[AEWS] 1주차 내 PC에서 EKS 코드로 설치해보기

Cloudnet AWES 1주차 스터디를 진행하며 정리한 글입니다.

 

이전 포스팅에서, EKS 설치(콘솔, EC2에서 Cloudformation)와 엔드포인트 액세스에 따른 연결 상태를 알아보았습니다.

이번 포스팅에서는 EKS를 내 PC에 설치하는 방법과 EKS 설치 후 클러스터 관리에 유용한 도구들을 소개하겠습니다.

잘못된 부분이 있다면 댓글로 말씀 부탁드립니다.

 

내 PC에서 EKS 클러스터 구성하기 (도전과제 0번)

AWS 계정을 내 로컬 PC에 생성하기 위해서 awscli를 설치하고, 나의 유저 정보를 등록합니다.

# AWS 계정 등록하려고 했으나 로컬 터미널에 awscli 없음
~ ❯ aws configure                                                      
zsh: command not found: aws

# awscli 패키지 설치
~ ❯ curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg" 17:14:27
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 39.0M  100 39.0M    0     0  32.5M      0  0:00:01  0:00:01 --:--:-- 32.7M

# awscli 패키치 실행
~ ❯ sudo installer -pkg AWSCLIV2.pkg -target /                         
Password:
installer: Package name is AWS Command Line Interface
installer: Installing at base path /
installer: The install was successful.

# 설치 완료
~ ❯ aws --version                                                                                          17:22:12
aws-cli/2.24.0 Python/3.12.6 Darwin/22.5.0 exe/x86_64

# AWS 계정 설정
~ ❯ aws configure                                                                                       5s 17:22:20
AWS Access Key ID [None]: A~~~~
AWS Secret Access Key [None]: H~~~~~~
Default region name [None]: ap-northeast-2
Default output format [None]: json

 

EKS를 관리하기 위한 eksctl도 설치해줍니다.

~ ❯ brew tap weaveworks/tap
~ ❯ brew install weaveworks/tap/eksctl

 

https://eksctl.io/installation/#for-macos

Installation - eksctl

 

 

EKS Cluster를 제 Local PC에서 Yaml 파일 형식으로 코드화 하여 배포 예정입니다. (도전과제 2번)

 

eksctl에서 제공해주는 예제 매니페스트로 기본적인 설정의 eks를 생성하겠습니다.

https://github.com/eksctl-io/eksctl/tree/main/examples

eksctl/examples at main · eksctl-io/eksctl

 

# local-eks.yaml
---
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata:
  name: cluster-hellouz818
  region: ap-northeast-2

nodeGroups:
  - name: nodegroup-hellouz818
    instanceType: m5.large
    desiredCapacity: 1
    
vpc:
  id: "vpc-0b5dd7b946068620e"  
  cidr: "192.168.0.0/16"       
  subnets:
    public:
      ap-northeast-2a:
        id: "subnet-0e5e4703324d4badd"
        cidr: "192.168.1.0/24"
      ap-northeast-2c:
        id: "subnet-037f59e6b753f04fb"
        cidr: "192.168.2.0/24"

 

 

eksctl로 생성한 매니페스트에 대한 EKS 클러스터를 생성해보겠습니다.

# eksctl로 명령어 수행
~ ❯ eksctl create cluster -f local-eks.yaml
2025-02-09 03:54:30 [ℹ]  eksctl version 0.203.0
2025-02-09 03:54:30 [ℹ]  using region ap-northeast-2
2025-02-09 03:54:31 [✔]  using existing VPC (vpc-0b5dd7b946068620e) and subnets (private:map[] public:map[ap-northeast-2a:{subnet-0e5e4703324d4badd ap-northeast-2a 192.168.1.0/24 0 } ap-northeast-2c:{subnet-037f59e6b753f04fb ap-northeast-2c 192.168.2.0/24 0 }])
2025-02-09 03:54:31 [!]  custom VPC/subnets will be used; if resulting cluster doesn't function as expected, make sure to review the configuration of VPC/subnets
2025-02-09 03:54:31 [ℹ]  nodegroup "nodegroup-hellouz818" will use "ami-0b63581b6773669bf" [AmazonLinux2/1.30]
2025-02-09 03:54:31 [ℹ]  using Kubernetes version 1.30
2025-02-09 03:54:31 [ℹ]  creating EKS cluster "cluster-hellouz818" in "ap-northeast-2" region with un-managed nodes
2025-02-09 03:54:31 [ℹ]  1 nodegroup (nodegroup-hellouz818) was included (based on the include/exclude rules)
2025-02-09 03:54:31 [ℹ]  will create a CloudFormation stack for cluster itself and 1 nodegroup stack(s)
2025-02-09 03:54:31 [ℹ]  if you encounter any issues, check CloudFormation console or try 'eksctl utils describe-stacks --region=ap-northeast-2 --cluster=cluster-hellouz818'
2025-02-09 03:54:31 [ℹ]  Kubernetes API endpoint access will use default of {publicAccess=true, privateAccess=false} for cluster "cluster-hellouz818" in "ap-northeast-2"
2025-02-09 03:54:31 [ℹ]  CloudWatch logging will not be enabled for cluster "cluster-hellouz818" in "ap-northeast-2"
2025-02-09 03:54:31 [ℹ]  you can enable it with 'eksctl utils update-cluster-logging --enable-types={SPECIFY-YOUR-LOG-TYPES-HERE (e.g. all)} --region=ap-northeast-2 --cluster=cluster-hellouz818'
2025-02-09 03:54:31 [ℹ]  default addons vpc-cni, kube-proxy, coredns, metrics-server were not specified, will install them as EKS addons
2025-02-09 03:54:31 [ℹ]
2 sequential tasks: { create cluster control plane "cluster-hellouz818",
    2 sequential sub-tasks: {
        2 sequential sub-tasks: {
            1 task: { create addons },
            wait for control plane to become ready,
        },
        create nodegroup "nodegroup-hellouz818",
    }
}
2025-02-09 03:54:31 [ℹ]  building cluster stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 03:54:31 [ℹ]  deploying stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 03:55:01 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 03:55:31 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 03:56:32 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 03:57:32 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 03:58:32 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 03:59:32 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 04:00:32 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 04:01:32 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 04:02:32 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-cluster"
2025-02-09 04:02:33 [!]  recommended policies were found for "vpc-cni" addon, but since OIDC is disabled on the cluster, eksctl cannot configure the requested permissions; the recommended way to provide IAM permissions for "vpc-cni" addon is via pod identity associations; after addon creation is completed, add all recommended policies to the config file, under `addon.PodIdentityAssociations`, and run `eksctl update addon`
2025-02-09 04:02:33 [ℹ]  creating addon
2025-02-09 04:02:34 [ℹ]  successfully created addon
2025-02-09 04:02:34 [ℹ]  creating addon
2025-02-09 04:02:34 [ℹ]  successfully created addon
2025-02-09 04:02:35 [ℹ]  creating addon
2025-02-09 04:02:35 [ℹ]  successfully created addon
2025-02-09 04:02:36 [ℹ]  creating addon
2025-02-09 04:02:36 [ℹ]  successfully created addon
2025-02-09 04:04:37 [ℹ]  building nodegroup stack "eksctl-cluster-hellouz818-nodegroup-nodegroup-hellouz818"
2025-02-09 04:04:37 [ℹ]  --nodes-min=1 was set automatically for nodegroup nodegroup-hellouz818
2025-02-09 04:04:37 [ℹ]  --nodes-max=1 was set automatically for nodegroup nodegroup-hellouz818
2025-02-09 04:04:37 [ℹ]  deploying stack "eksctl-cluster-hellouz818-nodegroup-nodegroup-hellouz818"
2025-02-09 04:04:37 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-nodegroup-nodegroup-hellouz818"
2025-02-09 04:05:07 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-nodegroup-nodegroup-hellouz818"
2025-02-09 04:05:50 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-nodegroup-nodegroup-hellouz818"
2025-02-09 04:07:33 [ℹ]  waiting for CloudFormation stack "eksctl-cluster-hellouz818-nodegroup-nodegroup-hellouz818"
2025-02-09 04:07:33 [ℹ]  waiting for the control plane to become ready
2025-02-09 04:07:35 [✔]  saved kubeconfig as "/Users/yoo/.kube/config"
2025-02-09 04:07:35 [ℹ]  no tasks
2025-02-09 04:07:35 [✔]  all EKS cluster resources for "cluster-hellouz818" have been created
2025-02-09 04:07:35 [ℹ]  nodegroup "nodegroup-hellouz818" has 1 node(s)
2025-02-09 04:07:35 [ℹ]  node "ip-192-168-2-102.ap-northeast-2.compute.internal" is ready
2025-02-09 04:07:35 [ℹ]  waiting for at least 1 node(s) to become ready in "nodegroup-hellouz818"
2025-02-09 04:07:35 [ℹ]  nodegroup "nodegroup-hellouz818" has 1 node(s)
2025-02-09 04:07:35 [ℹ]  node "ip-192-168-2-102.ap-northeast-2.compute.internal" is ready
2025-02-09 04:07:35 [✔]  created 1 nodegroup(s) in cluster "cluster-hellouz818"
2025-02-09 04:07:37 [ℹ]  kubectl command should work with "/Users/yoo/.kube/config", try 'kubectl get nodes'
2025-02-09 04:07:37 [✔]  EKS cluster "cluster-hellouz818" in "ap-northeast-2" region is ready

 

 

EKS 클러스터 생성이 작성한 조건대로 완료되었습니다. Wow!

 

 

 

EKS 실습 시 편리한 도구들

# 자동 완성 및 alias 축약 설정
source <(kubectl completion bash)
alias k=kubectl
complete -F __start_kubectl k'

# 설치
curl -fsSLO https://github.com/kubernetes-sigs/krew/releases/download/v0.4.4/krew-linux_amd64.tar.gz
tar zxvf krew-linux_amd64.tar.gz
./krew-linux_amd64 install krew
tree -L 3 /root/.krew/bin

# krew 확인
kubectl krew
kubectl krew update
kubectl krew search
kubectl krew list

# 쿠버네티스 컨텍스트 확인
kubectl ctx

# 쿠버네티스 네임스페이스 확인
kubectl ns

kubectl krew install df-pv get-all ktop neat oomd view-secret # mtail tree

# get-all 사용
kubectl get-all
kubectl get-all -n kube-system

# ktop 사용
kubectl ktop

# oomd 사용
kubectl oomd

# df-pv 사용
kubectl df-pv

# view-secret 사용 : 시크릿 복호화
kubectl view-secret

 

 

다음 포스팅에서는 기본적으로 만들어진 EKS 클러스터의 관리형 노드그룹을 다양한 형태로 만들어보도록 하겠습니다.