임시
2024 지방 Bastion server User data
#!/bin/bash
sudo yum update -y
sudo yum install curl --allowerasing -y
sudo yum install jq -y
sudo dnf install mariadb105 -y
sudo yum install unzip -y
curl "<https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip>" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
curl -LO "<https://dl.k8s.io/release/$>(curl -L -s <https://dl.k8s.io/release/stable.txt>)/bin/linux/arm64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
# for ARM systems, set ARCH to: `arm64`, `armv6` or `armv7`
ARCH=arm64
PLATFORM=$(uname -s)_$ARCH
curl -sLO "<https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_$PLATFORM.tar.gz>"
# (Optional) Verify checksum
curl -sL "<https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_checksums.txt>" | grep $PLATFORM | sha256sum --check
tar -xzf eksctl_$PLATFORM.tar.gz -C /tmp && rm eksctl_$PLATFORM.tar.gz
sudo install -m 0755 /tmp/eksctl /usr/local/bin && rm /tmp/eksctl
#!/bin/bash
yum update -y
sudo yum install docker -y
sudo systemctl start docker
sudo systemctl enable docker
#ec2가 arm일 경우 newgrp docker
이거 관련해서 자세히 알아보기
sudo usermod -aG docker ec2-user
FROM public.ecr.aws/amazonlinux/amazonlinux:2023
RUN dnf install -y --allowerasing curl-full libcurl-full \\
&& dnf clean all
WORKDIR /app
COPY token /app/token
RUN chmod +x /app/token
EXPOSE 8080
CMD ["/app/token"]
~
~
~
~
~
~
FROM public.ecr.aws/amazonlinux/amazonlinux:2023
RUN dnf install -y --allowerasing curl-full libcurl-full \\
&& dnf clean all
WORKDIR /app
COPY user /app/user
RUN chmod +x /app/user
EXPOSE 8080
CMD ["/app/user"]
~
~
~
~
~
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: skills-eks-cluster
region: ap-northeast-2
version: "1.35"
iam:
withOIDC: true
cloudWatch:
clusterLogging:
enableTypes:
- api
- audit
- authenticator
- controllerManager
- scheduler
secretsEncryption:
keyARN: arn:aws:kms:ap-northeast-2:339712924586:key/336bcc30-11cd-43e8-8f9d-b92fe20a6c38
vpc:
id: vpc-00b00e262d9bc7fe6
subnets:
public:
ap-northeast-2a:
id: subnet-0b933ab2ade03cdfa
ap-northeast-2b:
id: subnet-0486475085780bc6b
private:
ap-northeast-2a:
id: subnet-09067777203fec15b
ap-northeast-2b:
id: subnet-00d492e965a2595b5
clusterEndpoints:
publicAccess: true
privateAccess: true
managedNodeGroups:
- name: skills-eks-addon-nodegroup
instanceType: t4g.large
amiFamily: AmazonLinux2023
desiredCapacity: 2
minSize: 2
maxSize: 10
privateNetworking: true
volumeSize: 50
labels:
workload: addon
node-role: addon
taints:
- key: dedicated
value: addon
effect: NoSchedule
tags:
Name: skills-eks-addon-node
k8s.io/cluster-autoscaler/enabled: "true"
k8s.io/cluster-autoscaler/skills-eks-cluster: "owned"
- name: skills-eks-app-nodegroup
instanceType: m6g.large
amiFamily: AmazonLinux2023
desiredCapacity: 2
minSize: 2
maxSize: 10
privateNetworking: true
volumeSize: 50
labels:
workload: user
node-role: app
taints:
- key: dedicated
value: user
effect: NoSchedule
tags:
Name: skills-eks-app-node
k8s.io/cluster-autoscaler/enabled: "true"
k8s.io/cluster-autoscaler/skills-eks-cluster: "owned"
fargateProfiles:
- name: skills-eks-app-profile
selectors:
- namespace: skills
labels:
app: token
subnets:
- subnet-09067777203fec15b
- subnet-00d492e965a2595b5
addons:
- name: vpc-cni
- name: kube-proxy
- name: coredns
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAsQi7XV7vaAr7C+N3oellT4q9HOVaviEHFXCAZ1dafH3ymvJw
tOuJdqMwzOwr+h4tBArr46QlVzsvdf8yFsB6sflN/UxYHrsDNsk8QVKYz5bhpvVy
aHDQQo2RkaQiKJAXoYhY7RTmBzbV3P0UQCoUgsMwk7A/AV1AL17KDe3sSTUoOkwb
xj0YWStxOlz4YpurRdtGvsl3Xmop0ps3Hy/PHxgYbOhAdLUIWjoUxzwUwIWsW7hY
CWvfnIPn7Y6fVBSWXNBxsaHAWUJmeNvaTEK1lwBLrXn1SuNr9+2ODyORjfA6s1Tx
ttPvxZofa6k6gdE8j0vo8ds+BDc8pNLvG/wnqQIDAQABAoIBAA3xrCBcm+rMAp4b
Go8sPQiY2vBtuEoFe/NaWyLIpJ3tpbBCrFHzw24OyIc7ivM2cUFCQvY5NZ+7T6+x
nBZirsdZ5aSv4Lj67fPgwdg7U0H2lmt6JbrIN/8l+3NHRFGBl/rnLGnwHXYwAYRY
gsHTDq6GBUt8tFm9KJMSmkOim9vgLHES7rVzlZNT7n1VTiXUAysaugpo9QdSB5fS
QOYcbaMJFYtvxHvfqBbzf3Lir+M8dBK9/SIcKaYOYIPbs6oQNrQEBu37l7KUEXVJ
KfF6XMmUkAH01Rl8j9bn3DhNvnEr2Ewg5PoTBaT+HvRjyvp7YvBAOUDUyZI5b4V2
VACCfAECgYEA2i1YwHmw8N2skLgyAfBxOPJYOcWHch+jBLcZvrx9fZcMFI+pg6T6
QgdqaxkN52moLtqDz8MmKkxPMiu4+VEdHlJZt6kKLsTggMHIB1Mmf0sLULp3m/8+
uLP+rsuR+4X8hLLuIXnfGXeusXrOEoeKod0X5wVnLFncNQFctdrIN8ECgYEAz7l3
e9AnOxN5O3+yxkjMEijEjlsBk8Mjo/lkq6WU32T/loj4hH3LcJioqalQQkV9nH2h
pLxwLAdNem6bQFtybAcnh3KyETlXSFajL8eZ3jjYoibXjBAl+TfY5WfGBMbfG0Ws
fJNya8cJrxS5dtExzcuJh99CdLPT2ffgepOzqekCgYBKjsyRmgR5i4d5PTj5qK1I
hKjZtUMAIQeYiOnnYIqR7JhYPm/zaOGMxvP6/Wje+CBdQpdg3JOiSMmXn5Fqwelt
fz7hoIa2TNlbpt0wg53YSlDnmZFeYe+RNxGFslOE3NjakDsIfZlcHqY4SHs7oc4i
Wmfcrt//LAYwpvKDwuxBAQKBgGxswpE99TxAzebgoNAe72YLIY2sswYNtWzBoGp3
4103urE4jX+aqbX7+Q2V8u6klww4B0eVlHdm2GovkZnmIbOBiICKvad/5q87ibJG
3WnBAlKhM6FITInpPK2BnTqhE5OIqp/b1r2rBsL8blI2n2hr9T2Wq3l+4/XCDMnu
jrkBAoGAFfNb5TIPIa3hZGEYF1AEh2WBrl2+wMi4XaWD3DaDR9R7z8zGi4j3Jytn
Oq+GrZUVgyHilVFXCejIFQBegWA0dqqdTeu8Kkg3xHhCOXmAu7s4hzyUZF8g3fi7
7FPz/Hc5ohohbuJi2cLSArSebjCMNtivyMbIjZX3PreKVVk4UsE=
-----END RSA PRIVATE KEY-----