[aws] EKS Hands On — deploy MSA, health checks

안녕하세요. AWS EKS Hands On 내용을 공유하기 위해 작성한 글입니다.

참고 : https://www.eksworkshop.com/

PREREQUISITES

https://www.eksworkshop.com/020_prerequisites/

https://www.eksworkshop.com/030_eksctl/

Beginner

DEPLOY THE EXAMPLE MICROSERVICES

DEPLOY OUR SAMPLE APPLICATIONS

apiVersion: apps/v1
kind: Deployment
metadata:
  name: ecsdemo-nodejs
  labels:
    app: ecsdemo-nodejs
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ecsdemo-nodejs
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: ecsdemo-nodejs
    spec:
      containers:
      - image: brentley/ecsdemo-nodejs:latest
        imagePullPolicy: Always
        name: ecsdemo-nodejs
        ports:
        - containerPort: 3000
          protocol: TCP

HEALTH CHECKS

• liveness probe : The kubelet uses liveness probes to know when to restart a container. Liveness probes are used in Kubernetes to know when a pod is alive or dead.

apiVersion: v1
kind: Pod
metadata:
  labels:
    test: liveness
  name: liveness-exec
spec:
  containers:
  - name: liveness
    image: registry.k8s.io/busybox
    args:
    - /bin/sh
    - -c
    - touch /tmp/healthy; sleep 30; rm -f /tmp/healthy; sleep 600
    livenessProbe:
      exec:
        command:
        - cat
        - /tmp/healthy
      initialDelaySeconds: 5
      periodSeconds: 5

• readness probe : The kubelet uses readiness probes to know when a container is ready to start accepting traffic.

apiVersion: v1
kind: Pod
metadata:
  labels:
    test: liveness
  name: liveness-exec
spec:
  containers:
  - name: liveness
    image: registry.k8s.io/busybox
    args:
    - /bin/sh
    - -c
    - touch /tmp/healthy; sleep 30; rm -f /tmp/healthy; sleep 600
    readinessProbe:
      exec:
        command:
        - cat
        - /tmp/healthy
      initialDelaySeconds: 5
      periodSeconds: 5

[참고] https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/

SECURING YOUR CLUSTER WITH NETWORK POLICIES

kind: NetworkPolicy
apiVersion: networking.k8s.io/v1 #EKS 1.22부터는 v1 업데이트!
metadata:
  namespace: stars
  name: backend-policy
spec:
  podSelector:
    matchLabels:
      role: backend
  ingress:
    - from:
        - podSelector:
            matchLabels:
              role: frontend
      ports:
        - protocol: TCP
          port: 6379

 

 

blog migration project

written in 2022.10.4

https://medium.com/techblog-hayleyshim/aws-eks-hands-on-8874acf26a3c