\u3053\u3093\u306b\u3061\u306f\u3002\u95a2\u53e3\u3067\u3059\u3002
\n\u6700\u8fd1\u30a2\u30d9\u30ce\u30de\u30b9\u30af\u304c\u5bb6\u306b\u5c4a\u304d\u307e\u3057\u305f\u3002<\/p>\n
\u4eca\u56de\u306f\u3001EKS on Fargate<\/a>\u3092\u8a66\u3057\u3066\u307f\u305f\u5185\u5bb9\u3092\u8a18\u3057\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n \u4ee5\u4e0b\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u304c\u5fc5\u8981\u3067\u3059\u3002<\/p>\n \u4f5c\u6210\u3055\u308c\u308b\u307e\u3067\u66ab\u3057\u6642\u9593\u304c\u304b\u304b\u308a\u307e\u3059\u3002 \u30a2\u30d7\u30ea\u306b\u5916\u90e8\u304b\u3089\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3088\u3046\u306b\u3059\u308b\u305f\u3081\u3001ALB Ingress Controller<\/a>\u3092\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u3057\u307e\u3059\u3002<\/p>\n \u307e\u305a\u306f\u3001Fargate\u306epod\u306b\u5bfe\u3059\u308bIAM\u6a29\u9650\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002 \u6210\u529f\u3059\u308c\u3070\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u60c5\u5831\u304c\u53d6\u5f97\u3067\u304d\u307e\u3059\u3002<\/p>\n \u6700\u5f8c\u306b\u3001 \u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u30d5\u30a1\u30a4\u30eb\u4fee\u6b63\u5f8c\u3001\u30c7\u30d7\u30ed\u30a4\u3092\u3057\u307e\u3059\u3002<\/p>\n \u4eca\u56de\u306fHello world\u3092\u8fd4\u3059\u30b7\u30f3\u30d7\u30eb\u306aGo\u306eWeb\u30a2\u30d7\u30ea\u3092\u7528\u610f\u3057\u307e\u3057\u305f\u3002 \u307e\u305a\u3001Docker image\u3092\u4fdd\u5b58\u3059\u308b\u305f\u3081\u306e\u30ec\u30dd\u30b8\u30c8\u30ea\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002 \u6b21\u306bDocker Image\u3092\u30d3\u30eb\u30c9\u3057\u307e\u3059\u3002 \u6700\u5f8c\u306bDocker Image\u3092ECR\u306bpush\u3057\u307e\u3059\u3002 Output\u3092\u30b3\u30d4\u30fc\u3057\u3066\u305d\u306e\u307e\u307e\u30bf\u30fc\u30df\u30ca\u30eb\u306b\u8cbc\u308a\u4ed8\u3051\u3066\u5b9f\u884c\u3059\u308b\u3068\u3001\u30ed\u30b0\u30a4\u30f3\u306b\u6210\u529f\u3057\u307e\u3059\u3002 \u6700\u521d\u306b\u3001\u65b0\u3057\u3044Fargate profile<\/a>\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n \u6b21\u306b\u3001\u30a2\u30d7\u30ea\u3092ALB\u304b\u3089\u30a2\u30af\u30bb\u30b9\u3059\u308b\u305f\u3081\u306e \u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3067ingress\u306e\u30b9\u30c6\u30fc\u30bf\u30b9\u3092\u30c1\u30a7\u30c3\u30af\u3057\u307e\u3059\u3002<\/p>\n ELB\u306e\u30d8\u30eb\u30b9\u30c1\u30a7\u30c3\u30af\u304c\u901a\u308b\u307e\u3067\u6570\u5206\u5f85\u3063\u3066\u304b\u3089\u3001Output\u306e\u30a2\u30c9\u30ec\u30b9\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3068\u3001\u7121\u4e8b\u306bHello world\u304c\u8fd4\u3055\u308c\u307e\u3057\u305f\u3002<\/p>\n \u4e0a\u8a18\u306e\u30b3\u30de\u30f3\u30c9\u3067\u3082 EKS on Fargate\u3067ALB\u304b\u3089\u30a2\u30d7\u30ea\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b<\/a> \u3053\u3093\u306b\u3061\u306f\u3002\u95a2\u53e3\u3067\u3059\u3002 \u6700\u8fd1\u30a2\u30d9\u30ce\u30de\u30b9\u30af\u304c\u5bb6\u306b\u5c4a\u304d\u307e\u3057\u305f\u3002 \u4eca\u56de\u306f\u3001EKS on Fargate\u3092\u8a66\u3057\u3066\u307f\u305f\u5185\u5bb9\u3092\u8a18\u3057\u305f\u3044\u3068\u601d\u3044\u307e\u3059\u3002 \u4e8b\u524d\u6e96\u5099 \u4ee5\u4e0b\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u304c\u5fc5\u8981\u3067\u3059\u3002 eksctl kubectl AWS CLI Docker \u30af\u30e9\u30b9\u30bf\u30fc\u3092\u4f5c\u6210 $ export AWS_PROFILE=\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u540d $ eksctl create cluster –name fargate-tuto […]<\/p>\n","protected":false},"author":10,"featured_media":684,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[13,18,21],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/638"}],"collection":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/comments?post=638"}],"version-history":[{"count":0,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/posts\/638\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/media?parent=638"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/categories?post=638"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/p-corporate-blog-cms.mmmcorp.co.jp\/wp-json\/wp\/v2\/tags?post=638"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\u4e8b\u524d\u6e96\u5099<\/h2>\n
\n
\u30af\u30e9\u30b9\u30bf\u30fc\u3092\u4f5c\u6210<\/h2>\n
$ export AWS_PROFILE=\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u540d\n\n$ eksctl create cluster \n--name fargate-tutorial-cluster \n--version 1.15 \n--region ap-northeast-1 \n--fargate \n--alb-ingress-access<\/code><\/pre>\n
\n\u4f5c\u6210\u5b8c\u4e86\u5f8c\u3001\u30af\u30e9\u30b9\u30bf\u304c\u6b63\u5e38\u306b\u8d77\u52d5\u3057\u305f\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n$ kubectl get nodes\nNAME STATUS ROLES AGE VERSION\nfargate-ip-192-168-163-213.ap-northeast-1.compute.internal Ready <none> 14m v1.15.10-eks-094994\nfargate-ip-192-168-174-244.ap-northeast-1.compute.internal Ready <none> 14m v1.15.10-eks-094994<\/code><\/pre>\nALB Ingress Controller\u3092\u4f5c\u6210<\/h2>\n
\n\u30af\u30e9\u30b9\u30bf\u306boidc provider\u3092\u7d10\u4ed8\u3051\u3066\u304b\u3089ALB\u306eIAM\u6a29\u9650\u3092\u4ed8\u4e0e\u3057\u307e\u3059\u3002<\/p>\n$ eksctl utils associate-iam-oidc-provider --region=ap-northeast-1 --cluster=fargate-tutorial-cluster --approve\n$ curl -O https:\/\/raw.githubusercontent.com\/kubernetes-sigs\/aws-alb-ingress-controller\/v1.1.4\/docs\/examples\/iam-policy.json\n$ policyArn=$(aws iam create-policy \n --policy-name ALBIngressControllerIAMPolicy \n --policy-document file:\/\/iam-policy.json | jq -r .Policy.Arn)\n$ eksctl create iamserviceaccount --name alb-ingress-controller \n --namespace kube-system \n --cluster fargate-tutorial-cluster \n --attach-policy-arn ${policyArn} \n --approve --override-existing-serviceaccounts<\/code><\/pre>\n$ kubectl get sa -n kube-system alb-ingress-controller -o jsonpath="{.metadata.annotations['eks.amazonaws.com\/role-arn']}"\narn:aws:iam::xxxxxxxxx:role\/eksctl-fargate-tutorial-cluster-addon-iamser-Role1-UR4O1R9GAG0W<\/code><\/pre>\nrbac-role<\/code>\u3068alb-ingress-controller<\/code>\u3092deploy\u3057\u3066\u3044\u304d\u307e\u3059\u3002
\n\u307e\u305a\u306frbac-role<\/code>\u3092deploy\u3057\u307e\u3059\u3002<\/p>\n$ kubectl apply -f https:\/\/raw.githubusercontent.com\/kubernetes-sigs\/aws-alb-ingress-controller\/v1.1.4\/docs\/examples\/rbac-role.yaml<\/code><\/pre>\nalb-ingress-controller<\/code>\u3092deploy\u3057\u307e\u3059\u3002
\n\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u30d5\u30a1\u30a4\u30eb\u3092\u53d6\u5f97\u3057\u3066\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u7de8\u96c6\u3057\u307e\u3059\u3002<\/p>\n$ wget https:\/\/raw.githubusercontent.com\/kubernetes-sigs\/aws-alb-ingress-controller\/v1.1.4\/docs\/examples\/alb-ingress-controller.yaml<\/code><\/pre>\napiVersion: apps\/v1\nkind: Deployment\nmetadata:\n labels:\n app.kubernetes.io\/name: alb-ingress-controller\n name: alb-ingress-controller\n namespace: kube-system\nspec:\n selector:\n matchLabels:\n app.kubernetes.io\/name: alb-ingress-controller\n template:\n metadata:\n labels:\n app.kubernetes.io\/name: alb-ingress-controller\n spec:\n containers:\n - name: alb-ingress-controller\n image: docker.io\/amazon\/aws-alb-ingress-controller:v1.1.4\n args:\n - --ingress-class=alb\n - --cluster-name=xxxx # \u30af\u30e9\u30b9\u30bf\u540d\n - --aws-region=ap-northeast-1\n - --aws-vpc-id=vpc-xxxx # eksctl\u3067\u4f5c\u6210\u3055\u308c\u305fVPC\u306eid\n resources: {}\n serviceAccountName: alb-ingress-controller<\/code><\/pre>\nVpcId<\/code>\u306faws\u30b3\u30f3\u30bd\u30fc\u30eb\u3082\u3057\u304f\u306f\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u304b\u3089\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002<\/p>\n$ eksctl get cluster --region ap-northeast-1 --name fargate-tutorial-cluster -o yaml<\/code><\/pre>\n$ kubectl apply -f alb-ingress-controller.yaml<\/code><\/pre>\n\u30a2\u30d7\u30ea\u3092\u4f5c\u6210<\/h2>\n
\n\u540c\u69d8\u306e\u30b5\u30f3\u30d7\u30eb\u306fgithub\u306b\u7528\u610f\u3057\u307e\u3057\u305f\u3002
\nhttps:\/\/github.com\/jpskgc\/eks-fargate-sample<\/a><\/p>\n
\nOutput\u306erepositoryUri<\/code>\u3092\u30e1\u30e2\u3057\u3066\u304a\u3044\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n$ aws ecr create-repository --repository-name fargate-tutorial<\/code><\/pre>\n
\n\u5148\u307b\u3069\u306erepositoryUri<\/code>\u3092\u8a18\u5165\u3057\u307e\u3059\u3002<\/p>\n$ docker build -t fargate-tutorial:1 .\n$ docker tag fargate-tutorial:1 xxxxxxxxxxxx.dkr.ecr.ap-northeast-1.amazonaws.com\/fargate-tutorial:1<\/code><\/pre>\n
\n\u307e\u305a\u3001AWS CLI\u3067ECR\u306b\u30ed\u30b0\u30a4\u30f3\u3057\u307e\u3059\u3002<\/p>\n$ aws ecr get-login --region ap-northeast-1 --no-include-email<\/code><\/pre>\n
\n\u30ed\u30b0\u30a4\u30f3\u6210\u529f\u5f8c\u3001push\u3057\u307e\u3059\u3002<\/p>\n$ docker push xxxxxxxxxxxx.dkr.ecr.ap-northeast-1.amazonaws.com\/fargate-tutorial:1<\/code><\/pre>\n\u30a2\u30d7\u30ea\u3092\u30c7\u30d7\u30ed\u30a4<\/h2>\n
eksctl create fargateprofile --namespace backend --cluster fargate-tutorial-cluster --region ap-northeast-1<\/code><\/pre>\nnamespace<\/code>,service<\/code>,deployment<\/code>,ingress<\/code>\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u3092\u8a18\u8ff0+deploy\u3057\u307e\u3059\u3002<\/p>\n---\napiVersion: v1\nkind: Namespace\nmetadata:\n name: backend\n---\napiVersion: extensions\/v1beta1\nkind: Ingress\nmetadata:\n name: backend\n namespace: backend\n annotations:\n kubernetes.io\/ingress.class: alb\n alb.ingress.kubernetes.io\/target-type: ip\n alb.ingress.kubernetes.io\/scheme: internet-facing\nspec:\n rules:\n - http:\n paths:\n - path: \/\n backend:\n serviceName: backend\n servicePort: 80\n---\napiVersion: apps\/v1\nkind: Deployment\nmetadata:\n name: backend\n namespace: backend\n labels:\n app: backend\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: backend\n strategy: {}\n template:\n metadata:\n labels:\n app: backend\n spec:\n containers:\n - name: backend\n image: #docker image\n ports:\n - containerPort: 8080\n resources: {}\n---\nkind: Service\napiVersion: v1\nmetadata:\n name: backend\n namespace: backend\nspec:\n selector:\n app: backend\n type: NodePort\n ports:\n - protocol: TCP\n port: 80\n targetPort: 8080<\/code><\/pre>\n$ kubectl apply -f eks-fargate-sample\/kubernetes\/<\/code><\/pre>\n$ kubectl describe ing -n backend backend<\/code><\/pre>\n$ curl http:\/\/e577236e-backend-backend-d465-578708176.ap-northeast-1.elb.amazonaws.com\n\nHello world<\/code><\/pre>\n\u30ea\u30bd\u30fc\u30b9\u306e\u524a\u9664<\/h2>\n
$ eksctl delete cluster --region=ap-northeast-1 --name fargate-tutorial-cluster\n$ kubectl delete -f namespace.yaml<\/code><\/pre>\nvpc<\/code>,\u30b5\u30d6\u30cd\u30c3\u30c8<\/code>,\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4<\/code>\u306e\u524a\u9664\u306b\u5931\u6557\u3059\u308b\u5834\u5408\u306f\u3001\u5225\u9014\u624b\u52d5\u3067\u524a\u9664\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n\u53c2\u8003<\/h2>\n
\nHow to run Serverless Kubernetes: AWS EKS on Fargate<\/a>
\nEKS on Fargate\u3067guestbook\u30a2\u30d7\u30ea\u3092\u30c7\u30d7\u30ed\u30a4\u3059\u308b<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"