NCP 22탄-3. 테라폼-2024-08
테라폼으로 네트워크 만들자.
테라폼으로 네이버 클라우드 쿠버네티스 생성하자.
환경 세팅하고 테라폼 기초부터 시작한다.
<0> 테라폼으로 생성하려는 네트워크 구성도 , 환경 세팅
<1> VPC , Pub1-IP입력
<2> VPC , Pub1, Pri1, pri-db1, pub-nat1, pub-lb1, pri-lb1-IP입력
<3> VPC , Pub1- 변수처리
<4> VPC , Pub1, Pri1, pri-db1, pub-nat1, pub-lb1, pri-lb1- 변수처리
<5> NAT 생성
<6> 쿠버네티스 생성
<7> 게임 1개 올리기
<0> 테라폼으로 생성하려는 네트워크 구성도 , 환경 세팅
PPT 첨부
0
참고
https://brunch.co.kr/@topasvga/3956
1
콘솔로 public subnet에 명령서버 1대 만든다.
2
환경 세팅
아래 참고 해서 명령서버 1대 만든다. (<3> 개발자 명령서버 만들기)
https://brunch.co.kr/@topasvga/3974
3
# 테라폼 소스 다운로드 - 참고한 소스
cd
wget https://github.com/NaverCloudPlatform/terraform-provider-ncloud/archive/refs/heads/master.zip
unzip master.zip
cd /root/terraform-provider-ncloud-main/examples
<2> VPC , Pub1-IP입력
우선, 테라폼으로 VPC 1개와 Public 서브넷 1개 만들어보자.
1
VPC 나 서브넷은 이름이 같으면 안 된다.
예)
VPC가 같은 이름이면 오류가 난다.
pub1 등 서브넷이 같은 이름이면 오류가 난다.
"returnMessage": "Cannot create with duplicate VPC name."
2
cd /root/terraform-provider-ncloud-main/examples/vpc/scenario01
[root@s22222 scenario01]# cd 1
# 파일은 3개
[root@s22222 1]# ls *.tf
main.tf variables.tf versions.tf
# 파일 내용
[root@s22222 1]# more *.tf
::::::::::::::
main.tf
::::::::::::::
# VPC > User scenario > Scenario 1. Single Public Subnet
# https://docs.ncloud.com/ko/networking/vpc/vpc_userscenario1.html
provider "ncloud" {
support_vpc = true
region = "KR"
access_key = var.access_key
secret_key = var.secret_key
}
resource "ncloud_login_key" "key_scn_01" {
key_name = var.name_vpc
}
resource "ncloud_vpc" "vpc_vpc" {
name = var.name_vpc
ipv4_cidr_block = "10.0.0.0/21"
}
resource "ncloud_subnet" "subnet_pub1" {
name = var.name_pub1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = "10.0.2.0/24"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
// PUBLIC(Public) | PRIVATE(Private)
}
::::::::::::::
variables.tf
::::::::::::::
variable name_vpc {
default = "agame-dev-vpc"
}
variable name_pub1 {
default = "agame-dev-pub1"
}
variable client_ip {
default = "3.3.3.3"
}
variable access_key {
default = "ncp_iam_BPAMKR5XsAr52VzPluqr"
}
variable secret_key {
default = "ncp_iam_BPKMKR1DwyNq8NImKqZpe759MRZ3F6aeKD"
}
::::::::::::::
versions.tf
::::::::::::::
terraform {
required_providers {
ncloud = {
source = "navercloudplatform/ncloud"
}
}
required_version = ">= 0.13"
}
[root@s22222 1]#
4
테라폼으로 네이버 클라우드 네트워크를 생성해 보자
아래 3 과정을 거친다.
terraform init
terraform plan
terraform apply -auto-approve
# 삭제는 아래 - 나중에 다 사용하고는 삭제하자.
terraform destroy --auto-approve
<2> VPC , Pub1, Pri1, pri-db1, pub-nat1, pub-lb1, pri-lb1-IP입력
네이버 클라우드 쿠버네티스에 맞는 서브넷을 만들어보자~
https://brunch.co.kr/@topasvga/3956
root@s22222 2]# clear
[root@s22222 2]# ls *. tf
main.tf variables.tf versions.tf
[root@s22222 2]# more *. tf
::::::::::::::
main.tf
::::::::::::::
# VPC > User scenario > Scenario 1. Single Public Subnet
# https://docs.ncloud.com/ko/networking/vpc/vpc_userscenario1.html
provider "ncloud" {
support_vpc = true
region = "KR"
access_key = var.access_key
secret_key = var.secret_key
}
resource "ncloud_login_key" "key_scn_01" {
key_name = var.name_scn01
}
resource "ncloud_vpc" "vpc_scn_01" {
name = var.name_scn01
ipv4_cidr_block = "10.0.0.0/21"
}
resource "ncloud_subnet" "subnet_pri1" {
name = var.name_pri1
vpc_no = ncloud_vpc.vpc_scn_01.id
subnet = "10.0.0.0/23"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_scn_01.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub1" {
name = var.name_pub1
vpc_no = ncloud_vpc.vpc_scn_01.id
subnet = "10.0.2.0/24"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_scn_01.default_network_acl_no
subnet_type = "PUBLIC"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pri-db1" {
name = var.name_pri-db1
vpc_no = ncloud_vpc.vpc_scn_01.id
subnet = "10.0.3.0/24"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_scn_01.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub-nat1" {
name = var.name_pub-nat1
vpc_no = ncloud_vpc.vpc_scn_01.id
subnet = "10.0.4.0/24"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_scn_01.default_network_acl_no
subnet_type = "PUBLIC"
usage_type = "NATGW"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub-lb1" {
name = var.name_pub-lb1
vpc_no = ncloud_vpc.vpc_scn_01.id
subnet = "10.0.5.0/24"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_scn_01.default_network_acl_no
subnet_type = "PUBLIC"
usage_type = "LOADB"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pri-lb1" {
name = var.name_pri-lb1
vpc_no = ncloud_vpc.vpc_scn_01.id
subnet = "10.0.6.0/24"
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_scn_01.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
usage_type = "LOADB"
}
::::::::::::::
variables.tf
::::::::::::::
variable name_scn01 {
default = "agame-dev-vpc"
}
variable name_pri1 {
default = "agame-dev-pri1"
}
variable name_pub1 {
default = "agame-dev-pub1"
}
variable name_pri-db1 {
default = "agame-dev-pri-db1"
}
variable name_pub-nat1 {
default = "agame-dev-pub-nat1"
}
variable name_pub-lb1 {
default = "agame-dev-pub-lb1"
}
variable name_pri-lb1 {
default = "agame-dev-pri-lb1"
}
variable client_ip {
default = "3.3.3.3"
}
variable access_key {
default = "ncp_iam_BPAMKR5XsAr52VzPluqr"
}
variable secret_key {
default = "ncp_iam_BPKMKR1DwyNq8NImKqZpe759MRZ3F6aeKD"
}
::::::::::::::
versions.tf
::::::::::::::
terraform {
required_providers {
ncloud = {
source = "navercloudplatform/ncloud"
}
}
required_version = ">= 0.13"
}
[root@s22222 2]#
<3> VPC , Pub1- 변수처리
이번엔 vpc와 퍼블릭 서브넷 1개를 변수처리해 만들어보자.
매번 ip를 넣기 보다, 변수로 처리하면 실수를 줄일수 있다.
1
cd /root/terraform-provider-ncloud-main/examples/vpc/scenario01
2
[root@s22222 scenario01]# cd 3
[root@s22222 3]# ls *.tf
main.tf variables.tf versions.tf
3
변수 처리하는데 서브넷 계산법을 알아야 한다.
cidrsubnet(prefix, newbits, netnum) 계산법?
cidrsubnet(prefix, newbits, netnum)
prefix ending in /16 and a newbits value of 4, the resulting subnet address will have length /20.
1)
ipv4_cidr_block = "10.0.0.0/16"
subnet = cidrsubnet(ncloud_vpc.vpc_scn_01.ipv4_cidr_block, 8, 1)
/16에 8을 더해 24비트로 결과가 나온다.
1로 시작한다.
10.0.1.0/24
16+8 = 24
1로 시작
2)
/21
21 3 2
21+3 = 24
2로 시작
10.0.2.0 /24 로 만들어짐
4
[root@s22222 3]# more *.tf
::::::::::::::
main.tf
::::::::::::::
# VPC > User scenario > Scenario 1. Single Public Subnet
# https://docs.ncloud.com/ko/networking/vpc/vpc_userscenario1.html
provider "ncloud" {
support_vpc = true
region = "KR"
access_key = var.access_key
secret_key = var.secret_key
}
resource "ncloud_login_key" "key_scn_01" {
key_name = var.name_vpc
}
resource "ncloud_vpc" "vpc_vpc" {
name = var.name_vpc
ipv4_cidr_block = "10.0.0.0/21"
}
resource "ncloud_subnet" "subnet_pub1" {
name = var.name_pub1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 2)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
// PUBLIC(Public) | PRIVATE(Private)
}
::::::::::::::
variables.tf
::::::::::::::
variable name_vpc {
default = "agame-dev-vpc"
}
variable name_pub1 {
default = "agame-dev-pub1"
}
variable client_ip {
default = "3.3.3.3"
}
variable access_key {
default = "ncp_iam_BPAMKR5XsAr52VzPluqr"
}
variable secret_key {
default = "ncp_iam_BPKMKR1DwyNq8NImKqZpe759MRZ3F6aeKD"
}
::::::::::::::
versions.tf
::::::::::::::
terraform {
required_providers {
ncloud = {
source = "navercloudplatform/ncloud"
}
}
required_version = ">= 0.13"
}
[root@s22222 3]#
<4> VPC , Pub1, Pri1, pri-db1,pub-nat1,pub-lb1,pri-lb1- 변수처리
변수처리로 서브넷 등을 만들어보자.
cd /root/terraform-provider-ncloud-main/examples/vpc/scenario01
[root@s22222 4]# ls *.tf
main.tf variables.tf versions.tf
[root@s22222 4]# more *.tf
::::::::::::::
main.tf
::::::::::::::
# VPC > User scenario > Scenario 1. Single Public Subnet
# https://docs.ncloud.com/ko/networking/vpc/vpc_userscenario1.html
provider "ncloud" {
support_vpc = true
region = "KR"
access_key = var.access_key
secret_key = var.secret_key
}
resource "ncloud_login_key" "key_vpc" {
key_name = var.name_vpc
}
resource "ncloud_vpc" "vpc_vpc" {
name = var.name_vpc
ipv4_cidr_block = "10.0.0.0/21"
}
resource "ncloud_subnet" "subnet_pri1" {
name = var.name_pri1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,2 ,0 )
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub1" {
name = var.name_pub1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 2)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pri-db1" {
name = var.name_pri-db1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 3)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub-nat1" {
name = var.name_pub-nat1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 4)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
usage_type = "NATGW"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub-lb1" {
name = var.name_pub-lb1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 5)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
usage_type = "LOADB"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pri-lb1" {
name = var.name_pri-lb1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 6)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
usage_type = "LOADB"
}
::::::::::::::
variables.tf
::::::::::::::
variable name_vpc {
default = "agame-dev-vpc"
}
variable name_pri1 {
default = "agame-dev-pri1"
}
variable name_pub1 {
default = "agame-dev-pub1"
}
variable name_pri-db1 {
default = "agame-dev-pri-db1"
}
variable name_pub-nat1 {
default = "agame-dev-pub-nat1"
}
variable name_pub-lb1 {
default = "agame-dev-pub-lb1"
}
variable name_pri-lb1 {
default = "agame-dev-pri-lb1"
}
variable client_ip {
default = "3.3.3.3"
}
variable access_key {
default = "ncp_iam_BPAMKR5XsAr52VzPluqr"
}
variable secret_key {
default = "ncp_iam_BPKMKR1DwyNq8NImKqZpe759MRZ3F6aeKD"
}
::::::::::::::
versions.tf
::::::::::::::
terraform {
required_providers {
ncloud = {
source = "navercloudplatform/ncloud"
}
}
required_version = ">= 0.13"
}
[root@s22222 4]#
<5> NAT 생성
[root@s22222 5]# ls *.tf
main.tf nat1.tf variables.tf versions.tf
[root@s22222 5]#
[root@s22222 5]#
[root@s22222 5]# more *.tf
::::::::::::::
main.tf
::::::::::::::
# VPC > User scenario > Scenario 1. Single Public Subnet
# https://docs.ncloud.com/ko/networking/vpc/vpc_userscenario1.html
provider "ncloud" {
support_vpc = true
region = "KR"
access_key = var.access_key
secret_key = var.secret_key
}
resource "ncloud_login_key" "key_vpc" {
key_name = var.name_vpc
}
resource "ncloud_vpc" "vpc_vpc" {
name = var.name_vpc
ipv4_cidr_block = "10.0.0.0/21"
}
resource "ncloud_subnet" "subnet_pri1" {
name = var.name_pri1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,2 ,0 )
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub1" {
name = var.name_pub1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 2)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pri-db1" {
name = var.name_pri-db1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 3)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub-nat1" {
name = var.name_pub-nat1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 4)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
usage_type = "NATGW"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub-lb1" {
name = var.name_pub-lb1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 5)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
usage_type = "LOADB"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pri-lb1" {
name = var.name_pri-lb1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 6)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
usage_type = "LOADB"
}
::::::::::::::
nat1.tf
::::::::::::::
# NAT Gateway
resource "ncloud_nat_gateway" "nat_gateway_scn_02" {
vpc_no = ncloud_vpc.vpc_vpc.id
subnet_no = ncloud_subnet.subnet_pub-nat1.id
zone = "KR-1"
name = var.name_pub-nat1
}
# Route Table
resource "ncloud_route" "route_scn_02_nat" {
route_table_no = ncloud_vpc.vpc_vpc.default_private_route_table_no
destination_cidr_block = "0.0.0.0/0"
target_type = "NATGW"
// NATGW (NAT Gateway) | VPCPEERING (VPC Peering) | VGW (Virtual Private Gateway).
target_name = ncloud_nat_gateway.nat_gateway_scn_02.name
target_no = ncloud_nat_gateway.nat_gateway_scn_02.id
}
::::::::::::::
variables.tf
::::::::::::::
variable name_vpc {
default = "agame-dev-vpc"
}
variable name_pri1 {
default = "agame-dev-pri1"
}
variable name_pub1 {
default = "agame-dev-pub1"
}
variable name_pri-db1 {
default = "agame-dev-pri-db1"
}
variable name_pub-nat1 {
default = "agame-dev-pub-nat1"
}
variable name_pub-lb1 {
default = "agame-dev-pub-lb1"
}
variable name_pri-lb1 {
default = "agame-dev-pri-lb1"
}
variable client_ip {
default = "3.3.3.3"
}
variable access_key {
default = "ncp_iam_BPAMKR5XsAr52VzPluqr"
}
variable secret_key {
default = "ncp_iam_BPKMKR1DwyNq8NImKqZpe759MRZ3F6aeKD"
}
variable nks_version {
default = "1.28"
}
variable name_scn_02 {
default = "tf-scn02"
}
::::::::::::::
versions.tf
::::::::::::::
terraform {
required_providers {
ncloud = {
source = "navercloudplatform/ncloud"
}
}
required_version = ">= 0.13"
}
[root@s22222 5]#
<6> 쿠버네티스 생성
1
명령서버에 로그인하기
2
[root@s22222 6]# ls *.tf
main.tf
nat1.tf
nks.tf
variables.tf
versions.tf
[root@s22222 6]# more *.tf
::::::::::::::
main.tf
::::::::::::::
# VPC > User scenario > Scenario 1. Single Public Subnet
# https://docs.ncloud.com/ko/networking/vpc/vpc_userscenario1.html
provider "ncloud" {
support_vpc = true
region = "KR"
access_key = var.access_key
secret_key = var.secret_key
}
resource "ncloud_login_key" "key_vpc" {
key_name = var.name_vpc
}
resource "ncloud_vpc" "vpc_vpc" {
name = var.name_vpc
ipv4_cidr_block = "10.0.0.0/21"
}
resource "ncloud_subnet" "subnet_pri1" {
name = var.name_pri1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,2 ,0 )
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub1" {
name = var.name_pub1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 2)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pri-db1" {
name = var.name_pri-db1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 3)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub-nat1" {
name = var.name_pub-nat1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 4)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
usage_type = "NATGW"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pub-lb1" {
name = var.name_pub-lb1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 5)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PUBLIC"
usage_type = "LOADB"
// PUBLIC(Public) | PRIVATE(Private)
}
resource "ncloud_subnet" "subnet_pri-lb1" {
name = var.name_pri-lb1
vpc_no = ncloud_vpc.vpc_vpc.id
subnet = cidrsubnet(ncloud_vpc.vpc_vpc.ipv4_cidr_block,3 , 6)
zone = "KR-1"
network_acl_no = ncloud_vpc.vpc_vpc.default_network_acl_no
subnet_type = "PRIVATE"
// PUBLIC(Public) | PRIVATE(Private)
usage_type = "LOADB"
}
::::::::::::::
nat1.tf
::::::::::::::
# NAT Gateway
resource "ncloud_nat_gateway" "nat_gateway_scn_02" {
vpc_no = ncloud_vpc.vpc_vpc.id
subnet_no = ncloud_subnet.subnet_pub-nat1.id
zone = "KR-1"
name = var.name_pub-nat1
}
# Route Table
resource "ncloud_route" "route_scn_02_nat" {
route_table_no = ncloud_vpc.vpc_vpc.default_private_route_table_no
destination_cidr_block = "0.0.0.0/0"
target_type = "NATGW"
// NATGW (NAT Gateway) | VPCPEERING (VPC Peering) | VGW (Virtual Private Gateway).
target_name = ncloud_nat_gateway.nat_gateway_scn_02.name
target_no = ncloud_nat_gateway.nat_gateway_scn_02.id
}
::::::::::::::
nks.tf
::::::::::::::
resource "ncloud_nks_cluster" "cluster" {
cluster_type = "SVR.VNKS.STAND.C002.M008.NET.SSD.B050.G002"
k8s_version = data.ncloud_nks_versions.version.versions.0.value
login_key_name = ncloud_login_key.loginkey.key_name
name = "sample-cluster"
lb_private_subnet_no = ncloud_subnet.subnet_pri-lb1.id
lb_public_subnet_no = ncloud_subnet.subnet_pub-lb1.id
kube_network_plugin = "cilium"
subnet_no_list = [ ncloud_subnet.subnet_pri1.id ]
vpc_no = ncloud_vpc.vpc_vpc.id
zone = "KR-1"
log {
audit = true
}
}
data "ncloud_nks_server_images" "image"{
hypervisor_code = "XEN"
filter {
name = "label"
values = ["ubuntu-20.04"]
regex = true
}
}
data "ncloud_nks_server_products" "nks_products"{
software_code = data.ncloud_nks_server_images.image.images[0].value
zone = "KR-1"
filter {
name = "product_type"
values = [ "STAND"]
}
filter {
name = "cpu_count"
values = [ "2"]
}
filter {
name = "memory_size"
values = [ "8GB" ]
}
}
resource "ncloud_nks_node_pool" "node_pool" {
cluster_uuid = ncloud_nks_cluster.cluster.uuid
node_pool_name = "pool1"
node_count = 1
software_code = data.ncloud_nks_server_images.image.images[0].value
product_code = data.ncloud_nks_server_products.nks_products.products[0].value
subnet_no_list = [ncloud_subnet.subnet_pri1.id]
autoscale {
enabled = true
min = 1
max = 2
}
}
data "ncloud_nks_versions" "version" {
filter {
name = "value"
values = [var.nks_version]
regex = true
}
}
resource "ncloud_login_key" "loginkey" {
key_name = var.login_key
}
::::::::::::::
variables.tf
::::::::::::::
variable name_vpc {
default = "agame-dev-vpc"
}
variable name_pri1 {
default = "agame-dev-pri1"
}
variable name_pub1 {
default = "agame-dev-pub1"
}
variable name_pri-db1 {
default = "agame-dev-pri-db1"
}
variable name_pub-nat1 {
default = "agame-dev-pub-nat1"
}
variable name_pub-lb1 {
default = "agame-dev-pub-lb1"
}
variable name_pri-lb1 {
default = "agame-dev-pri-lb1"
}
variable client_ip {
default = "3.3.3.3"
}
variable access_key {
default = "ncp_iam_BPAMKR5XsAr52VzPluqr"
}
variable secret_key {
default = "ncp_iam_BPKMKR1DwyNq8NImKqZpe759MRZ3F6aeKD"
}
variable nks_version {
default = "1.28"
}
variable name_scn_02 {
default = "tf-scn02"
}
variable login_key {
default = "agame-k8s12"
}
::::::::::::::
versions.tf
::::::::::::::
terraform {
required_providers {
ncloud = {
source = "navercloudplatform/ncloud"
}
}
required_version = ">= 0.13"
}
[root@s22222 6]#
3
cd /root/terraform-provider-ncloud-main/examples/vpc/scenario01
cd /root/terraform-provider-ncloud-main/examples/vpc/scenario01/6
terraform init
terraform plan
terraform apply -auto-approve
35분 걸림
ncloud_nks_cluster.cluster: Still creating... [16m0s elapsed]
ncloud_nks_cluster.cluster: Creation complete after 16m6s [id=de045da1-80df-4604-bcb1-aa7a378a5b34]
ncloud_nks_node_pool.node_pool: Creating...
ncloud_nks_node_pool.node_pool: Still creating... [10s elapsed]
ncloud_nks_node_pool.node_pool: Still creating... [20s elapsed]
ncloud_nks_node_pool.node_pool: Still creating... [30s elapsed]
:
ncloud_nks_node_pool.node_pool: Still creating... [18m10s elapsed]
ncloud_nks_node_pool.node_pool: Still creating... [18m20s elapsed]
ncloud_nks_node_pool.node_pool: Still creating... [18m30s elapsed]
ncloud_nks_node_pool.node_pool: Still creating... [18m40s elapsed]
ncloud_nks_node_pool.node_pool: Still creating... [18m50s elapsed]
ncloud_nks_node_pool.node_pool: Still creating... [19m0s elapsed]
ncloud_nks_node_pool.node_pool: Creation complete after 19m4s [id=de045da1-80df-4604-bcb1-aa7a378a5b34:pool1]
Apply complete! Resources: 13 added, 0 changed, 0 destroyed.
[root@s22222 6]#
4
5
nks에서 uuid 확인하기
6
iam 인증 하기
cd
ncp-iam-authenticator create-kubeconfig --region KR --clusterUuid b01xxxxxxxxxx --output kubeconfig.yaml
ncp-iam-authenticator create-kubeconfig --region KR --clusterUuid de045da1-80df-4604-bcb1-aa7a378a5b34 --output kubeconfig.yaml
7
터미널 하나 더에서 모니터링하기
kw
<7> 게임 1개 올리기
1
cat <<EOF | k create -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: deployment-2048
spec:
selector:
matchLabels:
app.kubernetes.io/name: app-2048
replicas: 2
template:
metadata:
labels:
app.kubernetes.io/name: app-2048
spec:
containers:
- image: alexwhen/docker-2048
name: app-2048
ports:
- containerPort: 80
EOF
k expose deployment deployment-2048 --port=80 --type=LoadBalancer
2
게임하기
3
NKS 생성 완료
node pool
2개
woker node
terraform destroy --auto-approve
4
참고
cd
wget https://github.com/NaverCloudPlatform/terraform-provider-ncloud/archive/refs/heads/master.zip
unzip master.zip
만들어진 NACL
다음 - FAQ , 질문 답변
https://brunch.co.kr/@topasvga/3948
모음
https://brunch.co.kr/@topasvga/3982
감사합니다.
