Amazon EKS의 ALB Ingress Controller 배포

4210 단어 ekskubernetesAWS
EKS의 Ingress 자습서

정책 문서 다운로드


curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/iam-policy.json

정책 생성


aws iam create-policy \
--policy-name ALBIngressControllerIAMPolicy \
--policy-document file://iam-policy.json

작업자 노드에 대한 IAM 정책 만들기


kubectl -n kube-system describe configmap aws-auth

출력 결과
Name:         aws-auth
Namespace:    kube-system
Labels:       <none>
Annotations:  <none>

Data
====
mapRoles:
----
- groups:
  - system:bootstrappers
  - system:nodes
  rolearn: arn:aws:iam::241161305159:role/eksctl-aaa-nodegroup-standard-wor-NodeInstanceRole-16F3YCW1WRZHL
  username: system:node:{{EC2PrivateDNSName}}

mapUsers:
----
[]

Events:  <none>

정책 연결


aws iam attach-role-policy \
--policy-arn arn:aws:iam::241161305159:policy/ALBIngressControllerIAMPolicy \
--role-name eksctl-aaa-nodegroup-standard-wor-NodeInstanceRole-16F3YCW1WRZHL

ALB Ingress Controller에서 사용할 서비스 계정, 클러스터 역할 등 만들기


kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/rbac-role.yaml

출력 결과
ocs/examples/rbac-role.yaml
clusterrole.rbac.authorization.k8s.io/alb-ingress-controller created
clusterrolebinding.rbac.authorization.k8s.io/alb-ingress-controller created
serviceaccount/alb-ingress-controller created

ALB Ingress Controller 배포


kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/alb-ingress-controller.yaml

출력 결과
ocs/examples/alb-ingress-controller.yaml
deployment.apps/alb-ingress-controller created

매니페스트 편집


kubectl edit deployment.apps/alb-ingress-controller -n kube-system

다음 편집
    spec:
      containers:
      - args:
        - --ingress-class=alb
        - --cluster-name=aaa
        - --aws-vpc-id=vpc-0fd48cbe5ca3fc533
        - --aws-region=us-east-2

샘플 애플리케이션 배포


kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-namespace.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-deployment.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-service.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-ingress.yaml

배포 확인


kubectl get ingress/2048-ingress -n 2048-game

출력 결과
NAME           HOSTS   ADDRESS                                                                 PORTS   AGE
2048-ingress   *       f007732d-2048game-2048ingr-6fa0-419251603.us-east-2.elb.amazonaws.com   80      117s

애플리케이션 화면



애플리케이션 삭제


kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-ingress.yaml
kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-service.yaml
kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-deployment.yaml
kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-alb-ingress-controller/v1.1.2/docs/examples/2048/2048-namespace.yaml

감상



힘들다. 모르는・・

좋은 웹페이지 즐겨찾기