1 # 개발 네트워크에 eks 생성하기 cat <<'EOF' > eks.tf # 1. EKS Cluster IAM Role resource "aws_iam_role" "eks_cluster_role" { name = "${var.vpc_name}-eks-cluster-role" assume_role_policy = jsonencode({ Version = "2012-10-17" Statement = [{ Action = "sts:AssumeRole" Effect = "Allow" Principal = { Service = "eks.amazonaws.com" } }] }) } resource "aws_iam_role_policy_attachment" "eks_cluster_policy" { policy_arn = "arn:aws:iam::aws:policy/AmazonEKSClusterPolicy" role = aws_iam_role.eks_cluster_role.name } # 2. EKS Cluster (v1.34) resource "aws_eks_cluster" "main" { name = "${var.vpc_name}-cluster" role_arn = aws_iam_role.eks_cluster_role.arn version = "1.34" vpc_config { subnet_ids = [ aws_subnet.pub1.id, aws_subnet.pub2.id, aws_subnet.pri1.id, aws_subnet.pri2.id ] endpoint_private_access = true endpoint_public_access = true } depends_on = [aws_iam_role_policy_attachment.eks_cluster_policy] } # 3. Node Group IAM Role resource "aws_iam_role" "node_group_role" { name = "${var.vpc_name}-node-group-role" assume_role_policy = jsonencode({ Version = "2012-10-17" Statement = [{ Action = "sts:AssumeRole" Effect = "Allow" Principal = { Service = "ec2.amazonaws.com" } }] }) } resource "aws_iam_role_policy_attachment" "node_AmazonEKSWorkerNodePolicy" { policy_arn = "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy" role = aws_iam_role.node_group_role.name } resource "aws_iam_role_policy_attachment" "node_AmazonEKS_CNI_Policy" { policy_arn = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy" role = aws_iam_role.node_group_role.name } resource "aws_iam_role_policy_attachment" "node_AmazonEC2ContainerRegistryReadOnly" { policy_arn = "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly" role = aws_iam_role.node_group_role.name } # 4. EKS Managed Node Group (t3.small) resource "aws_eks_node_group" "main" { cluster_name = aws_eks_cluster.main.name node_group_name = "${var.vpc_name}-node-group" node_role_arn = aws_iam_role.node_group_role.arn version = "1.34" subnet_ids = [aws_subnet.pri1.id, aws_subnet.pri2.id] scaling_config { desired_size = 2 max_size = 3 min_size = 1 } update_config { max_unavailable = 1 } # 요청하신 t3.small로 변경 instance_types = ["t3.small"] depends_on = [ aws_iam_role_policy_attachment.node_AmazonEKSWorkerNodePolicy, aws_iam_role_policy_attachment.node_AmazonEKS_CNI_Policy, aws_iam_role_policy_attachment.node_AmazonEC2ContainerRegistryReadOnly, ] } EOF 2 terraform apply (15분) 3 # 클러스터 이름과 리전이 맞는지 확인하세요 aws eks update-kubeconfig --region ap-northeast-2 --name terraform-101-cluster 4 [root@kops-ec2 52]# aws eks list-clusters --region ap-northeast-2 { "clusters": [ "bgame-dev-cluster" ] } [root@kops-ec2 52]# 5 aws eks update-kubeconfig --region ap-northeast-2 --name bgame-dev-cluster 6 [root@kops-ec2 52]# kubectl get no NAME STATUS ROLES AGE VERSION ip-10-0-19-74.ap-northeast-2.compute.internal Ready 2m47s v1.34.3-eks-70ce843 ip-10-0-21-13.ap-northeast-2.compute.internal Ready 2m49s v1.34.3-eks-70ce843 [root@kops-ec2 52]# ------------------- # 배포 cat <