Notice
Recent Posts
Recent Comments
Link
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
Tags
- S3
- CloudWatch
- DaemonSet
- cbt
- 쿠버네티스
- 정보처리기능사
- SQS
- istio
- Kubernetes
- AWS
- DNS
- stateful
- 유나인버거조인트
- write back
- cloudwatch-agent
- EKS
- Kinesis
- APIGateway
- server
- access_log
- CloudFormation
- 해킹송
- Lambda
- CodeCommit
- CodeBuild
- write Through
- 3AZ
- CodePipeline
- ASG
- Round Robin
Archives
- Today
- Total
cloud bee
3AZ VPC를 cloudformation을 통해 생성 본문
amazon web service에서 인프라 서비스를 구축하고자 할 때, 멀티 가용영역(availability zone)을 활용하여 구축하는 경우가 많다. 보통 region안에 2개의 가용영역(availability zone)을 사용하거나 3개의 가용영역(availability zone)을 사용한다.
amazon web service 공식문서에는 2개의 AZ(availability zone)를 가지는 VPC를 생성하는 예제가 있으나,
3개의 AZ(availability zone)를 가지는 VPC를 생성하는 예제는 보이지 않았다.
그래서 나중에 편리하게 참고하고자 3개의 AZ(availability zone)를 가지는 VPC를 생성하도록 할 것이다.
해당 VPC stack을 생성하기에 앞서 나는 AWS EKS(amazon web service elastic kubernetes service)를 편리하게 사용하고자 서브넷 자동검색 태그를 부여하도록 할 것이다.
https://aws.amazon.com/ko/premiumsupport/knowledge-center/eks-vpc-subnet-discovery/
자동 서브넷 검색을 위해 Amazon EKS 클러스터의 Amazon VPC 서브넷에 태그 지정
로드 밸런서 또는 수신 컨트롤러의 자동 서브넷 검색을 위해 Amazon EKS 클러스터의 Amazon VPC 서브넷에 태그를 지정하려면 어떻게 해야 하나요? 최종 업데이트 날짜: 2021년 11월 11일 Amazon Virtual Private
aws.amazon.com
해당 EKS cluster의 이름이 'eks-cluster'로 가정하고 생성하였을 때 태그는 다음과 같이 지정할 것이다.
---퍼블릭 서브넷---
key: kubernetes.io/cluster/eks-cluster
value: shared
key: kubernetes.io/role/elb
value: 1
---프라이빗 서브넷---
key: kubernetes.io/cluster/eks-cluster
value: shared
key: kubernetes.io/role/internal-elb
value: 1
이제 cloudformation stack를 생성해 주도록 한다. 나는 visual studio를 통해 cloudformation stack를 생성하였다.
우선 3AZ-vpc.yml 파일을 생성하도록 한다.
이제 우리가 생성할 VPC정보는 다음과 같다.
| VPC 이름: eks-vpc | VPC cidr 대역: 10.0.0.0/16 |
| Public1 name: eks-public-a | Public1 cidr: 10.0.1.0/24 |
| Public2 name: eks-public-b | Public2 cidr: 10.0.2.0/24 |
| Public3 name: eks-public-c | Public3 cidr: 10.0.3.0/24 |
| Private1 name: eks-priv-a | Private1 cidr: 10.0.4.0/24 |
| Private2 name: eks-priv-b | Private2 cidr: 10.0.5.0/24 |
| Private3 name: eks-priv-c | Private3 cidr: 10.0.6.0/24 |
이제 3AZ-vpc.yml에 다음과 같은 내용을 기입하도록 한다.
Description: This template deploys a VPC, with a pair of public and private subnets spread
across two Availability Zones. It deploys an internet gateway, with a default
route on the public subnets. It deploys a pair of NAT gateways (one in each AZ),
and default routes for them in the private subnets.
Parameters:
EnvironmentName:
Description: An environment name that is prefixed to resource names
Type: String
Default: 'eks'
VpcCIDR:
Description: Please enter the IP range (CIDR notation) for this VPC
Type: String
Default: 10.0.0.0/16
PublicSubnet1CIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone
Type: String
Default: 10.0.1.0/24
PublicSubnet2CIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the second Availability Zone
Type: String
Default: 10.0.2.0/24
PublicSubnet3CIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the second Availability Zone
Type: String
Default: 10.0.3.0/24
PrivateSubnet1CIDR:
Description: Please enter the IP range (CIDR notation) for the private subnet in the first Availability Zone
Type: String
Default: 10.0.4.0/24
PrivateSubnet2CIDR:
Description: Please enter the IP range (CIDR notation) for the private subnet in the second Availability Zone
Type: String
Default: 10.0.5.0/24
PrivateSubnet3CIDR:
Description: Please enter the IP range (CIDR notation) for the private subnet in the second Availability Zone
Type: String
Default: 10.0.6.0/24
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VpcCIDR
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-vpc
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: !Ref EnvironmentName
InternetGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref VPC
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Ref PublicSubnet1CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-public-a
- Key: kubernetes.io/cluster/eks-cluster
Value: shared
- Key: kubernetes.io/role/elb
Value: 1
PublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 1, !GetAZs '' ]
CidrBlock: !Ref PublicSubnet2CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-public-b
- Key: kubernetes.io/cluster/eks-cluster
Value: shared
- Key: kubernetes.io/role/elb
Value: 1
PublicSubnet3:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 2, !GetAZs '' ]
CidrBlock: !Ref PublicSubnet3CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-public-c
- Key: kubernetes.io/cluster/eks-cluster
Value: shared
- Key: kubernetes.io/role/elb
Value: 1
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Ref PrivateSubnet1CIDR
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-priv-a
- Key: kubernetes.io/cluster/eks-cluster
Value: shared
- Key: kubernetes.io/role/internal-elb
Value: 1
PrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 1, !GetAZs '' ]
CidrBlock: !Ref PrivateSubnet2CIDR
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-priv-b
- Key: kubernetes.io/cluster/eks-cluster
Value: shared
- Key: kubernetes.io/role/internal-elb
Value: 1
PrivateSubnet3:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 2, !GetAZs '' ]
CidrBlock: !Ref PrivateSubnet3CIDR
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-priv-c
- Key: kubernetes.io/cluster/eks-cluster
Value: shared
- Key: kubernetes.io/role/internal-elb
Value: 1
NatGateway1EIP:
Type: AWS::EC2::EIP
DependsOn: InternetGatewayAttachment
Properties:
Domain: vpc
NatGateway2EIP:
Type: AWS::EC2::EIP
DependsOn: InternetGatewayAttachment
Properties:
Domain: vpc
NatGateway3EIP:
Type: AWS::EC2::EIP
DependsOn: InternetGatewayAttachment
Properties:
Domain: vpc
NatGateway1:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGateway1EIP.AllocationId
SubnetId: !Ref PublicSubnet1
NatGateway2:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGateway2EIP.AllocationId
SubnetId: !Ref PublicSubnet2
NatGateway3:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGateway3EIP.AllocationId
SubnetId: !Ref PublicSubnet3
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-public-rt
DefaultPublicRoute:
Type: AWS::EC2::Route
DependsOn: InternetGatewayAttachment
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet1
PublicSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet2
PublicSubnet3RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet3
PrivateRouteTable1:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-priv-a-rt
DefaultPrivateRoute1:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable1
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway1
PrivateSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable1
SubnetId: !Ref PrivateSubnet1
PrivateRouteTable2:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-priv-b-rt
DefaultPrivateRoute2:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable2
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway2
PrivateSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable2
SubnetId: !Ref PrivateSubnet2
PrivateRouteTable3:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-priv-c-rt
DefaultPrivateRoute3:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable3
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway3
PrivateSubnet3RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable3
SubnetId: !Ref PrivateSubnet3
이제 다음과 같은 명령어로 생성하도록 한다.
aws cloudformation create-stack --stack-name vpc --template-body file://3AZ-vpc.yml
이렇게 생성을 진행하면 다음과 같이 성공적으로 생성된 모습을 확인할 수 있다.
'AWS > kubernetes' 카테고리의 다른 글
| AWS EKS calico 설치 및 방법 (0) | 2023.02.05 |
|---|---|
| kubernetes daemonset 이란? (0) | 2023.01.11 |
| AWS EKS에서 EFS 기능 구현하기 (0) | 2022.10.23 |
| AWS EKS 실습 입문( EKS 생성&연결, 도커 이미지 작성) (0) | 2022.10.22 |
'AWS/kubernetes' Related Articles
more
Comments