KEMBAR78
AWS 기반 Docker, Kubernetes | PPTX
AWS 기반
Docker, Kubernetes
권정빈
datamaker@urbanbase.com
Urbanbase Inc.
목차
1. Docker
- 컨테이너 이해
- 설치
- Run
- 정리
- exec
- build
- Dockerfile
3. S3 + kube-registry
- 설치(.yaml)
- Secrets (TLS 인증서 let's
encrypt)
2. kubernetes
- 컨셉
- 설치
- kube-up
- kops
- rolling-update
- Workloads
- Deployments
- ReplicationController
- Pods
- Service
1. Docker
- 컨테이너 이해
출처:http://blog.skhynix.com/1317
1. Docker
- 설치
curl -s https://get.docker.com/ | sudo sh
끝!!
1. Docker
- Run
docker run -d --name wekan-db mongo:3.4.3
docker run -d --name wekan --link "wekan-db:db" -e "MONGO_URL=mongodb://db" -e
"ROOT_URL=http://localhost:8080" -p 8080:80 wekanteam/wekan:meteor-1.4
1. Docker
- 정리
docker kill $(docker ps -q)
docker rm $(docker ps -a -q)
docker rmi -f $(docker images -q)
docker ps -a
1. Docker
- Exec
docker ps
docker exec -it c10c3f5b74f9 /bin/bash
1. Docker
- Build
docker pull ubuntu
Docoker build –t urbanbase-main:v1 .
docker tag urbanbase-main registry.urbanbase.com:****/
urbanbase-main
docker push registry.urbanbase.com:****/urbanbase-main
1. Docker
FROM phusion/passenger-nodejs:latest
MAINTAINER datamaker <datamaker@urbanbase.com>
COPY dockerTest.conf /etc/nginx/sites-enabled/dockerTest.conf
COPY ./bundle /home/app/dockerTest/bundle
RUN 
rm -f /etc/service/nginx/down && 
rm -f /etc/nginx/sites-enabled/default && 
cd /home/app/dockerTest/bundle/programs/server && npm install && 
chown app:app --recursive /home/app/dockerTest/
CMD ["/sbin/my_init"]
2. kubernetes
- 컨셉
출처 : http://blog.arungupta.me/key-concepts-kubernetes/
2. kubernetes
- 설치 / kube-up
# 설치
aws configure --profile user2
export KUBERNETES_PROVIDER=aws; wget –q –O – https://get.k8s.io | bash
# 환경변수
export AWS_DEFAULT_PROFILE=user2
export KUBE_AWS_ZONE=ap-northeast-2a
export MASTER_SIZE=t2.medium
export NODE_SIZE=t2.small
export NUM_NODES=1
export AWS_S3_REGION=ap-northeast-2
export AWS_S3_BUCKET=kubernetes-ub
export KUBE_AWS_INSTANCE_PREFIX=k15s
export AWS_ACCESS_KEY_ID=****************************
export AWS_SECRET_ACCESS_KEY=****************************
export PATH=/home/ec2-user/kubernetes/platforms/linux/amd64:$PATH
export VPC_ID=vpc-f5678c9c
V1.5.5 까지 지원하고 v1.6부터 aws는 지원 안함
2. kubernetes
- 설치 / kops
## kubectl 다운로드 및 설치
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
## kops 다운로드 및 설치
curl -LO https://github.com/kubernetes/kops/releases/download/1.5.3/kops-linux-amd64
chmod +x kops-linux-amd64
sudo mv kops-linux-amd64 /usr/local/bin/kops
# Because "aws configure" doesn't export these vars for kops to use, we export them now
export AWS_ACCESS_KEY_ID=******************************
export AWS_SECRET_ACCESS_KEY=********************************
-계속-
2. kubernetes
## Cluster State storage
aws s3api create-bucket --bucket kops-urbanbase --region ap-northeast-2
aws s3api create-bucket --bucket kops-urbanbase --region us-east-1
aws s3api put-bucket-versioning --bucket kops-urbanbase --versioning-configuration Status=Enabled
# 이름 및 s3 설정
export NAME=kops.urbanbase.com
export KOPS_STATE_STORE=s3://kops-urbanbase
export VPC_ID=vpc-a6618acf
export NETWORK_CIDR=10.10.0.0/16
# s3 설정 파일 생성
kops create cluster 
--zones ap-northeast-2a 
--node-size t2.medium 
--master-size t2.medium 
--vpc=${VPC_ID} 
${NAME} -계속-
2. kubernetes
# 클러스터 설정 파일 수정
kops edit cluster ${NAME}
# 클러스터 설치
kops update cluster ${NAME} --yes
# 정상적으로 설치 되었는지 검사
kubectl get nodes
kops validate cluster
kubectl -n kube-system get po
# 대쉬보드 설치
kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.5.0.yaml
-계속-
2. kubernetes
# Monitoring with Heapster - Standalone
kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/monitoring-standalone/v1.2.0.yaml
# Route53 Mapper
kubectl apply -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/route53-mapper/v1.2.0.yml
# 클러스터 삭제
kops delete cluster ${NAME} --yes
2. kubernetes
- rolling-update
Kubectl create –f urbanbase-main-rc.yaml
Kubectl create –f urbanbase-main-svc.yaml
kubectl rolling-update urbanbase-main-v2 -f urbanbase-main-
rc.yaml
2. kubernetes
- Workloads
- Deployments
- ReplicationController
- Pods
- Service
3. S3 + kube-registry
- 설치
Kubectl create –f registry-controller.yaml
Kubectl create –f registry-service.yaml
3. S3 + kube-registry
Secrets (TLS 인증서 let's encrypt)
# 인증서 시크릿 생성
kubectl --namespace=kube-system create secret generic
registry-tls-secret --from-file=domain.crt=fullchain1.pem --
from-file=domain.key=privkey1.pem

AWS 기반 Docker, Kubernetes

  • 1.
  • 2.
    목차 1. Docker - 컨테이너이해 - 설치 - Run - 정리 - exec - build - Dockerfile 3. S3 + kube-registry - 설치(.yaml) - Secrets (TLS 인증서 let's encrypt) 2. kubernetes - 컨셉 - 설치 - kube-up - kops - rolling-update - Workloads - Deployments - ReplicationController - Pods - Service
  • 3.
    1. Docker - 컨테이너이해 출처:http://blog.skhynix.com/1317
  • 4.
    1. Docker - 설치 curl-s https://get.docker.com/ | sudo sh 끝!!
  • 5.
    1. Docker - Run dockerrun -d --name wekan-db mongo:3.4.3 docker run -d --name wekan --link "wekan-db:db" -e "MONGO_URL=mongodb://db" -e "ROOT_URL=http://localhost:8080" -p 8080:80 wekanteam/wekan:meteor-1.4
  • 6.
    1. Docker - 정리 dockerkill $(docker ps -q) docker rm $(docker ps -a -q) docker rmi -f $(docker images -q) docker ps -a
  • 7.
    1. Docker - Exec dockerps docker exec -it c10c3f5b74f9 /bin/bash
  • 8.
    1. Docker - Build dockerpull ubuntu Docoker build –t urbanbase-main:v1 . docker tag urbanbase-main registry.urbanbase.com:****/ urbanbase-main docker push registry.urbanbase.com:****/urbanbase-main
  • 9.
    1. Docker FROM phusion/passenger-nodejs:latest MAINTAINERdatamaker <datamaker@urbanbase.com> COPY dockerTest.conf /etc/nginx/sites-enabled/dockerTest.conf COPY ./bundle /home/app/dockerTest/bundle RUN rm -f /etc/service/nginx/down && rm -f /etc/nginx/sites-enabled/default && cd /home/app/dockerTest/bundle/programs/server && npm install && chown app:app --recursive /home/app/dockerTest/ CMD ["/sbin/my_init"]
  • 10.
    2. kubernetes - 컨셉 출처: http://blog.arungupta.me/key-concepts-kubernetes/
  • 12.
    2. kubernetes - 설치/ kube-up # 설치 aws configure --profile user2 export KUBERNETES_PROVIDER=aws; wget –q –O – https://get.k8s.io | bash # 환경변수 export AWS_DEFAULT_PROFILE=user2 export KUBE_AWS_ZONE=ap-northeast-2a export MASTER_SIZE=t2.medium export NODE_SIZE=t2.small export NUM_NODES=1 export AWS_S3_REGION=ap-northeast-2 export AWS_S3_BUCKET=kubernetes-ub export KUBE_AWS_INSTANCE_PREFIX=k15s export AWS_ACCESS_KEY_ID=**************************** export AWS_SECRET_ACCESS_KEY=**************************** export PATH=/home/ec2-user/kubernetes/platforms/linux/amd64:$PATH export VPC_ID=vpc-f5678c9c V1.5.5 까지 지원하고 v1.6부터 aws는 지원 안함
  • 13.
    2. kubernetes - 설치/ kops ## kubectl 다운로드 및 설치 curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl chmod +x ./kubectl sudo mv ./kubectl /usr/local/bin/kubectl ## kops 다운로드 및 설치 curl -LO https://github.com/kubernetes/kops/releases/download/1.5.3/kops-linux-amd64 chmod +x kops-linux-amd64 sudo mv kops-linux-amd64 /usr/local/bin/kops # Because "aws configure" doesn't export these vars for kops to use, we export them now export AWS_ACCESS_KEY_ID=****************************** export AWS_SECRET_ACCESS_KEY=******************************** -계속-
  • 14.
    2. kubernetes ## ClusterState storage aws s3api create-bucket --bucket kops-urbanbase --region ap-northeast-2 aws s3api create-bucket --bucket kops-urbanbase --region us-east-1 aws s3api put-bucket-versioning --bucket kops-urbanbase --versioning-configuration Status=Enabled # 이름 및 s3 설정 export NAME=kops.urbanbase.com export KOPS_STATE_STORE=s3://kops-urbanbase export VPC_ID=vpc-a6618acf export NETWORK_CIDR=10.10.0.0/16 # s3 설정 파일 생성 kops create cluster --zones ap-northeast-2a --node-size t2.medium --master-size t2.medium --vpc=${VPC_ID} ${NAME} -계속-
  • 15.
    2. kubernetes # 클러스터설정 파일 수정 kops edit cluster ${NAME} # 클러스터 설치 kops update cluster ${NAME} --yes # 정상적으로 설치 되었는지 검사 kubectl get nodes kops validate cluster kubectl -n kube-system get po # 대쉬보드 설치 kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.5.0.yaml -계속-
  • 16.
    2. kubernetes # Monitoringwith Heapster - Standalone kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/monitoring-standalone/v1.2.0.yaml # Route53 Mapper kubectl apply -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/route53-mapper/v1.2.0.yml # 클러스터 삭제 kops delete cluster ${NAME} --yes
  • 17.
    2. kubernetes - rolling-update Kubectlcreate –f urbanbase-main-rc.yaml Kubectl create –f urbanbase-main-svc.yaml kubectl rolling-update urbanbase-main-v2 -f urbanbase-main- rc.yaml
  • 18.
    2. kubernetes - Workloads -Deployments - ReplicationController - Pods - Service
  • 19.
    3. S3 +kube-registry - 설치 Kubectl create –f registry-controller.yaml Kubectl create –f registry-service.yaml
  • 20.
    3. S3 +kube-registry Secrets (TLS 인증서 let's encrypt) # 인증서 시크릿 생성 kubectl --namespace=kube-system create secret generic registry-tls-secret --from-file=domain.crt=fullchain1.pem -- from-file=domain.key=privkey1.pem