<1> 실습 환경 1 서울리전으로 변경 2 cloudformation으로 명령서버 1대 생성 3.36.103.152 aws-1130-key 3 aws s3 ls Unable to locate credentials. You can configure credentials by running "aws login". [root@kops-ec2 ~]# 4 # iam access-key , secret-key 확인 5 # 권한 설정 aws configure ap-northeast-2 <엔터> aws s3 ls 6 cat < eks-freetier-setup.yaml apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: free-vpc-cluster region: ap-northeast-2 version: "1.34" vpc: clusterEndpoints: publicAccess: true privateAccess: true nat: gateway: Single # 비용 절감을 위해 NAT 게이트웨이를 1개만 생성 (중요!) managedNodeGroups: - name: standard-nodes # --- 인스턴스 타입 선택 가이드 --- # 1. t3.micro : 프리티어 대상 (단, K8s 시스템 Pod 실행 시 리소스가 매우 부족할 수 있음) # 2. t3.small : 가성비 추천 (시스템 안정성 확보) # 3. c7i-flex.large (2cpu/4gb) : 연산 위주 # 4. m7i-flex.large (2cpu/8gb) : 메모리 여유 instanceType: t3.small minSize: 1 maxSize: 2 desiredCapacity: 1 # 비용 절감을 위해 노드 수를 1대로 시작 (필요 시 증가) privateNetworking: true iam: withAddonPolicies: imageBuilder: true autoScaler: true cloudWatch: true # 필수 애드온만 설치 addons: - name: vpc-cni - name: coredns - name: kube-proxy EOF # 클러스터 생성 시작 eksctl create cluster -f eks-freetier-setup.yaml (15분) # 특정 네임스페이스에서 비정상적인 Pod만 골라보기 kubectl get pods -A --field-selector=status.phase!=Running # 최근 발생한 클러스터 전체 이벤트 시간순 정렬 kubectl get events -A --sort-by='.lastTimestamp' <2> 시나리오: "웹 브라우저에서 서비스 접속이 안 돼요!" watch -d kubectl get ep,no,deploy,rs,pods kubectl get pods -l app=my-web kubectl get endpoints my-web-service # 디버깅용 포드 생성 kubectl run curl-test --image=curlimages/curl -i --tty --rm # 내부에서 서비스 이름으로 호출 curl http://my-web-service:8080 kubectl describe node <3> 실습 시나리오: "유령 서비스 찾기" 1 watch -d kubectl get ep,no,deploy,rs,pods 2 먼저 아래 YAML을 복사해 trouble-test.yaml로 저장하고 적용하세요. trouble-test.yaml apiVersion: v1 kind: Pod metadata: name: my-web-pod labels: app: nginx-frontend # Pod의 라벨 spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: my-web-service spec: selector: app: nginx-web # (오류 지점) Pod 라벨과 일치하지 않음 ports: - protocol: TCP port: 80 targetPort: 80 kubectl apply -f trouble-test.yaml 명령어로 실행합니다. 3 kubectl get pods kubectl run busybox --image=busybox -it --rm -- restart=Never -- wget -O- http://my-web-service kubectl get endpoints my-web-service NAME ENDPOINTS AGE endpoints/kubernetes 192.168.107.75:443,192.168.162.108:443 33m endpoints/my-web-service # 서비스를 직접 수정하거나 YAML 수정 후 재배포 kubectl patch svc my-web-service -p '{"spec":{"selector":{"app":"nginx-frontend"}}}' AGE endpoints/kubernetes 192.168.107.75:443,192.168.162.108:443 34m endpoints/my-web-service 192.168.134.94:80 2m51s 4 k delete pod/my-web-pod <4>실습: CrashLoopBackOff 탈출하기 1 cat < crash-test.yaml apiVersion: v1 kind: Pod metadata: name: error-pod labels: app: buggy-app spec: containers: - name: nginx-container image: nginx:latest command: ["bin/sh", "-c"] # 존재하지 않는 환경 변수를 참조하여 즉시 종료되도록 유도 args: ["echo \$REQUIRED_VAR && nginx -g 'daemon off;'"] env: - name: WRONG_VAR value: "I am wrong" EOF kubectl apply -f crash-test.yaml 2 kubectl get pod error-pod # kubectl get pod error-pod NAME READY STATUS RESTARTS AGE error-pod 1/1 Running 0 19s kubectl logs error-pod kubectl describe pod error-pod 3 cat < crash-test.yaml apiVersion: v1 kind: Pod metadata: name: error-pod labels: app: buggy-app spec: containers: - name: nginx-container image: nginx:latest command: ["/bin/sh", "-c"] args: ["echo \$REQUIRED_VAR && nginx -g 'daemon off;'"] env: - name: REQUIRED_VAR value: "Hello, Kubernetes! Now I am working." EOF # 수정된 설정 적용 kubectl apply -f crash-test.yaml --force 4 kubectl get pod error-pod -w NAME READY STATUS RESTARTS AGE error-pod 1/1 Running 0 7s 5 성공 로그 확인: kubectl logs error-pod 실행 시 "Hello, Kubernetes!..." 문구가 보이면 성공입니다 kubectl logs error-pod (ssss@free-vpc-cluster:N/A) [root@kops-ec2 ~]# kubectl logs error-pod Hello, Kubernetes! Now I am working. 2026/02/18 09:41:01 [notice] 7#7: using the "epoll" event method 2026/02/18 09:41:01 [notice] 7#7: nginx/1.29.5 2026/02/18 09:41:01 [notice] 7#7: built by gcc 14.2.0 (Debian 14.2.0-19) 2026/02/18 09:41:01 [notice] 7#7: OS: Linux 6.12.66-88.122.amzn2023.x86_64 2026/02/18 09:41:01 [notice] 7#7: getrlimit(RLIMIT_NOFILE): 65536:1048576 2026/02/18 09:41:01 [notice] 7#7: start worker processes 2026/02/18 09:41:01 [notice] 7#7: start worker process 8 2026/02/18 09:41:01 [notice] 7#7: start worker process 9 6 k delete pod/error-pod <5> 실습: "자리가 없어서 못 들어가는 Pod" (Pending) 1 cat < greedy-pod.yaml apiVersion: v1 kind: Pod metadata: name: greedy-pod spec: containers: - name: nginx image: nginx resources: requests: cpu: "100" # 일반적인 노드에는 존재하지 않는 CPU 양 memory: "100Gi" EOF kubectl apply -f greedy-pod.yaml 2 kubectl get pod greedy-pod RESTARTS AGE pod/greedy-pod 0/1 Pending 0 4s 3 kubectl describe pod greedy-pod Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedScheduling 20s default-scheduler 0/1 nodes are available: 1 Insufficient cpu, 1 Insufficient memory. no new claims to deallocate, preemption: 0/1 nodes are available: 1 Preemption is not helpful for scheduling. (ssss@free-vpc-cluster:N/A) [root@kops-ec2 ~]# 4 cat < greedy-pod.yaml apiVersion: v1 kind: Pod metadata: name: greedy-pod spec: containers: - name: nginx image: nginx resources: requests: cpu: "100m" # 0.1 코어로 수정 memory: "128Mi" EOF # 기존 포드 삭제 후 재배포 (또는 apply) kubectl apply -f greedy-pod.yaml --force 5 kubectl get pod greedy-pod -w NAME READY STATUS RESTARTS AGE pod/greedy-pod 1/1 Running 0 9s 6 # 각 노드별 자원 할당량(CPU/메모리) 요약 확인 kubectl describe nodes | grep -A 7 "Allocated resources" ss@free-vpc-cluster:N/A) [root@kops-ec2 ~]# kubectl describe nodes | grep -A 7 "Allocated resources" Allocated resources: (Total limits may be over 100 percent, i.e., overcommitted.) Resource Requests Limits -------- -------- ------ cpu 650m (33%) 0 (0%) memory 668Mi (46%) 1140Mi (79%) ephemeral-storage 0 (0%) 0 (0%) hugepages-1Gi 0 (0%) 0 (0%) (ssss@free-vpc-cluster:N/A) [root@kops-ec2 ~]#