실습 환경은 Cloud9에서 진행하며, Helm 설치는 간단히 설명한다.
Helm 설치
아래 명령어를 통해 Helm CLI를 설치한다.
$ curl -sSL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
Downloading https://get.helm.sh/helm-v3.7.0-linux-amd64.tar.gz
Verifying checksum... Done.
Preparing to install helm into /usr/local/bin
helm installed into /usr/local/bin/helm
helm version을 입력하면 설치된 버전 이외에 WARNING 문구가 표시된다.
오류를 보면 .kube/config 파일이 insecure하기 때문에 표시되는 오류인 것 같다.
mzmz01:~/environment $ helm version
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /home/ec2-user/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /home/ec2-user/.kube/config
version.BuildInfo{Version:"v3.7.0", GitCommit:"eeac83883cb4014fe60267ec6373570374ce770b", GitTreeState:"clean", GoVersion:"go1.16.8"}
.kube/config 파일의 권한을 보면 group, other에 각각 read 권한이 부여되어 있다.
user를 제외하고 read 권한을 제거해주자.
$ ls -al
-rw-rw-r-- 1 ec2-user ec2-user 4377 Oct 7 09:19 config$ sudo chmod g-r config
$ sudo chmod o-r config
다시 helm version을 확인해보자.
$ helm version
version.BuildInfo{Version:"v3.7.0", GitCommit:"eeac83883cb4014fe60267ec6373570374ce770b", GitTreeState:"clean", GoVersion:"go1.16.8"}
Helm Chart 저장소 등록
helm chart repository를 추가해준다.
mzmz01:~/environment $ helm repo add stable https://charts.helm.sh/stable
"stable" has been added to your repositories
mzmz01:~/environment $ helm search repo stable
NAME CHART VERSION APP VERSION DESCRIPTION
stable/acs-engine-autoscaler 2.2.2 2.1.1 DEPRECATED Scales worker nodes within agent pools
stable/aerospike 0.3.5 v4.5.0.5 DEPRECATED A Helm chart for Aerospike in Kubern...
stable/airflow 7.13.3 1.10.12 DEPRECATED - please use: https://github.com/air...
stable/ambassador 5.3.2 0.86.1 DEPRECATED A Helm chart for Datawire Ambassador
stable/anchore-engine 1.7.0 0.7.3 Anchore container analysis and policy evaluatio...
stable/apm-server 2.1.7 7.0.0 DEPRECATED The server receives data from the El...
Helm Chart를 업데이트 해준다.
mzmz01:~/environment $ helm repo update
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "stable" chart repository
Update Complete. ⎈Happy Helming!⎈
이번 실습에선 nginx 서버를 설치해야 하므로 nginx와 관련된 repository를 검색한다.
mzmz01:~/environment $ helm search repo nginx
NAME CHART VERSION APP VERSION DESCRIPTION
stable/nginx-ingress 1.41.3 v0.34.1 DEPRECATED! An nginx Ingress controller that us...
stable/nginx-ldapauth-proxy 0.1.6 1.13.5 DEPRECATED - nginx proxy with ldapauth
stable/nginx-lego 0.3.1 Chart for nginx-ingress-controller and kube-lego
stable/gcloud-endpoints 0.1.2 1 DEPRECATED Develop, deploy, protect and monitor...
bitnami repository도 추가해준다.
Bitnami NginX는 통합된 php, mysql, nginx 개발환경을 제공한다.
mzmz01:~/environment $ helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories
다시 nginx repo를 검색하면 위 검색 결과에 추가된 내용을 확인할 수 있다.
mzmz01:~/environment $ helm search repo nginx
NAME CHART VERSION APP VERSION DESCRIPTION
bitnami/nginx 9.5.6 1.21.3 Chart for the nginx server
bitnami/nginx-ingress-controller 7.6.21 0.48.1 Chart for the nginx Ingress controller
stable/nginx-ingress 1.41.3 v0.34.1 DEPRECATED! An nginx Ingress controller that us...
stable/nginx-ldapauth-proxy 0.1.6 1.13.5 DEPRECATED - nginx proxy with ldapauth
stable/nginx-lego 0.3.1 Chart for nginx-ingress-controller and kube-lego
bitnami/kong 4.1.4 2.6.0 Kong is a scalable, open source API layer (aka ...
stable/gcloud-endpoints 0.1.2 1 DEPRECATED Develop, deploy, protect and monitor...
bitnami/nginx repository를 통해 서버를 설치한다.
mzmz01:~/environment $ helm install nginx bitnami/nginx
NAME: nginx
LAST DEPLOYED: Thu Oct 7 17:28:43 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **
NGINX can be accessed through the following DNS name from within your cluster:
nginx.default.svc.cluster.local (port 80)
To access NGINX from outside the cluster, follow the steps below:
1. Get the NGINX URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace default -w nginx'
export SERVICE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].port}" services nginx)
export SERVICE_IP=$(kubectl get svc --namespace default nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo "http://${SERVICE_IP}:${SERVICE_PORT}"
Service, Pod, Deployment를 각각 확인한다.
mzmz01:~/environment $ kubectl get svc,po,deploy
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 30h
service/nginx LoadBalancer 172.20.212.35 a53938eb41b2041e69361d34125ea204-1918174223.us-west-2.elb.amazonaws.com 80:30357/TCP 87s
NAME READY STATUS RESTARTS AGE
pod/nginx-854656fbf9-b5lwx 1/1 Running 0 87s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx 1/1 1 1 87s
nginx 서비스의 상세 정보를 확인한다.
mzmz01:~/environment $ kubectl get svc nginx -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
nginx LoadBalancer 172.20.212.35 a53938eb41b2041e69361d34125ea204-1918174223.us-west-2.elb.amazonaws.com 80:30357/TCP 2m31s app.kubernetes.io/instance=nginx,app.kubernetes.io/name=nginx
service의 EXTERNAL-IP로 접속하면 정상적으로 nginx 서버가 구축된 것을 확인할 수 있다.
혹은 URL의 공인 IP 주소를 확인하여 접속해본다.
mzmz01:~/environment $ dig +short a53938eb41b2041e69361d34125ea204-1918174223.us-west-2.elb.amazonaws.com
35.83.239.60
34.223.130.199
52.38.169.195
'Kubernetes' 카테고리의 다른 글
| kubernetes에 metrics-server 설치하기 (0) | 2022.10.06 |
|---|---|
| Helm 인강 정리 (0) | 2021.10.08 |
| Helm이란? (0) | 2021.10.01 |
| Kubernetes 오브젝트를 이용한 Apache 웹 서버 구성하기 (0) | 2021.09.07 |
| Kubeadm을 이용한 쿠버네티스 클러스터 배포하기 (0) | 2021.09.07 |