AWS EKS(Elastic Kubernetes Service)는 AWS가 관리하는 완전 관리형 Kubernetes 서비스다. 컨트롤 플레인 운영을 AWS가 담당하며, Fargate·Managed Node Groups·Karpenter 등으로 워커 노드를 유연하게 관리한다.
클러스터 생성 (eksctl)
yaml
# cluster.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: production
region: ap-northeast-2
version: "1.29"
iam:
withOIDC: true # IRSA 활성화
managedNodeGroups:
- name: workers
instanceType: m6i.xlarge
minSize: 3
maxSize: 20
desiredCapacity: 5
privateNetworking: true
iam:
attachPolicyARNs:
- arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
- arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
fargateProfiles:
- name: batch-jobs
selectors:
- namespace: batch
labels:
workload: fargate
IRSA (IAM Roles for Service Accounts)
bash
# Service Account에 IAM 역할 연결
eksctl create iamserviceaccount --cluster=production --namespace=default --name=s3-reader --attach-policy-arn=arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess --approve
Karpenter (자동 스케일링)
yaml
apiVersion: karpenter.sh/v1alpha5
kind: Provisioner
metadata:
name: default
spec:
requirements:
- key: karpenter.sh/capacity-type
operator: In
values: ["spot", "on-demand"]
limits:
resources:
cpu: "1000"
ttlSecondsAfterEmpty: 30
관련 개념
