EKS

kubectl create ns app
Shell
복사

private_a=$(aws ec2 describe-subnets --filters "Name=tag:Name,Values=skills-app-subnet-a" --query "Subnets[].SubnetId[]" --output text)
private_b=$(aws ec2 describe-subnets --filters "Name=tag:Name,Values=skills-app-subnet-b" --query "Subnets[].SubnetId[]" --output text)

private_subnet_name=("$private_a" "$private_b")

for name in "${private_subnet_name[@]}"
do
    aws ec2 create-tags --resources $name --tags Key=kubernetes.io/role/internal-elb,Value=1
done
Shell
복사

helm repo add eks https://aws.github.io/eks-charts
helm repo update eks
helm install aws-load-balancer-controller eks/aws-load-balancer-controller \
  -n kube-system \
  --set clusterName=skills-eks-cluster \
  --set serviceAccount.create=false \
  --set serviceAccount.name=aws-load-balancer-controller
Shell
복사

apiVersion: apps/v1
kind: Deployment
metadata:
  name: skills-deployment
  namespace: app
  labels:
    app: skills-app
spec:
  replicas: 4
  selector:
    matchLabels:
      app: skills-app
  template:
    metadata:
      labels:
        app: skills-app
    spec:
      containers:
      - name: skills-app
        image: 362708816803.dkr.ecr.ap-northeast-2.amazonaws.com/skills-repo:latest
        env:
          - name: DB_USER
            value: "admin"
          - name: DB_PASSWORD
            value: "Skill53##"
          - name: DB_HOST
            value: "vpce-0ca7f50f2c7702966-mxg9ki3r.vpce-svc-022ca8cc2dc3854b5.ap-northeast-2.vpce.amazonaws.com"
          - name: DB_PORT
            value: "3306"
          - name: DB_NAME
            value: "skills"
        imagePullPolicy: Always
        ports:
        - containerPort: 8080
YAML
복사

kubectl apply -f deployment.yaml
Shell
복사

apiVersion: v1
kind: Service
metadata:
  name: skills-svc
  namespace: app
spec:
  type: ClusterIP
  selector:
    app: skills-app
  ports:
    - protocol: TCP
      port: 8080
      targetPort: 8080
YAML
복사

kubectl apply -f service.yaml
Shell
복사

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: skills-ingress
  namespace: app
  annotations:
    alb.ingress.kubernetes.io/load-balancer-name: skills-alb
    alb.ingress.kubernetes.io/scheme: internal
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}]'
    alb.ingress.kubernetes.io/healthcheck-path: /health
    alb.ingress.kubernetes.io/actions.response-403: >
      {"type":"fixed-response","fixedResponseConfig":{"contentType":"text/plain","statusCode":"403","messageBody":"403 Error"}}
spec:
  ingressClassName: alb
  rules:
    - http:
        paths:
          - pathType: Prefix
            path: /users
            backend:
              service:
                name: skills-svc
                port:
                  number: 8080
  defaultBackend:
      service:
        name: response-403
        port:
          name: use-annotation
YAML
복사

kubectl apply -f ingress.yaml
Shell
복사