16탄-4.테라폼-네이버 클라우드 쿠버네티스 네트워크3
<1> LB , node subnet 생성
<2> public lb subnet 1개 추가 생성 후 NKS 생성됨 = 생성 성공
<3> NATGW추가
<4> 샘플 테라폼 코드 참고하세요
<1> LB , node subnet 생성
cd /root/terraform-provider-ncloud-main/examples/nks
[root@sssssss nks]# more *.tf
::::::::::::::
main.tf
::::::::::::::
# VPC > User scenario > Scenario 1. Single Public Subnet
# https://docs.ncloud.com/ko/networking/vpc/vpc_userscenario1.html
provider "ncloud" {
support_vpc = true
region = "KR"
access_key = var.access_key
secret_key = var.secret_key
}
resource "ncloud_vpc" "vpc" {
name = "vpc"
ipv4_cidr_block = "10.0.0.0/16"
}
resource "ncloud_subnet" "node_subnet" {
vpc_no = ncloud_vpc.vpc.id
subnet = "10.0.1.0/24"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc.default_network_acl_no
subnet_type = "PRIVATE"
name = "node-subnet"
usage_type = "GEN"
}
resource "ncloud_subnet" "lb_subnet" {
vpc_no = ncloud_vpc.vpc.id
subnet = "10.0.100.0/24"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc.default_network_acl_no
subnet_type = "PRIVATE"
name = "lb-subnet"
usage_type = "LOADB"
}
data "ncloud_nks_versions" "version" {
filter {
name = "value"
values = [var.nks_version]
regex = true
}
}
resource "ncloud_login_key" "loginkey" {
key_name = var.login_key
}
/*
resource "ncloud_nks_cluster" "cluster" {
cluster_type = "SVR.VNKS.STAND.C002.M008.NET.SSD.B050.G002"
k8s_version = data.ncloud_nks_versions.version.versions.0.value
login_key_name = ncloud_login_key.loginkey.key_name
name = "sample-cluster"
lb_private_subnet_no = ncloud_subnet.lb_subnet.id
kube_network_plugin = "cilium"
#subnet_no_list = [ ncloud_subnet.node_subnet.id ]
subnet_no_list = [ ncloud_subnet.node_subnet.id ]
vpc_no = ncloud_vpc.vpc.id
zone = "KR-1"
log {
audit = true
}
}
*/
data "ncloud_nks_server_images" "image"{
hypervisor_code = "XEN"
filter {
name = "label"
values = ["ubuntu-20.04"]
regex = true
}
}
data "ncloud_nks_server_products" "nks_products"{
software_code = data.ncloud_nks_server_images.image.images[0].value
zone = "KR-1"
filter {
name = "product_type"
values = [ "STAND"]
}
filter {
name = "cpu_count"
values = [ "2"]
}
filter {
name = "memory_size"
values = [ "8GB" ]
}
}
/*
resource "ncloud_nks_node_pool" "node_pool" {
cluster_uuid = ncloud_nks_cluster.cluster.uuid
node_pool_name = "pool1"
node_count = 1
software_code = data.ncloud_nks_server_images.image.images[0].value
product_code = data.ncloud_nks_server_products.nks_products.products[0].value
subnet_no_list = [ncloud_subnet.node_subnet.id]
autoscale {
enabled = true
min = 1
max = 2
}
label {
key = "foo"
value = "bar"
}
taint {
key = "foo"
value = "bar"
effect = "NoExecute"
}
}
*/
::::::::::::::
variables.tf
::::::::::::::
variable name {
default = "tf-nks"
}
variable nks_version {
default = "1.25"
}
variable client_ip {
default = "210.10.1.10"
}
variable access_key {
default = "NWGYugiGef"
}
variable secret_key {
default = "vouseD7CsnM5wY7as"
}
variable login_key {
default = "test"
}
::::::::::::::
versions.tf
::::::::::::::
terraform {
required_providers {
ncloud = {
source = "navercloudplatform/ncloud"
}
}
required_version = ">= 0.13"
}
[root@sssssss nks]#
참고
https://registry.terraform.io/providers/NaverCloudPlatform/ncloud/2.3.19/docs/resources/nks_cluster
Plan: 2 to add, 0 to change, 0 to destroy.
ncloud_nks_cluster.cluster: Creating...
╷
│ Error: Status: 400 Bad Request, Body: {"error":{"errorCode":400,"message":"Bad Request","details":"Require lbPublicSubnetNo"},"timestamp":"2024-01-04T13:44:40.804Z"}
│
│ with ncloud_nks_cluster.cluster,
│ on main.tf line 59, in resource "ncloud_nks_cluster" "cluster":
│ 59: resource "ncloud_nks_cluster" "cluster"
<2> public lb subnet 1개 추가 생성 후 NKS 생성됨 = 생성 성공
1
resource "ncloud_subnet" "lb_subnet2" {
vpc_no = ncloud_vpc.vpc.id
subnet = "10.0.102.0/24"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc.default_network_acl_no
subnet_type = "PUBLIC"
name = "lb-subnet2"
usage_type = "LOADB"
}
data "ncloud_nks_versions" "version" {
filter {
name = "value"
values = [var.nks_version]
regex = true
}
}
resource "ncloud_login_key" "loginkey" {
key_name = var.login_key
}
/*
resource "ncloud_nks_cluster" "cluster" {
cluster_type = "SVR.VNKS.STAND.C002.M008.NET.SSD.B050.G002"
k8s_version = data.ncloud_nks_versions.version.versions.0.value
login_key_name = ncloud_login_key.loginkey.key_name
name = "sample-cluster"
lb_private_subnet_no = ncloud_subnet.lb_subnet.id
lb_public_subnet_no = ncloud_subnet.lb_subnet2.id
kube_network_plugin = "cilium"
subnet_no_list = [ ncloud_subnet.node_subnet.id ]
vpc_no = ncloud_vpc.vpc.id
zone = "KR-1"
log {
audit = true
}
}
*/
resource "ncloud_nks_cluster" "cluster" {
cluster_type = "SVR.VNKS.STAND.C002.M008.NET.SSD.B050.G002"
k8s_version = data.ncloud_nks_versions.version.versions.0.value
login_key_name = ncloud_login_key.loginkey.key_name
name = "sample-cluster"
lb_private_subnet_no = ncloud_subnet.lb_subnet.id
lb_public_subnet_no = ncloud_subnet.lb_subnet2.id
kube_network_plugin = "cilium"
subnet_no_list = [ ncloud_subnet.node_subnet.id ]
vpc_no = ncloud_vpc.vpc.id
zone = "KR-1"
log {
audit = true
}
}
2
terraform init
terraform plan
terraform apply -auto-approve
약 35분 소요 됨.
클러스터 16분
노드 19분
3
생성 결과
sample-cluster 생성됨
서브넷 3개 생성됨
node 서브넷이 프라이빗으로 1개 생성됨
lb private 서브넷이 1개 생성됨
lb public 서브넷이 1개 생성됨
노드풀 2대
node 서버는 2대
<3> 네이버 클라우드 쿠버네티스 서비스 사용하기
1
ncp-iam-authenticator create-kubeconfig --region KR --clusterUuid b01xxxxxxxxxx --output kubeconfig.yaml
2
kubectl create deployment nginx-project --image=nginx --dry-run=client -o yaml --port=80 > nginx-deploy.yaml --kubeconfig kubeconfig.yaml
kubectl apply -f nginx-deploy.yaml --kubeconfig kubeconfig.yaml
kubectl get pods --kubeconfig kubeconfig.yaml
3
참고
https://brunch.co.kr/@topasvga/3183
4
[root@sssssss ~]# vi test.yaml
[root@sssssss ~]# k apply -f test.yaml
kubectl expose deployment deployment-2048 --port=80 --type=LoadBalancer --kubeconfig kubeconfig.yaml
5
pod들을 배포 했으나 NATGW가 없어서 서비스는 안된다.
NATGW 구축하고 프라이빗 서브넷을 NATGW로 라우팅을 추가하자.
<3> NATGW추가
https://brunch.co.kr/@topasvga/3599
<4> 샘플 테라폼 코드 참고하세요
네이버 클라우드 테라폼- 쿠버네티스 전체 다시 보기
https://brunch.co.kr/@topasvga/3597
