Dapr

DEV CommunitySpeed Up Microservices Development with Dapr on AWS EKS

CLUSTER_NAME="<EKS_CLUSTER_NAME>"
CLUSTER_OIDC=$(aws eks describe-cluster --name $CLUSTER_NAME --query "cluster.identity.oidc.issuer" --output text | cut -c 9-100)
ACCOUNT=$(aws sts get-caller-identity --query "Account" --output text)
Shell
복사

cat << EOF > aws-ebs-csi-driver-trust-policy.json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Federated": "arn:aws:iam::ACCOUNT_ID:oidc-provider/OIDC"
            },
            "Action": "sts:AssumeRoleWithWebIdentity",
            "Condition": {
                "StringEquals": {
                    "OIDC:aud": "sts.amazonaws.com"
                }
            }
        }
    ]
}
EOF
Shell
복사

sed -i "s|ACCOUNT_ID|$ACCOUNT|g" aws-ebs-csi-driver-trust-policy.json
sed -i "s|OIDC|$CLUSTER_OIDC|g" aws-ebs-csi-driver-trust-policy.json
Shell
복사

aws iam create-role --role-name AmazonEKS_EBS_CSI_DriverRole --assume-role-policy-document file:///home/ec2-user/aws-ebs-csi-driver-trust-policy.json
Shell
복사

aws iam attach-role-policy --policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy --role-name AmazonEKS_EBS_CSI_DriverRole
Shell
복사

eksctl create addon --name aws-ebs-csi-driver --cluster $CLUSTER_NAME --service-account-role-arn arn:aws:iam::$ACCOUNT:role/AmazonEKS_EBS_CSI_DriverRole --force
Shell
복사

kubectl patch storageclass gp2 -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
Shell
복사

NODE_NAME=<NODE_NAME>
EKS_NODE_GROUP_SG_ID=$(aws ec2 describe-instances --filter Name=tag:Name,Values=$NODE_NAME --query "Reservations[1].Instances[].SecurityGroups[].GroupId" --output text)
Shell
복사

aws ec2 authorize-security-group-ingress --region ap-northeast-2 \
--group-id $EKS_NODE_GROUP_SG_ID \
--protocol tcp \
--port 4000 \
--source-group $EKS_NODE_GROUP_SG_ID 
Shell
복사

•

Dapr CLI Install

wget -q https://raw.githubusercontent.com/dapr/cli/master/install/install.sh -O - | /bin/bash
Shell
복사

sudo yum install git -y
git clone https://github.com/dapr/quickstarts.git
cd quickstarts/tutorials/hello-kubernetes
Shell
복사

dapr init -k --dev
Shell
복사

kubectl apply -f ./deploy/python.yaml
kubectl apply -f ./deploy/node.yaml
kubectl apply -f ./deploy/redis.yaml
Shell
복사

•

NodeJS App Log

kubectl logs --selector=app=node -c daprd --tail=-1
Shell
복사

•

Python App Log

kubectl logs --selector=app=python -c daprd --tail=-1
Shell
복사