eksctl을 사용하여 Amazon-EKS 시작
7501 단어 Windows10ekskubernetes
전제
EKS 튜토리얼
막상 항상
Chocolatey 설치
@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"
eksctl 설치
chocolatey install -y eksctl aws-iam-authenticator
설치 확인
eksctl version
Cluster 배포
eksctl create cluster --name prod --version 1.13 --nodegroup-name standard-workers --node-type t3.medium --nodes 3 --nodes-min 1 --nodes-max 4 --node-ami auto
내부적으로 CloudFormation이 실행되는 것 같습니다.
kubectl이 설치되지 않은 것 같습니다.
kubectl 설치
Path를 통과하지 않아도 되도록 C:\WINDOWS\system32
C:\WINDOWS\system32>curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.15.0/bin/windows/amd64/kubectl.exe
서비스를 보면 Kubernetes라는 서비스가 올라갑니다.
C:\WINDOWS\system32>kubectl.exe get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 10m
대시보드용 yaml 파일 배포
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
컨테이너 자원의 모니터링 등을 담당해주는 것 같은 heapster를 배포
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/heapster.yaml
serviceaccount/heapster created
deployment.extensions/heapster created
service/heapster created
heapster 백엔드 데이터베이스 인 influxdb 배포
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/influxdb.yaml
deployment.extensions/monitoring-influxdb created
service/monitoring-influxdb created
대시보드 힙스터 클러스터 롤 바인딩
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/rbac/heapster-rbac.yaml
clusterrolebinding.rbac.authorization.k8s.io/heapster created
대시보드에 액세스할 수 있도록 서비스 계정 만들기
eks-admin-service-account.yamlapiVersion: v1
kind: ServiceAccount
metadata:
name: eks-admin
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: eks-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: eks-admin
namespace: kube-system
위에서 만든 yaml 파일을 배포
C:\WINDOWS\system32>kubectl apply -f c:\Users\yuta\Downloads\eks-admin-service-account.yaml
serviceaccount/eks-admin created
clusterrolebinding.rbac.authorization.k8s.io/eks-admin created
Token 받기
C:\WINDOWS\system32>kubectl -n kube-system describe secret eks-admin-token-62ksw
Name: eks-admin-token-62ksw
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: eks-admin
kubernetes.io/service-account.uid: cb651adb-cd4b-11e9-b3a3-06c60c4db86a
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJla3MtYWRtaW4tdG9rZW4tNjJrc3ciLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZWtzLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiY2I2NTFhZGItY2Q0Yi0xMWU5LWIzYTMtMDZjNjBjNGRiODZhIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmVrcy1hZG1pbiJ9.knete3qk-RkMIOVeYBtCD1fFxO1uNN2-42CGpRoapeTOBZM3zHmHF6Q1D_NovuALCeRFKaJJpHIiGsoq16iwNfGToUvKfoQPMHcqeMTQ33YUh4iScmbq7XjBIh5wN-Vf6jUzJ9bJhUZ2hNxCVcvjUcRu2JU02phwddusg_nrd3CsPFu3mhuD7HuaYo8ZC66kKBalhe3q4ceWOURjp59ak2b81NR6fjazatv_Y-VQkh57LRouqEbdlb7lWN2tgLpiSzXZYBJkcH3t2qzfsiOGlg4lcuh2_JyJO2byGezzGStfz2ZS7GbJWGgg9VPQ9zM_adMI78kIqiyjV63vakck-Q
대시보드 컨테이너에 연결 가능(콘솔에 두십시오)
C:\WINDOWS\system32>kubectl proxy
Starting to serve on 127.0.0.1:8001
대시보드 액세스
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login
위의 명령으로 얻은 Token을 입력하고 サインイン
로그인할 수 있음
EC2를 살펴보면
3개의 AZ로 나뉘어 t3.medium의 Node가 배포되고 있다. 과연.
@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"
chocolatey install -y eksctl aws-iam-authenticator
eksctl version
eksctl create cluster --name prod --version 1.13 --nodegroup-name standard-workers --node-type t3.medium --nodes 3 --nodes-min 1 --nodes-max 4 --node-ami auto
C:\WINDOWS\system32>curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.15.0/bin/windows/amd64/kubectl.exe
C:\WINDOWS\system32>kubectl.exe get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 10m
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/heapster.yaml
serviceaccount/heapster created
deployment.extensions/heapster created
service/heapster created
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/influxdb.yaml
deployment.extensions/monitoring-influxdb created
service/monitoring-influxdb created
C:\WINDOWS\system32>kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/rbac/heapster-rbac.yaml
clusterrolebinding.rbac.authorization.k8s.io/heapster created
apiVersion: v1
kind: ServiceAccount
metadata:
name: eks-admin
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: eks-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: eks-admin
namespace: kube-system
C:\WINDOWS\system32>kubectl apply -f c:\Users\yuta\Downloads\eks-admin-service-account.yaml
serviceaccount/eks-admin created
clusterrolebinding.rbac.authorization.k8s.io/eks-admin created
C:\WINDOWS\system32>kubectl -n kube-system describe secret eks-admin-token-62ksw
Name: eks-admin-token-62ksw
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: eks-admin
kubernetes.io/service-account.uid: cb651adb-cd4b-11e9-b3a3-06c60c4db86a
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJla3MtYWRtaW4tdG9rZW4tNjJrc3ciLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZWtzLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiY2I2NTFhZGItY2Q0Yi0xMWU5LWIzYTMtMDZjNjBjNGRiODZhIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmVrcy1hZG1pbiJ9.knete3qk-RkMIOVeYBtCD1fFxO1uNN2-42CGpRoapeTOBZM3zHmHF6Q1D_NovuALCeRFKaJJpHIiGsoq16iwNfGToUvKfoQPMHcqeMTQ33YUh4iScmbq7XjBIh5wN-Vf6jUzJ9bJhUZ2hNxCVcvjUcRu2JU02phwddusg_nrd3CsPFu3mhuD7HuaYo8ZC66kKBalhe3q4ceWOURjp59ak2b81NR6fjazatv_Y-VQkh57LRouqEbdlb7lWN2tgLpiSzXZYBJkcH3t2qzfsiOGlg4lcuh2_JyJO2byGezzGStfz2ZS7GbJWGgg9VPQ9zM_adMI78kIqiyjV63vakck-Q
C:\WINDOWS\system32>kubectl proxy
Starting to serve on 127.0.0.1:8001
Reference
이 문제에 관하여(eksctl을 사용하여 Amazon-EKS 시작), 우리는 이곳에서 더 많은 자료를 발견하고 링크를 클릭하여 보았다 https://qiita.com/yuta_vamdemic/items/41dbdf19480ba9071074텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
우수한 개발자 콘텐츠 발견에 전념 (Collection and Share based on the CC Protocol.)