1-1. eksctl명령어로 EKS 설치

1. eks 구성도

2. 작업순서

0. VPC, Subnet 생성

1. 작업용 EC2 생성

2. eksctl create cluster 명령어로 eks 클러스터 생성

---

0. VPC, Subnet 생성

• 아래와 같이 VPC, Subnet, EC2 생성

 

1. 작업용 EC2 생성

• Public subnet에 EC2 생성

 

• IAM User 생성 및 AccessKey 발급, aws configure

1. IAM User생성

2. Permission 설정 (우선 administrator / 추후 AWS 관리형 Policy중 eksctl create cluster를 수행할 수 있는 것이 있는지 체크해보기)

3. Access Key 생성

4. 작업용으로 생성한 EC2 - aws configure 설정

# 자격 구성 설정 없이 확인
aws ec2 describe-instances

# IAM User 자격 구성 : 실습 편리를 위해 administrator 권한을 가진 IAM User 의 자격 증명 입력
aws configure
AWS Access Key ID [None]: AKIA5...
AWS Secret Access Key [None]: CVNa2...
Default region name [None]: ap-northeast-2
Default output format [None]: json

# 자격 구성 적용 확인 : 노드 IP 확인
aws ec2 describe-instances

# EKS 배포할 VPC 정보 확인
aws ec2 describe-vpcs --filters "Name=tag:Name,Values=$CLUSTER_NAME-VPC" | jq
aws ec2 describe-vpcs --filters "Name=tag:Name,Values=$CLUSTER_NAME-VPC" | jq Vpcs[]
aws ec2 describe-vpcs --filters "Name=tag:Name,Values=$CLUSTER_NAME-VPC" | jq Vpcs[].VpcId
aws ec2 describe-vpcs --filters "Name=tag:Name,Values=$CLUSTER_NAME-VPC" | jq -r .Vpcs[].VpcId

 

• AMI - amzn2-ami-hvm-x86_64-gp2

#!/bin/bash
hostnamectl --static set-hostname "${ClusterBaseName}-host"

# Config Root account
echo 'root:qwe123' | chpasswd
sed -i "s/^#PermitRootLogin yes/PermitRootLogin yes/g" /etc/ssh/sshd_config
sed -i "s/^PasswordAuthentication no/PasswordAuthentication yes/g" /etc/ssh/sshd_config
rm -rf /root/.ssh/authorized_keys
systemctl restart sshd

# Config convenience
echo 'alias vi=vim' >> /etc/profile
echo "sudo su -" >> /home/ec2-user/.bashrc
sed -i "s/UTC/Asia\/Seoul/g" /etc/sysconfig/clock
ln -sf /usr/share/zoneinfo/Asia/Seoul /etc/localtime

# Install Packages
yum -y install tree jq git htop

# Install kubectl & helm
cd /root
curl -O https://s3.us-west-2.amazonaws.com/amazon-eks/1.28.5/2024-01-04/bin/linux/amd64/kubectl
install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
curl -s https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash

# Install eksctl
curl -sL "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_Linux_amd64.tar.gz" | tar xz -C /tmp
mv /tmp/eksctl /usr/local/bin

# Install aws cli v2
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip >/dev/null 2>&1
./aws/install
complete -C '/usr/local/bin/aws_completer' aws
echo 'export AWS_PAGER=""' >>/etc/profile
export AWS_DEFAULT_REGION=${AWS::Region}
echo "export AWS_DEFAULT_REGION=$AWS_DEFAULT_REGION" >> /etc/profile

# Install YAML Highlighter
wget https://github.com/andreazorzetto/yh/releases/download/v0.4.0/yh-linux-amd64.zip
unzip yh-linux-amd64.zip
mv yh /usr/local/bin/

# Install krew
curl -L https://github.com/kubernetes-sigs/krew/releases/download/v0.4.4/krew-linux_amd64.tar.gz -o /root/krew-linux_amd64.tar.gz
tar zxvf krew-linux_amd64.tar.gz
./krew-linux_amd64 install krew
export PATH="$PATH:/root/.krew/bin"
echo 'export PATH="$PATH:/root/.krew/bin"' >> /etc/profile

# Install kube-ps1
echo 'source <(kubectl completion bash)' >> /etc/profile
echo 'alias k=kubectl' >> /etc/profile
echo 'complete -F __start_kubectl k' >> /etc/profile

git clone https://github.com/jonmosco/kube-ps1.git /root/kube-ps1
cat <<"EOT" >> /root/.bash_profile
source /root/kube-ps1/kube-ps1.sh
KUBE_PS1_SYMBOL_ENABLE=false
function get_cluster_short() {
  echo "$1" | cut -d . -f1
}
KUBE_PS1_CLUSTER_FUNCTION=get_cluster_short
KUBE_PS1_SUFFIX=') '
PS1='$(kube_ps1)'$PS1
EOT

# Install krew plugin
kubectl krew install ctx ns get-all neat # ktop df-pv mtail tree

# Install Docker
amazon-linux-extras install docker -y
systemctl start docker && systemctl enable docker

# CLUSTER_NAME
export CLUSTER_NAME=${ClusterBaseName}
echo "export CLUSTER_NAME=$CLUSTER_NAME" >> /etc/profile

# Create SSH Keypair
ssh-keygen -t rsa -N "" -f /root/.ssh/id_rsa

 

 

2. eksctl create cluster

• 환경 변수 설정

export AWS_DEFAULT_REGION=$(curl -s http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region)
export VPCID=$(aws ec2 describe-vpcs --filters "Name=tag:Name,Values=$CLUSTER_NAME-VPC" | jq -r .Vpcs[].VpcId)
export PubSubnet1=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="$CLUSTER_NAME-PublicSubnet1" --query "Subnets[0].[SubnetId]" --output text)
export PubSubnet2=$(aws ec2 describe-subnets --filters Name=tag:Name,Values="$CLUSTER_NAME-PublicSubnet2" --query "Subnets[0].[SubnetId]" --output text)

echo $AWS_DEFAULT_REGION
echo $CLUSTER_NAME
echo $VPCID
echo $PubSubnet1,$PubSubnet2

 

• eksctl create cluster 명령어

eksctl create cluster --name $CLUSTER_NAME --region=$AWS_DEFAULT_REGION --nodegroup-name=$CLUSTER_NAME-nodegroup --node-type=t3.medium \
--node-volume-size=30 --vpc-public-subnets "$PubSubnet1,$PubSubnet2" --version 1.28 --ssh-access --external-dns-access --verbose 4

 

boto3 - EKS.Client.create_cluster(**kwargs) [https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/eks/client/create_cluster.html]

eksctl create cluster 옵션 정리 (boto3관련 내용은 나중에 추가로 정리하기)

옵션	설명
--name	EKS 클러스터의 이름 [boto3] EKS.Client.create_cluster(name=" $CLUSTER_NAME") ex)   --name $CLUSTER_NAME
--region	EKS 클러스터의 AWS Region [boto3] EKS.Client 생성시 region 설정 ex)  --region=$AWS_DEFAULT_REGION
--nodegroup-name	EKS 노드 그룹의 이름 [boto3] EKS.Client.create_cluster(outpostConfig={'controlPlanePlacement': { 'groupName': 'groupName'} }) ex)  --nodegroup-name=$CLUSTER_NAME-nodegroup
--node-type	EKS 노드 그룹의 EC2 인스턴스 유형 ex)  --node-type=t3.medium
--node-volume-size	EKS 노드 그룹의 EBS 볼륨 크기 (GiB) ex)  --node-volume-size=30
--vpc-public-subnets	EKS 클러스터의 Public 서브넷 ex)  --vpc-public-subnets "$PubSubnet1,$PubSubnet2"
--version	EKS 클러스터의 Kubernetes 버전 ex)  --version 1.28
--ssh-access	EKS 노드에 대한 SSH 액세스 활성화 ex)  --ssh-access
--external-dns-access	외부 DNS 액세스 활성화 ex)  --external-dns-access
--verbose 4	명령어의 상세 수준을 4로 설정 ex)  --verbose 4