod.workshops.aws/eks-autoscaling/ko-KR
실습 안내
EKS설치하자
https://innoshome.notion.site/innoshome/Amazon-EKS-a328fadd565a42d8a8178628e826da36
https://brunch.co.kr/@topasvga/3518
##################################
## kubectl 등의 툴을 설치한다.
##################################
# 1. kubectl 설치 - 1.27
sudo curl --silent --location -o /usr/local/bin/kubectl \
https://s3.us-west-2.amazonaws.com/amazon-eks/1.27.1/2023-04-19/bin/linux/amd64/kubectl
sudo chmod +x /usr/local/bin/kubectl
# 2. awscli v2 설치
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
# 3. jq, envsubst, bash-completion
sudo yum -y install jq gettext bash-completion moreutils
# 4. yq 설치 및 확인
echo 'yq() {
docker run --rm -i -v "${PWD}":/workdir mikefarah/yq "$@"
}' | tee -a ~/.bashrc && source ~/.bashrc
for command in kubectl jq envsubst aws
do
which $command &>/dev/null && echo "$command in path" || echo "$command NOT FOUND"
done
# 5. kubectl bash_completion
kubectl completion bash >> ~/.bash_completion
. /etc/profile.d/bash_completion.sh
. ~/.bash_completion
# 6. shorthand alias
echo 'alias k=kubectl' >> ~/.bash_profile
echo 'complete -o default -F __start_kubectl k' >> ~/.bash_profile
# 7. AWS Load Balancer Controller version
echo 'export LBC_VERSION="v2.4.1"' >> ~/.bash_profile
echo 'export LBC_CHART_VERSION="1.4.1"' >> ~/.bash_profile
. ~/.bash_profile
# 8. cloud9 temporary credential 삭제
aws cloud9 update-environment --environment-id $C9_PID --managed-credentials-action DISABLE
rm -vf ${HOME}/.aws/credentials
# 9. ACCOUNT 환경 설정 추가
export ACCOUNT_ID=$(aws sts get-caller-identity --output text --query Account)
export AWS_REGION=$(curl -s 169.254.169.254/latest/dynamic/instance-identity/document | jq -r '.region')
export AZS=($(aws ec2 describe-availability-zones --query 'AvailabilityZones[].ZoneName' --output text --region $AWS_REGION))
# 10. 환경 설정 확인
test -n "$AWS_REGION" && echo AWS_REGION is "$AWS_REGION" || echo AWS_REGION is not set
# 11. bash profile에 설정 추가
echo "export ACCOUNT_ID=${ACCOUNT_ID}" | tee -a ~/.bash_profile
echo "export AWS_REGION=${AWS_REGION}" | tee -a ~/.bash_profile
echo "export AZS=(${AZS[@]})" | tee -a ~/.bash_profile
aws configure set default.region ${AWS_REGION}
aws configure get default.region
# 12. Cloud 9 디스크 사이즈 증설
# curl -s https://gist.githubusercontent.com/joozero/b48ee68e2174a4f1ead93aaf2b582090/raw/2dda79390a10328df66e5f6162846017c682bef5/resize.sh | sh
# 13. 용량 확인
# df -h
# 14. KMS 생성
# aws kms create-alias --alias-name alias/eksworkshop --target-key-id $(aws kms create-key --query KeyMetadata.Arn --output text)
# 15. CMK ARN 설정
#export MASTER_ARN=$(aws kms describe-key --key-id alias/eksworkshop --query KeyMetadata.Arn --output text)
#echo "export MASTER_ARN=${MASTER_ARN}" | tee -a ~/.bash_profile
# 16. eksctl 설치
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv -v /tmp/eksctl /usr/local/bin
# 17. eksctl 버전 확인
eksctl version
# 18. eksctl bash-completion
eksctl completion bash >> ~/.bash_completion
. /etc/profile.d/bash_completion.sh
. ~/.bash_completion
# 19. k9s 설치
K9S_VERSION=v0.27.4
curl -sL https://github.com/derailed/k9s/releases/download/${K9S_VERSION}/k9s_Linux_amd64.tar.gz | sudo tar xfz - -C /usr/local/bin k9s
# sudo 필요
# 20. kubens, kubectx 설치 - sudo 필요
sudo -s
git clone https://github.com/ahmetb/kubectx /opt/kubectx
ln -s /opt/kubectx/kubens /usr/local/bin/kubens
ln -s /opt/kubectx/kubectx /usr/local/bin/kubectx
exit
# 21. Helm 설치
curl -sSL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
helm version --short
helm repo add stable https://charts.helm.sh/stable
# 22. helm bash-completion
helm completion bash >> ~/.bash_completion
. /etc/profile.d/bash_completion.sh
. ~/.bash_completion
source <(helm completion bash)
## Console Credentials
# cloud 9 의 user Arn을 aws-auth 에 group (system:masters) username : admin 추가
c9builder=$(aws cloud9 describe-environment-memberships --environment-id=$C9_PID | jq -r '.memberships[].userArn')
if echo ${c9builder} | grep -q user; then
rolearn=${c9builder}
echo Role ARN: ${rolearn}
elif echo ${c9builder} | grep -q assumed-role; then
assumedrolename=$(echo ${c9builder} | awk -F/ '{print $(NF-1)}')
rolearn=$(aws iam get-role --role-name ${assumedrolename} --query Role.Arn --output text)
echo Role ARN: ${rolearn}
fi
# iam-identitymapping
eksctl create iamidentitymapping --cluster ${EKS_CLUSTER_NAME} --arn ${rolearn} --group system:masters --username admin
# 확인
kubectl describe configmap -n kube-system aws-auth
1
git clone https://codeberg.org/hjacobs/kube-ops-view.git
cd kube-ops-view/
kubectl apply -k deploy
2
외부에서 kube-ops-view를 접속하기 위해서 Service Type을 LoadBalancer 로 변경한다.
kubectl edit svc kube-ops-view
apiVersion: v1
kind: Service
metadata:
annotations:
name: kube-ops-view
spec:
....
sessionAffinity: None
type: LoadBalancer
status:
(3분 걸림)
# kube ops view 접속 URL
kubectl get svc kube-ops-view | tail -n 1 | awk '{ print "Kube-ops-view URL = http://"$4 }'
Kube-ops-view URL = http://a05de3399da504b78a0bbdef9ca2569b-20XXXXX.ap-northeast-2.elb.amazonaws.com
1
CPU가 10%를 초과하면 새로운 컨테이너를 추가하도록 설정합니다.
kubectl autoscale deployment php-apache `#평균 cpu 사용율` \
--cpu-percent=10 \
--min=1 `#최소값` \
--max=10 `#최댓값`
kubectl get hpa
2
부하 발생
kubectl run -i --tty load-generator --image=busybox /bin/sh
loop를 돌면서 http://php-apache 호출합니다.
while true; do wget -q -O - http://php-apache; done
상태 확인
kubectl get hpa -w
삭제
kubectl delete deployment php-apache
kubectl delete hpa php-apache
1
kubeops view
pod 증가시 = 노드 증가됨
파드 감소시 > 노드 1개 없어짐
비어있는 node에 TTL를 추가 (default=30초 이후에 삭제된다는 TTL을 추가한다.)
deprovisiong -> cordon & delete node 12. delete가 완료됨
삭제 필수
https://brunch.co.kr/@topasvga/3522