2024å¹´12月1日〠Amazon Elastic Kubernetes Service (Amazon EKS) ã® Auto Mode ãŒç™ºè¡¨ã•ã‚Œã¾ã—ãŸã€‚
ã“ã‚Œã¯ã€Kubernetes クラスターã®ã‚³ãƒ³ãƒ”ューティングã€ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã€ãŠã‚ˆã³ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚ングã®ç®¡ç†ã‚’完全ã«è‡ªå‹•åŒ–ã™ã‚‹æ–°æ©Ÿèƒ½ã§ã€ã„ãã¤ã‹ã®ç‰¹å¾´ãŒã‚ã‚Šã¾ã™ã€‚
今回ã¯ã€ãã®ä¸ã§ã€
* 効率性 * アプリケーションå¯ç”¨æ€§ * アップグレード
ã«ã¤ã„ã¦ã€å®Ÿéš›ã«å‹•ä½œã‚’確èªã—ã¦ã¿ã¾ã—ãŸã€‚
EKS Auto Mode ã®ç‰¹å¾´
Kubernetes クラスター管ç†ã®åˆç†åŒ–:
- EKS 自動モードã¯ã€é‹ç”¨ã‚ªãƒ¼ãƒãƒ¼ãƒ˜ãƒƒãƒ‰ã‚’最å°é™ã«æŠ‘ãˆãªãŒã‚‰æœ¬ç•ªç’°å¢ƒå¯¾å¿œã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚’æä¾›ã™ã‚‹ã“ã¨ã§ã€EKS 管ç†ã‚’åˆç†åŒ–ã—ã¾ã™ã€‚
- EKS 自動モードを使用ã™ã‚‹ã¨ã€EKS ã«é–¢ã™ã‚‹æ·±ã„専門知è˜ã‚’å¿…è¦ã¨ã›ãšã«ã€è¦æ±‚ã®åŽ³ã—ã„å‹•çš„ãªãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’自信をæŒã£ã¦å®Ÿè¡Œã§ãã¾ã™ã€‚
効率性:
- EKS 自動モードã¯ã€NodePool ã¨ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰è¦ä»¶ã«ã‚ˆã£ã¦å®šç¾©ã•ã‚ŒãŸæŸ”軟性をéµå®ˆã—ãªãŒã‚‰ã‚³ã‚¹ãƒˆã‚’計算ã™ã‚‹ã‚ˆã†ã«è¨è¨ˆã•ã‚Œã¦ã„ã¾ã™ã€‚
- ã¾ãŸã€æœªä½¿ç”¨ã®ã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ã‚’終了ã—ã€ãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’ä»–ã®ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ã«çµ±åˆã—ã¦ã€ã‚³ã‚¹ãƒˆåŠ¹çŽ‡ã‚’å‘上ã•ã›ã¾ã™ã€‚
アプリケーションã®å¯ç”¨æ€§:
- EKS 自動モードã§ã¯ã€Kubernetes アプリケーションã®éœ€è¦ã«åŸºã¥ã„㦠EKS クラスター内ã®ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ãŒå‹•çš„ã«è¿½åŠ ã¾ãŸã¯å‰Šé™¤ã•ã‚Œã¾ã™ã€‚
- ã“ã‚Œã«ã‚ˆã‚Šã€æ‰‹å‹•ã§ã®å®¹é‡è¨ˆç”»ã®å¿…è¦æ€§ãŒæœ€å°é™ã«æŠ‘ãˆã‚‰ã‚Œã€ã‚¢ãƒ—リケーションã®å¯ç”¨æ€§ãŒç¢ºä¿ã•ã‚Œã¾ã™ã€‚
ã‚»ã‚ュリティ:
- EKS 自動モードã§ã¯ã€ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ã«å¯¾ã—ã¦ä¸å¤‰ã¨ã—ã¦æ‰±ã‚れる AMI を使用ã—ã¾ã™ã€‚
- ã“れら㮠AMI ã¯ã€ãƒãƒƒã‚¯ãƒ€ã‚¦ãƒ³ã•ã‚ŒãŸã‚½ãƒ•ãƒˆã‚¦ã‚§ã‚¢ã‚’強制ã—ã€SELinux ã®å¼·åˆ¶ã‚¢ã‚¯ã‚»ã‚¹åˆ¶å¾¡ã‚’有効ã«ã—ã€èªã¿å–り専用ã®ãƒ«ãƒ¼ãƒˆãƒ•ã‚¡ã‚¤ãƒ«ã‚·ã‚¹ãƒ†ãƒ ã‚’æä¾›ã—ã¾ã™ã€‚
- ã•ã‚‰ã«ã€EKS 自動モードã§èµ·å‹•ã•ã‚ŒãŸãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ã®æœ€å¤§æœ‰åŠ¹æœŸé–“㯠21 日間 (çŸç¸®å¯èƒ½) ã§ã€ãã®å¾Œã¯è‡ªå‹•çš„ã«æ–°ã—ã„ワーカーノードã«ç½®ãæ›ãˆã‚‰ã‚Œã¾ã™ã€‚
- ã“ã®ã‚¢ãƒ—ãƒãƒ¼ãƒã¯ã€å¤šãã®ãŠå®¢æ§˜ãŒã™ã§ã«æŽ¡ç”¨ã—ã¦ã„るベストプラクティスã«æ²¿ã£ã¦ã€å®šæœŸçš„ã«ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ã‚’循環ã•ã›ã‚‹ã“ã¨ã§ã‚»ã‚ュリティ体制を強化ã—ã¾ã™ã€‚
自動アップグレード:
- EKS 自動モードã§ã¯ã€æ§‹æˆã•ã‚ŒãŸãƒãƒƒãƒ‰ä¸æ–予算 (PDB) ã¨ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ãƒ—ールä¸æ–予算 (NDB) ã‚’å°Šé‡ã—ãªãŒã‚‰ã€Kubernetes クラスターã€ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ã€ãŠã‚ˆã³é–¢é€£ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã‚’最新ã®ãƒ‘ッãƒã§æœ€æ–°ã®çŠ¶æ…‹ã«ä¿ã¡ã¾ã™ã€‚
- 最大 21 日間ã®æœ‰åŠ¹æœŸé–“ã§ã¯ã€PDB をブãƒãƒƒã‚¯ã—ãŸã‚Šã€ãã®ä»–ã®æ§‹æˆã«ã‚ˆã£ã¦æ›´æ–°ãŒå¦¨ã’られãŸã‚Šã™ã‚‹å ´åˆã¯ã€ä»‹å…¥ãŒå¿…è¦ã«ãªã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚
管ç†å¯¾è±¡ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆ:
- EKS 自動モードã«ã¯ã€Kubernetes 㨠AWS クラウド機能ãŒã‚³ã‚¢ã‚³ãƒ³ãƒãƒ¼ãƒãƒ³ãƒˆã¨ã—ã¦å«ã¾ã‚Œã¦ãŠã‚Šã€é€šå¸¸ã¯ã‚¢ãƒ‰ã‚ªãƒ³ã¨ã—ã¦ç®¡ç†ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
- ã“ã‚Œã«ã¯ã€ãƒãƒƒãƒ‰ IP アドレスã®å‰²ã‚Šå½“ã¦ã€ãƒãƒƒãƒ‰ ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ ãƒãƒªã‚·ãƒ¼ã€ãƒãƒ¼ã‚«ãƒ« DNS サービスã€GPU プラグインã€ãƒ˜ãƒ«ã‚¹ ãƒã‚§ãƒƒã‚«ãƒ¼ã€EBS CSI ストレージã®çµ„ã¿è¾¼ã¿ã‚µãƒãƒ¼ãƒˆãŒå«ã¾ã‚Œã¾ã™ã€‚
カスタマイズå¯èƒ½ãª NodePool 㨠NodeClass :
- ワークãƒãƒ¼ãƒ‰ã§ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ã€ã‚³ãƒ³ãƒ”ューティングã€ã¾ãŸã¯ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯æ§‹æˆã®å¤‰æ›´ãŒå¿…è¦ãªå ´åˆã¯ã€EKS 自動モードを使用ã—ã¦ã‚«ã‚¹ã‚¿ãƒ NodePool 㨠NodeClass を作æˆã§ãã¾ã™ã€‚
- デフォルト㮠NodePool 㨠NodeClass ã¯ç·¨é›†ã§ãã¾ã›ã‚“ãŒã€ç‰¹å®šã®è¦ä»¶ã‚’満ãŸã™ãŸã‚ã«ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®æ§‹æˆã¨ã¨ã‚‚ã«æ–°ã—ã„カスタムNodePool ã¾ãŸã¯ NodeClass ã‚’è¿½åŠ ã§ãã¾ã™ã€‚
動作確èªã®çµæžœ
効率性ã«ã¤ã„ã¦
- クラスタ作æˆç›´å¾Œã€æœ€åˆã®ã‚¢ãƒ—リ(Pod)起動時ã«ã¯ã˜ã‚ã¦ãƒ¯ãƒ¼ã‚«ãƒŽãƒ¼ãƒ‰ãŒç¢ºä¿ã•ã‚Œã¾ã™ã€‚
- ãã®å¾Œã€Podを削除ã—「未使用ã®ã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ãŒçµ‚了ã€ã™ã‚‹ã“ã¨ãŒç¢ºèªã§ãã¾ã—ãŸã€‚
アプリケーションå¯ç”¨æ€§ã«ã¤ã„ã¦
- ãƒãƒƒãƒ‰æ°´å¹³ã‚¹ã‚±ãƒ¼ãƒ«åž‹ã‚¢ãƒ—リã®è² è·å¢—ã«ä¼´ã„ã€å¿…è¦ã«å¿œã˜ã¦ãƒ¯ãƒ¼ã‚«ãƒŽãƒ¼ãƒ‰ãŒè¿½åŠ ã•ã‚Œã‚‹ã“ã¨ã‚’確èªã—ã¾ã—ãŸã€‚
- 上記ã®ã€ŒåŠ¹çŽ‡æ€§ã€ã¨åˆã‚ã›ã¦ã€ã‚¢ãƒ—リケーション需è¦ã«å¿œã˜ã¦ã€å¿…è¦ãªãƒªã‚½ãƒ¼ã‚¹ãŒç¢ºä¿ã•ã‚Œã‚‹ã“ã¨ã‚’確èªã§ãã¾ã—ãŸã€‚
アップグレードã«ã¤ã„ã¦
- コンソール画é¢ã‚ˆã‚Šã‚¢ãƒƒãƒ—デートをクリックã™ã‚‹ã“ã¨ã§ã€ãƒžã‚¹ã‚¿ãƒ¼ãƒŽãƒ¼ãƒ‰ã‹ã‚‰ãƒ¯ãƒ¼ã‚«ãƒŽãƒ¼ãƒ‰ã¾ã§è‡ªå‹•ã§ã‚¢ãƒƒãƒ—グレードã•ã‚Œã‚‹ã“ã¨ã‚’確èªã§ãã¾ã—ãŸã€‚
- ã“ã®æ™‚ã€PDBã§æŒ‡å®šã—ãŸã‚¢ãƒ—リã®å¯ç”¨æ€§ã‚’ç¶æŒã—ãŸçŠ¶æ…‹ã§ã€æ–°ãŸã«ã‚¢ãƒƒãƒ—グレード後ã®ãƒ¯ãƒ¼ã‚«ãƒŽãƒ¼ãƒ‰ã§PodãŒå†èµ·å‹•ã•ã‚Œã€å†èµ·å‹•ãŒå®Œäº†ã—ãŸå¾Œã€ã‚¢ãƒƒãƒ—グレードå‰ã®ãƒ¯ãƒ¼ã‚«ãƒŽãƒ¼ãƒ‰ãŒå‰Šé™¤ã•ã‚Œã‚‹ã“ã¨ãŒç¢ºèªã§ãã¾ã—ãŸã€‚
[è¿½åŠ ]Kubernetes クラスター管ç†ã®åˆç†åŒ–
- 以上よりã€ã‚¯ãƒ©ã‚¹ã‚¿ç®¡ç†ã®åˆç†åŒ–ã¨ã„ã†ç‚¹ã§é€²åŒ–を伺ã‚ã›ã‚‹çµæžœã¨ãªã‚Šã¾ã—ãŸã€‚
(å†æŽ²ï¼‰
- EKS 自動モードã¯ã€é‹ç”¨ã‚ªãƒ¼ãƒãƒ¼ãƒ˜ãƒƒãƒ‰ã‚’最å°é™ã«æŠ‘ãˆãªãŒã‚‰æœ¬ç•ªç’°å¢ƒå¯¾å¿œã®ã‚¯ãƒ©ã‚¹ã‚¿ãƒ¼ã‚’æä¾›ã™ã‚‹ã“ã¨ã§ã€EKS 管ç†ã‚’åˆç†åŒ–ã—ã¾ã™ã€‚
- EKS 自動モードを使用ã™ã‚‹ã¨ã€EKS ã«é–¢ã™ã‚‹æ·±ã„専門知è˜ã‚’å¿…è¦ã¨ã›ãšã«ã€è¦æ±‚ã®åŽ³ã—ã„å‹•çš„ãªãƒ¯ãƒ¼ã‚¯ãƒãƒ¼ãƒ‰ã‚’自信をæŒã£ã¦å®Ÿè¡Œã§ãã¾ã™ã€‚
動作確èªã®å†…容
クラスターã®ä½œæˆ
作æˆã«ã¯ãƒžãƒã‚¸ãƒ¡ãƒ³ãƒˆã‚³ãƒ³ã‚½ãƒ¼ãƒ«ã‚’利用ã—ã¾ã—ãŸã€‚è©³ç´°æ‰‹é †ã¯å‰²æ„›ã—ã¾ã™ã€‚詳細を知りãŸã„æ–¹ã¯å…¬å¼ãƒ‰ã‚ュメントをå‚照願ã„ã¾ã™ã€‚
作æˆã—ãŸã‚¯ãƒ©ã‚¹ã‚¿ã®ç’°å¢ƒã‚’構æˆã—ã¾ã™
[cloudshell-user@ip-10-134-24-146 ~]$ aws eks update-kubeconfig --name "${CLUSTER_NAME}"
Added new context arn:aws:eks:ap-northeast-1:account-id:cluster/interesting-funk-otter to /home/cloudshell-user/.kube/config
効率性ã®ç¢ºèª
- クラスター作æˆç›´å¾Œã®ãƒªã‚½ãƒ¼ã‚¹çŠ¶æ…‹ã‚’確èªã—ã¦ã¿ã¾ã™ã€‚
- 従æ¥ï¼ˆé€šå¸¸ï¼‰å‚ç…§ã§ã㟠kube-system ãƒãƒ¼ãƒ スペース内ã®ãƒªã‚½ãƒ¼ã‚¹ã‚„ワーカーノードã¯ç¢ºèªã§ãã¾ã›ã‚“。
[cloudshell-user@ip-10-134-24-146 ~]$ kubectl get po -A No resources found [cloudshell-user@ip-10-134-24-146 ~]$ kubectl get po -n kube-system No resources found in kube-system namespace.
[cloudshell-user@ip-10-134-24-146 ~]$ kubectl get node No resources found
- ã“ã®çŠ¶æ…‹ã§ã€NGINXã®Podを作æˆã—ã¦ã¿ã¾ã™ã€‚
[cloudshell-user@ip-10-132-90-84 ~]$ kubectl run nginx --image=nginx pod/nginx created [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get po NAME READY STATUS RESTARTS AGE nginx 0/1 Pending 0 10s [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get po NAME READY STATUS RESTARTS AGE nginx 0/1 Pending 0 14s [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get po NAME READY STATUS RESTARTS AGE nginx 0/1 Pending 0 17s [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get po NAME READY STATUS RESTARTS AGE nginx 0/1 Pending 0 20s [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 Ready <none> 5s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get po NAME READY STATUS RESTARTS AGE nginx 0/1 ContainerCreating 0 34s [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get po NAME READY STATUS RESTARTS AGE nginx 0/1 ContainerCreating 0 38s [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get po NAME READY STATUS RESTARTS AGE nginx 0/1 ContainerCreating 0 45s [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get po NAME READY STATUS RESTARTS AGE nginx 1/1 Running 0 52s
Pod起動直後ã€Podã¯Pending 状態ã§ã€ãã®å¾Œãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ãŒç¢ºä¿ã•ã‚ŒãŸæ®µéšŽã§ã€ContaineCreateting ã¨ãªã‚Šã€52秒後ã«ã¯ Running ã¨ãªã‚Šã¾ã™ã€‚
PodãŒèµ·å‹•ã•ã‚Œã¦ã€ã¯ã˜ã‚㦠i-11111111111111111 ワーカーノードãŒä½œæˆã•ã‚Œã¾ã—ãŸã€‚需è¦ã«å¿œã˜ã¦ãƒªã‚½ãƒ¼ã‚¹ãŒç¢ºä¿ã•ã‚Œã¦ã„ã¾ã™ã€‚
Podを削除ã™ã‚‹ã¨ã€ã—ã°ã‚‰ãã—ã¦ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ã‚‚削除ã•ã‚Œã¾ã™ã€‚
[cloudshell-user@ip-10-132-90-84 ~]$ kubectl delete po nginx pod "nginx" deleted [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get po No resources found in default namespace. [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 Ready <none> 8m v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 Ready <none> 8m4s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 Ready <none> 8m8s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 Ready <none> 8m11s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 Ready <none> 8m18s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 Ready <none> 8m30s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 Ready <none> 8m46s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 Ready <none> 8m59s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 NotReady <none> 9m10s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-11111111111111111 NotReady <none> 9m21s v1.31.1-eks-1b3e656 [cloudshell-user@ip-10-132-90-84 ~]$ kubectl get node No resources found
- 「未使用ã®ã‚¤ãƒ³ã‚¹ã‚¿ãƒ³ã‚¹ã‚’終了ã€ã™ã‚‹ã“ã¨ãŒç¢ºèªã§ãã¾ã—ãŸã€‚
- ãªã‚‹ã»ã©ã€éœ€è¦ã«åˆã‚ã›ã¦ãƒªã‚½ãƒ¼ã‚¹ã‚’確ä¿ã™ã‚‹ã“ã¨ã§ã‚³ã‚¹ãƒˆåŠ¹çŽ‡ã‚’å‘上ã•ã›ã¦ã„ã‚‹ã¨ã¯ã€ã“ã®ã“ã¨ã§ã—ょã†ã‹ã€‚
アプリケーションå¯ç”¨æ€§ã®ç¢ºèª
続ã„ã¦ã€Auto Scale ã®å‹•ä½œã‚’見ã¦ã„ãã¾ã™ã€‚
テスト用㫠php-apache デプãƒã‚¤ãƒ¡ãƒ³ãƒˆã¨åŒã˜åå‰ã®ã‚µãƒ¼ãƒ“スを作æˆã—ã¾ã™ã€‚
cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: php-apache
spec:
selector:
matchLabels:
run: php-apache
replicas: 1
template:
metadata:
labels:
run: php-apache
spec:
containers:
- name: php-apache
image: k8s.gcr.io/hpa-example
ports:
- containerPort: 80
resources:
limits:
cpu: 500m
requests:
cpu: 200m
---
apiVersion: v1
kind: Service
metadata:
name: php-apache
labels:
run: php-apache
spec:
ports:
- port: 80
selector:
run: php-apache
EOF
- php-apache デプãƒã‚¤ãƒ¡ãƒ³ãƒˆã«å¯¾ã—㦠Horizontal Pod Auto Scaler (HPA) を作æˆã—ã¾ã™ã€‚(CPU使用率50%を超ãˆã‚‹ã¨è‡ªå‹•ã§ã‚¹ã‚±ãƒ¼ãƒ«ï¼‰
[cloudshell-user@ip-10-134-24-146 sample]$ kubectl autoscale deployment php-apache --cpu-percent=50 --min=1 --max=10 horizontalpodautoscaler.autoscaling/php-apache autoscaled
- è² è·ç”Ÿæˆç”¨ã® load-generator デプãƒã‚¤ãƒ¡ãƒ³ãƒˆ を作æˆã—ã¾ã™ã€‚作æˆç›´å¾Œã‹ã‚‰è² è·ãƒ†ã‚¹ãƒˆãŒå®Ÿè¡Œã•ã‚Œã¾ã™ã€‚åˆæœŸã®ãƒ¬ãƒ—リカ数ã¯ï¼•ï¼Ž
cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: load-generator
spec:
replicas: 5
selector:
matchLabels:
app: load-generator
template:
metadata:
labels:
app: load-generator
spec:
containers:
- name: load-generator
image: alpine
command: ["/bin/sh", "-c"]
args:
- "apk add --no-cache curl && while true; do curl -s http://php-apache > /dev/null; done"
EOF
- ã‚ˆã‚Šè² è·ã‚’上ã’ã‚‹ãŸã‚ã« load-generator ã®ãƒ¬ãƒ—リカ数を5ï¼ã«æ‹¡å¤§ã—ã¦å®Ÿè¡Œã—ã¾ã™ã€‚
[cloudshell-user@ip-10-134-24-146 ~]$ kubectl scale deploy load-generator --replicas=50 deployment.apps/load-generator scaled
- ワーカーノードã®çŠ¶æ…‹ã‚’確èªã—ã¾ã™ã€‚
[cloudshell-user@ip-10-134-24-146 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-22222222222222222 Ready <none> 10m v1.30.5-eks-baa6d11 [cloudshell-user@ip-10-134-24-146 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-22222222222222222 Ready <none> 10m v1.30.5-eks-baa6d11 [cloudshell-user@ip-10-134-24-146 ~]$ kubectl get node NAME STATUS ROLES AGE VERSION i-33333333333333333 Ready <none> 30s v1.30.5-eks-baa6d11 i-22222222222222222 Ready <none> 11m v1.30.5-eks-baa6d11
- テスト開始直後ã¯ã€i-22222222222222222 ワーカーノード1å°ã§ã—ãŸãŒã€ãƒ¬ãƒ—リカ数ã®æ‹¡å¤§ã§è² è·ãŒå¢—åŠ ã—ï¼’å°ç›®ã®ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ i-33333333333333333 ãŒä½œæˆã•ã‚Œã¾ã—ãŸã€‚
- アプリケーションã®éœ€è¦ã«åŸºã¥ã„㦠EKS クラスター内ã®ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ãŒå‹•çš„ã«è¿½åŠ ã•ã‚Œã‚‹ã“ã¨ã‚’確èªã§ãã¾ã—ãŸã€‚
- ã“れもã€éœ€è¦ã«åˆã‚ã›ã¦ãƒªã‚½ãƒ¼ã‚¹ã‚’確ä¿ã™ã‚‹ã“ã¨ã§ã‚³ã‚¹ãƒˆåŠ¹çŽ‡ã‚’å‘上ã•ã›ã¦ã„ã‚‹ãƒã‚¤ãƒ³ãƒˆã§ã™ã。
アップグレードã®å‹•ä½œç¢ºèª
最後ã«ã‚¢ãƒƒãƒ—グレードã®å‹•ä½œã‚’確èªã—ã¾ã™ã€‚
アップグレードインサイトを確èªã—ã¾ã™ã€‚
アップグレードインサイト 1件å˜åœ¨ã™ã‚‹ã‚ˆã†ã§ã™ã€‚
インサイトステータス:åˆæ ¼
[cloudshell-user@ip-10-134-1-45 ~]$ aws eks list-insights --region ap-northeast-1 --cluster-name $CLUSTER
{
"insights": [
{
"id": "e93f18ce-bb38-43c5-8128-1fb4d9eff704",
"name": "Deprecated APIs removed in Kubernetes v1.32",
"category": "UPGRADE_READINESS",
"kubernetesVersion": "1.32",
"lastRefreshTime": "2024-12-11T07:54:58+00:00",
"lastTransitionTime": "2024-12-11T07:54:57+00:00",
"description": "Checks for usage of deprecated APIs that are scheduled for removal in Kubernetes v1.32. Upgrading your cluster before migrating to the updated APIs supported by v1.32 could cause application impact.",
"insightStatus": {
"status": "PASSING",
"reason": "No deprecated API usage detected within the last 30 days."
}
}
]
}
[cloudshell-user@ip-10-134-1-45 ~]$ aws eks describe-insight --region ap-northeast-1 --id e93f18ce-bb38-43c5-8128-1fb4d9eff704 --cluster-name $CLUSTER
{
"insight": {
"id": "e93f18ce-bb38-43c5-8128-1fb4d9eff704",
"name": "Deprecated APIs removed in Kubernetes v1.32",
"category": "UPGRADE_READINESS",
"kubernetesVersion": "1.32",
"lastRefreshTime": "2024-12-11T07:54:58+00:00",
"lastTransitionTime": "2024-12-11T07:54:57+00:00",
"description": "Checks for usage of deprecated APIs that are scheduled for removal in Kubernetes v1.32. Upgrading your cluster before migrating to the updated APIs supported by v1.32 could cause application impact.",
"insightStatus": {
"status": "PASSING",
"reason": "No deprecated API usage detected within the last 30 days."
},
"recommendation": "Update manifests and API clients to use newer Kubernetes APIs if applicable before upgrading to Kubernetes v1.32.",
"additionalInfo": {
"EKS update cluster documentation": "https://docs.aws.amazon.com/eks/latest/userguide/update-cluster.html",
"Kubernetes v1.32 deprecation guide": "https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-32"
},
"resources": [],
"categorySpecificSummary": {
"deprecationDetails": [
{
"usage": "/apis/flowcontrol.apiserver.k8s.io/v1beta3/flowschemas",
"replacedWith": "/apis/flowcontrol.apiserver.k8s.io/v1/flowschemas",
"stopServingVersion": "1.32",
"startServingReplacementVersion": "1.29",
"clientStats": []
},
{
"usage": "/apis/flowcontrol.apiserver.k8s.io/v1beta3/prioritylevelconfigurations",
"replacedWith": "/apis/flowcontrol.apiserver.k8s.io/v1/prioritylevelconfigurations",
"stopServingVersion": "1.32",
"startServingReplacementVersion": "1.29",
"clientStats": []
}
]
}
}
}
ステータスãŒã€Œåˆæ ¼ ( Passing ) ã€ã¨ãªã£ã¦ã„ã‚‹ã®ã§ã€ãã®ã¾ã¾é€²ã‚ã¾ã™ã€‚
IPアドレスã®ç©ºãを確èªã—ã¾ã™ã€‚
[cloudshell-user@ip-10-134-1-45 ~]$ aws ec2 describe-subnets --subnet-ids \
> $(aws eks describe-cluster --name ${CLUSTER} \
> --query 'cluster.resourcesVpcConfig.subnetIds' \
> --output text) \
> --query 'Subnets[*].[SubnetId,AvailabilityZone,AvailableIpAddressCount]' \
> --output table
---------------------------------------------------------
| DescribeSubnets |
+---------------------------+-------------------+-------+
| subnet-xxxxxxxxxxxxxxxxx | ap-northeast-1c | 4090 |
| subnet-yyyyyyyyyyyyyyyyy | ap-northeast-1a | 4090 |
+---------------------------+-------------------+-------+
- å分ã«ç©ºãIPアドレスã¯ã‚るよã†ãªã®ã§ IAM ROle 㨠Add-on を確èªã—ã¾ã™ã€‚
[cloudshell-user@ip-10-134-1-45 ~]$ aws iam get-role --role-name ${ROLE_ARN##*/} \
> --query 'Role.AssumeRolePolicyDocument'
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "eks.amazonaws.com"
},
"Action": [
"sts:AssumeRole",
"sts:TagSession"
]
}
]
}
[cloudshell-user@ip-10-134-1-45 ~]$ aws eks list-addons --cluster-name $CLUSTER
{
"addons": []
}
アップデートã«ã‚ˆã‚‹ã‚¢ãƒ—リã¸ã®å½±éŸ¿ã‚’確èªã™ã‚‹ãŸã‚ã€ãƒ†ã‚¹ãƒˆç”¨ã® myapp ã§ãƒ‡ãƒ—ãƒã‚¤ãƒ¡ãƒ³ãƒˆã‚’作æˆã—ã¾ã™ã€‚
myapp ã«ã¯ PDB(PodDisruptionBudget) を定義ã—最低ã§ã‚‚ã«80%ã®å¯ç”¨æ€§ã‚’確ä¿ã—ã¾ã™ã€‚
å¯ç”¨æ€§ã‚’確èªã™ã‚‹ãŸã‚ã«ã€myapp ã¯ãƒ¬ãƒ—リカ数を1ï¼ã¨ã—ã¾ã™ã€‚
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: myapp
spec:
minAvailable: "80%"
selector:
matchLabels:
app: myapp
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp
spec:
replicas: 10
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- image: public.ecr.aws/eks-distro/kubernetes/pause:3.2
name: myapp
resources:
requests:
cpu: "1"
memory: 256M
topologySpreadConstraints:
- labelSelector:
matchLabels:
app: host-zone-spread
maxSkew: 2
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
- labelSelector:
matchLabels:
app: host-zone-spread
maxSkew: 2
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: DoNotSchedule
- 上記をデプãƒã‚¤ã—ã€Pod ãŒRuning状態ã«ãªã‚‹ã®ã‚’å¾…ã¡ã¾ã™ã€‚
[cloudshell-user@ip-10-132-66-135 sample]$ kubectl apply -f pdb.yaml poddisruptionbudget.policy/myapp created [cloudshell-user@ip-10-132-66-135 sample]$ kubectl apply -f myapp.yaml deployment.apps/myapp created [cloudshell-user@ip-10-132-66-135 sample]$ kubectl get node No resources found [cloudshell-user@ip-10-132-66-135 sample]$ kubectl get node No resources found [cloudshell-user@ip-10-132-66-135 sample]$ kubectl get pod NAME READY STATUS RESTARTS AGE myapp-5865fb57f-7rsqm 0/1 Pending 0 22s myapp-5865fb57f-9d6k6 0/1 Pending 0 22s myapp-5865fb57f-9g2js 0/1 Pending 0 22s myapp-5865fb57f-bdsvj 0/1 Pending 0 22s myapp-5865fb57f-h9rj9 0/1 Pending 0 22s myapp-5865fb57f-hp9g5 0/1 Pending 0 22s myapp-5865fb57f-r8dzc 0/1 Pending 0 22s myapp-5865fb57f-rp7kx 0/1 Pending 0 22s myapp-5865fb57f-sjwrm 0/1 Pending 0 22s myapp-5865fb57f-x2sdq 0/1 Pending 0 22s [cloudshell-user@ip-10-132-66-135 sample]$ kubectl get node No resources found [cloudshell-user@ip-10-132-66-135 sample]$ kubectl get node NAME STATUS ROLES AGE VERSION i-44444444444444444 Ready <none> 8s v1.30.5-eks-baa6d11 [cloudshell-user@ip-10-132-66-135 sample]$ kubectl get pod NAME READY STATUS RESTARTS AGE myapp-5865fb57f-7rsqm 0/1 ContainerCreating 0 38s myapp-5865fb57f-9d6k6 0/1 ContainerCreating 0 38s myapp-5865fb57f-9g2js 0/1 ContainerCreating 0 38s myapp-5865fb57f-bdsvj 0/1 ContainerCreating 0 38s myapp-5865fb57f-h9rj9 0/1 ContainerCreating 0 38s myapp-5865fb57f-hp9g5 0/1 ContainerCreating 0 38s myapp-5865fb57f-r8dzc 0/1 ContainerCreating 0 38s myapp-5865fb57f-rp7kx 0/1 ContainerCreating 0 38s myapp-5865fb57f-sjwrm 0/1 ContainerCreating 0 38s myapp-5865fb57f-x2sdq 0/1 ContainerCreating 0 38s [cloudshell-user@ip-10-132-66-135 sample]$ kubectl get node NAME STATUS ROLES AGE VERSION i-44444444444444444 Ready <none> 19s v1.30.5-eks-baa6d11 [cloudshell-user@ip-10-132-66-135 sample]$ kubectl get pod NAME READY STATUS RESTARTS AGE myapp-5865fb57f-7rsqm 1/1 Running 0 50s myapp-5865fb57f-9d6k6 1/1 Running 0 50s myapp-5865fb57f-9g2js 1/1 Running 0 50s myapp-5865fb57f-bdsvj 1/1 Running 0 50s myapp-5865fb57f-h9rj9 1/1 Running 0 50s myapp-5865fb57f-hp9g5 0/1 ContainerCreating 0 50s myapp-5865fb57f-r8dzc 1/1 Running 0 50s myapp-5865fb57f-rp7kx 0/1 ContainerCreating 0 50s myapp-5865fb57f-sjwrm 1/1 Running 0 50s myapp-5865fb57f-x2sdq 1/1 Running 0 50s
- ワーカーノードã®è©³ç´°ã‚’確èªã—ã¾ã™ã€‚
[cloudshell-user@ip-10-132-66-135 sample]$ kubectl describe node i-44444444444444444
Name: i-44444444444444444
Roles: <none>
Labels: app.kubernetes.io/managed-by=eks
beta.kubernetes.io/arch=amd64
beta.kubernetes.io/instance-type=c5a.4xlarge
beta.kubernetes.io/os=linux
eks.amazonaws.com/compute-type=auto
eks.amazonaws.com/instance-category=c
eks.amazonaws.com/instance-cpu=16
eks.amazonaws.com/instance-cpu-manufacturer=amd
eks.amazonaws.com/instance-cpu-sustained-clock-speed-mhz=3300
eks.amazonaws.com/instance-ebs-bandwidth=3170
eks.amazonaws.com/instance-encryption-in-transit-supported=true
eks.amazonaws.com/instance-family=c5a
eks.amazonaws.com/instance-generation=5
eks.amazonaws.com/instance-hypervisor=nitro
eks.amazonaws.com/instance-memory=32768
eks.amazonaws.com/instance-network-bandwidth=5000
eks.amazonaws.com/instance-size=4xlarge
eks.amazonaws.com/nodeclass=default
failure-domain.beta.kubernetes.io/region=ap-northeast-1
failure-domain.beta.kubernetes.io/zone=ap-northeast-1a
k8s.io/cloud-provider-aws=8929092e801005c613d919fa59bb4a6a
karpenter.sh/capacity-type=on-demand
karpenter.sh/initialized=true
karpenter.sh/nodepool=general-purpose
karpenter.sh/registered=true
kubernetes.io/arch=amd64
kubernetes.io/hostname=i-44444444444444444
kubernetes.io/os=linux
node.kubernetes.io/instance-type=c5a.4xlarge
topology.ebs.csi.eks.amazonaws.com/zone=ap-northeast-1a
topology.k8s.aws/zone-id=apne1-az4
topology.kubernetes.io/region=ap-northeast-1
topology.kubernetes.io/zone=ap-northeast-1a
Annotations: alpha.kubernetes.io/provided-node-ip: 10.0.142.77
csi.volume.kubernetes.io/nodeid: {"ebs.csi.eks.amazonaws.com":"i-44444444444444444 "}
eks.amazonaws.com/nodeclass-hash: 3809868827326149578
eks.amazonaws.com/nodeclass-hash-version: v1
karpenter.sh/nodepool-hash: 4012513481623584108
karpenter.sh/nodepool-hash-version: v3
node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Thu, 12 Dec 2024 06:51:22 +0000
Taints: <none>
Unschedulable: false
Lease:
HolderIdentity: i-44444444444444444
AcquireTime: <unset>
RenewTime: Thu, 12 Dec 2024 07:01:02 +0000
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Thu, 12 Dec 2024 06:56:57 +0000 Thu, 12 Dec 2024 06:51:21 +0000 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Thu, 12 Dec 2024 06:56:57 +0000 Thu, 12 Dec 2024 06:51:21 +0000 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Thu, 12 Dec 2024 06:56:57 +0000 Thu, 12 Dec 2024 06:51:21 +0000 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Thu, 12 Dec 2024 06:56:57 +0000 Thu, 12 Dec 2024 06:51:21 +0000 KubeletReady kubelet is posting ready status
ContainerRuntimeReady True Thu, 12 Dec 2024 06:56:27 +0000 Thu, 12 Dec 2024 06:51:27 +0000 ContainerRuntimeIsReady Monitoring for the ContainerRuntime system is active
StorageReady True Thu, 12 Dec 2024 06:56:27 +0000 Thu, 12 Dec 2024 06:51:27 +0000 DiskIsReady Monitoring for the Disk system is active
NetworkingReady True Thu, 12 Dec 2024 06:56:27 +0000 Thu, 12 Dec 2024 06:51:27 +0000 NetworkingIsReady Monitoring for the Networking system is active
KernelReady True Thu, 12 Dec 2024 06:56:27 +0000 Thu, 12 Dec 2024 06:51:27 +0000 KernelIsReady Monitoring for the Kernel system is active
Addresses:
InternalIP: 10.0.142.77
InternalDNS: ip-10-0-142-77.ap-northeast-1.compute.internal
Hostname: ip-10-0-142-77.ap-northeast-1.compute.internal
Capacity:
cpu: 16
ephemeral-storage: 83781432Ki
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 32455708Ki
pods: 110
Allocatable:
cpu: 15890m
ephemeral-storage: 76139225780
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 30853148Ki
pods: 110
System Info:
Machine ID: ec2b1408e63c0d220f96abacf8631237
System UUID: ec2b1408-e63c-0d22-0f96-abacf8631237
Boot ID: 6c78faf7-2a3d-44f7-b54b-4f0ba5fa7d47
Kernel Version: 6.1.115
OS Image: Bottlerocket (EKS Auto) 2024.12.8 (aws-k8s-1.30)
Operating System: linux
Architecture: amd64
Container Runtime Version: containerd://1.7.22+bottlerocket
Kubelet Version: v1.30.5-eks-baa6d11
Kube-Proxy Version: v1.30.5-eks-baa6d11
ProviderID: aws:///ap-northeast-1a/i-44444444444444444
Non-terminated Pods: (10 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits Age
--------- ---- ------------ ---------- --------------- ------------- ---
default myapp-5865fb57f-7rsqm 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
default myapp-5865fb57f-9d6k6 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
default myapp-5865fb57f-9g2js 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
default myapp-5865fb57f-bdsvj 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
default myapp-5865fb57f-h9rj9 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
default myapp-5865fb57f-hp9g5 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
default myapp-5865fb57f-r8dzc 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
default myapp-5865fb57f-rp7kx 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
default myapp-5865fb57f-sjwrm 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
default myapp-5865fb57f-x2sdq 1 (6%) 0 (0%) 256M (0%) 0 (0%) 10m
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 10 (62%) 0 (0%)
memory 2560M (8%) 0 (0%)
ephemeral-storage 0 (0%) 0 (0%)
hugepages-1Gi 0 (0%) 0 (0%)
hugepages-2Mi 0 (0%) 0 (0%)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Starting 9m46s kube-proxy
Normal NodeHasSufficientPID 9m48s (x2 over 9m48s) kubelet Node i-44444444444444444 status is now: NodeHasSufficientPID
Normal Starting 9m48s kubelet Starting kubelet.
Warning InvalidDiskCapacity 9m48s kubelet invalid capacity 0 on image filesystem
Normal NodeHasSufficientMemory 9m48s (x2 over 9m48s) kubelet Node i-44444444444444444 status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 9m48s (x2 over 9m48s) kubelet Node i-44444444444444444 status is now: NodeHasNoDiskPressure
Normal NodeAllocatableEnforced 9m48s kubelet Updated Node Allocatable limit across pods
Normal NodeReady 9m48s kubelet Node i-44444444444444444 status is now: NodeReady
Normal Ready 9m47s karpenter Status condition transitioned, Type: Ready, Status: False -> True, Reason: KubeletReady, Message: kubelet is posting ready status
Normal RegisteredNode 9m46s node-controller Node i-44444444444444444 event: Registered Node i-44444444444444444 in Controller
Normal Synced 9m46s cloud-node-controller Node synced successfully
Normal DisruptionBlocked 9m43s karpenter Cannot disrupt Node: state node is nominated for a pending pod
Normal Unconsolidatable 9m3s karpenter Can't replace with a cheaper node
ã§ã¯ã€ã„よã„よã€ã‚³ãƒ³ã‚½ãƒ¼ãƒ«ç”»é¢ã‚ˆã‚Šã‚¢ãƒƒãƒ—グレードを実行ã—ã¾ã™ã€‚
Kubernetesãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’1.30ã‹ã‚‰1.31ã¸ã‚¢ãƒƒãƒ—グレードã—ã¾ã™ã€‚
マスターノードã®ã‚¢ãƒƒãƒ—グレードãŒå®Œäº†ã—ã ã„ã€ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ã®ã‚¢ãƒƒãƒ—グレードãŒå§‹ã¾ã‚Šã¾ã™ã€‚
- アップグレードã®æ§˜åをワーカーノードã®å´é¢ã‹ã‚‰è¦‹ã¦ã„ãã¾ã™ã€‚
[cloudshell-user@ip-10-132-78-22 ~]$ kubectl get nodes --watch NAME STATUS ROLES AGE VERSION i-44444444444444444 Ready <none> 96m v1.30.5-eks-baa6d11 i-55555555555555555 NotReady <none> 0s v1.31.1-eks-1b3e656 i-55555555555555555 NotReady <none> 0s v1.31.1-eks-1b3e656 i-55555555555555555 NotReady <none> 0s v1.31.1-eks-1b3e656 i-55555555555555555 Ready <none> 0s v1.31.1-eks-1b3e656 i-55555555555555555 Ready <none> 0s v1.31.1-eks-1b3e656 i-55555555555555555 Ready <none> 0s v1.31.1-eks-1b3e656 i-55555555555555555 Ready <none> 0s v1.31.1-eks-1b3e656 i-55555555555555555 Ready <none> 0s v1.31.1-eks-1b3e656 i-55555555555555555 Ready <none> 1s v1.31.1-eks-1b3e656 i-55555555555555555 Ready <none> 1s v1.31.1-eks-1b3e656 i-55555555555555555 Ready <none> 4s v1.31.1-eks-1b3e656 i-44444444444444444 Ready <none> 96m v1.30.5-eks-baa6d11 i-44444444444444444 Ready <none> 96m v1.30.5-eks-baa6d11
- 最åˆã«ä½œæˆã•ã‚ŒãŸ i-44444444444444444 ã«åŠ ãˆã€ï¼’å°ç›®ã®ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ i-55555555555555555 ãŒä½œæˆã•ã‚Œã€æœ€å¾Œã¯ i-55555555555555555 ãŒæ®‹ã‚Šã¾ã™ã€‚
[cloudshell-user@ip-10-132-78-22 ~]$ kubectl get nodes --watch NAME STATUS ROLES AGE VERSION i-55555555555555555 Ready <none> 9m40s v1.31.1-eks-1b3e656
- åŒæ§˜ã«ã‚¢ãƒƒãƒ—グレードã®æ§˜åã‚’Podã®å´é¢ã‹ã‚‰è¦‹ã¦ã„ãã¾ã™ã€‚
[cloudshell-user@ip-10-132-78-22 ~]$ kubectl get pod --watch NAME READY STATUS RESTARTS AGE myapp-5865fb57f-7jfln 1/1 Running 0 11s myapp-5865fb57f-7rsqm 1/1 Running 0 97m myapp-5865fb57f-9g2js 1/1 Running 0 97m myapp-5865fb57f-btt2j 1/1 Running 0 30s myapp-5865fb57f-d92s5 1/1 Running 0 1s myapp-5865fb57f-gt4l7 1/1 Running 0 13s myapp-5865fb57f-pnn8l 1/1 Running 0 12s myapp-5865fb57f-pvd6r 1/1 Running 0 29s myapp-5865fb57f-vpwzq 1/1 Running 0 1s myapp-5865fb57f-x2sdq 1/1 Running 0 97m myapp-5865fb57f-x2sdq 1/1 Running 0 97m myapp-5865fb57f-x2sdq 1/1 Terminating 0 97m myapp-5865fb57f-x2sdq 1/1 Terminating 0 97m myapp-5865fb57f-s68bm 0/1 Pending 0 0s myapp-5865fb57f-s68bm 0/1 Pending 0 0s myapp-5865fb57f-s68bm 0/1 ContainerCreating 0 0s myapp-5865fb57f-9g2js 1/1 Running 0 97m myapp-5865fb57f-9g2js 1/1 Terminating 0 97m myapp-5865fb57f-9g2js 1/1 Terminating 0 97m myapp-5865fb57f-ljmnx 0/1 Pending 0 0s myapp-5865fb57f-ljmnx 0/1 Pending 0 0s myapp-5865fb57f-x2sdq 0/1 Completed 0 97m myapp-5865fb57f-9g2js 0/1 Completed 0 97m myapp-5865fb57f-ljmnx 0/1 ContainerCreating 0 1s myapp-5865fb57f-s68bm 1/1 Running 0 1s myapp-5865fb57f-x2sdq 0/1 Completed 0 97m myapp-5865fb57f-x2sdq 0/1 Completed 0 97m myapp-5865fb57f-9g2js 0/1 Completed 0 97m myapp-5865fb57f-9g2js 0/1 Completed 0 97m myapp-5865fb57f-ljmnx 1/1 Running 0 2s myapp-5865fb57f-7rsqm 1/1 Running 0 97m myapp-5865fb57f-7rsqm 1/1 Terminating 0 97m myapp-5865fb57f-2rg5j 0/1 Pending 0 0s myapp-5865fb57f-7rsqm 1/1 Terminating 0 97m myapp-5865fb57f-2rg5j 0/1 Pending 0 0s myapp-5865fb57f-2rg5j 0/1 ContainerCreating 0 0s myapp-5865fb57f-7rsqm 0/1 Completed 0 97m myapp-5865fb57f-7rsqm 0/1 Completed 0 97m myapp-5865fb57f-7rsqm 0/1 Completed 0 97m myapp-5865fb57f-2rg5j 1/1 Running 0 1s
- 上記ã®å±¥æ´ã‚’æ•´ç†ã™ã‚‹ã¨ã€ä»¥ä¸‹ã®èµ·å‹•ã—ã¦é–“ã‚‚ãªã„1ï¼å€‹ã®ãƒ¬ãƒ—リカãŒèµ·å‹•ã•ã‚Œã€å¯ç”¨æ€§ãŒç¢ºä¿ã•ã‚Œã¦ã„ã¾ã™ã€‚
myapp-5865fb57f-7jfln 1/1 Running 0 11s myapp-5865fb57f-btt2j 1/1 Running 0 30s myapp-5865fb57f-d92s5 1/1 Running 0 1s myapp-5865fb57f-gt4l7 1/1 Running 0 13s myapp-5865fb57f-pnn8l 1/1 Running 0 12s myapp-5865fb57f-pvd6r 1/1 Running 0 29s myapp-5865fb57f-vpwzq 1/1 Running 0 1s myapp-5865fb57f-s68bm 1/1 Running 0 1s myapp-5865fb57f-ljmnx 1/1 Running 0 2s myapp-5865fb57f-2rg5j 1/1 Running 0 1s
ã“れらã®æ–°ãŸã«ç”Ÿæˆã•ã‚ŒãŸPodã¯ï¼’å°ç›®ã®ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ã§å®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹ã“ã¨ãŒã‚ã‹ã‚Šã¾ã™ã€‚
Kubernetesãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚‚ 1.31 ã«ãªã£ã¦ã„ã¾ã™ã€‚
[cloudshell-user@ip-10-132-78-22 ~]$ kubectl describe node i-55555555555555555
Name: i-55555555555555555
Roles: <none>
Labels: app.kubernetes.io/managed-by=eks
beta.kubernetes.io/arch=amd64
beta.kubernetes.io/instance-type=c5a.4xlarge
beta.kubernetes.io/os=linux
eks.amazonaws.com/compute-type=auto
eks.amazonaws.com/instance-category=c
eks.amazonaws.com/instance-cpu=16
eks.amazonaws.com/instance-cpu-manufacturer=amd
eks.amazonaws.com/instance-cpu-sustained-clock-speed-mhz=3300
eks.amazonaws.com/instance-ebs-bandwidth=3170
eks.amazonaws.com/instance-encryption-in-transit-supported=true
eks.amazonaws.com/instance-family=c5a
eks.amazonaws.com/instance-generation=5
eks.amazonaws.com/instance-hypervisor=nitro
eks.amazonaws.com/instance-memory=32768
eks.amazonaws.com/instance-network-bandwidth=5000
eks.amazonaws.com/instance-size=4xlarge
eks.amazonaws.com/nodeclass=default
failure-domain.beta.kubernetes.io/region=ap-northeast-1
failure-domain.beta.kubernetes.io/zone=ap-northeast-1a
k8s.io/cloud-provider-aws=8929092e801005c613d919fa59bb4a6a
karpenter.sh/capacity-type=on-demand
karpenter.sh/initialized=true
karpenter.sh/nodepool=general-purpose
karpenter.sh/registered=true
kubernetes.io/arch=amd64
kubernetes.io/hostname=i-55555555555555555
kubernetes.io/os=linux
node.kubernetes.io/instance-type=c5a.4xlarge
topology.ebs.csi.eks.amazonaws.com/zone=ap-northeast-1a
topology.k8s.aws/zone-id=apne1-az4
topology.kubernetes.io/region=ap-northeast-1
topology.kubernetes.io/zone=ap-northeast-1a
Annotations: alpha.kubernetes.io/provided-node-ip: 10.0.140.203
csi.volume.kubernetes.io/nodeid: {"ebs.csi.eks.amazonaws.com":"i-55555555555555555 "}
eks.amazonaws.com/nodeclass-hash: 3809868827326149578
eks.amazonaws.com/nodeclass-hash-version: v1
karpenter.sh/nodepool-hash: 4012513481623584108
karpenter.sh/nodepool-hash-version: v3
node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Thu, 12 Dec 2024 08:27:34 +0000
Taints: <none>
Unschedulable: false
Lease:
HolderIdentity: i-55555555555555555
AcquireTime: <unset>
RenewTime: Thu, 12 Dec 2024 08:44:03 +0000
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Thu, 12 Dec 2024 08:43:23 +0000 Thu, 12 Dec 2024 08:27:32 +0000 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Thu, 12 Dec 2024 08:43:23 +0000 Thu, 12 Dec 2024 08:27:32 +0000 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Thu, 12 Dec 2024 08:43:23 +0000 Thu, 12 Dec 2024 08:27:32 +0000 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Thu, 12 Dec 2024 08:43:23 +0000 Thu, 12 Dec 2024 08:27:33 +0000 KubeletReady kubelet is posting ready status
NetworkingReady True Thu, 12 Dec 2024 08:42:38 +0000 Thu, 12 Dec 2024 08:27:38 +0000 NetworkingIsReady Monitoring for the Networking system is active
KernelReady True Thu, 12 Dec 2024 08:42:38 +0000 Thu, 12 Dec 2024 08:27:38 +0000 KernelIsReady Monitoring for the Kernel system is active
ContainerRuntimeReady True Thu, 12 Dec 2024 08:42:38 +0000 Thu, 12 Dec 2024 08:27:38 +0000 ContainerRuntimeIsReady Monitoring for the ContainerRuntime system is active
StorageReady True Thu, 12 Dec 2024 08:42:38 +0000 Thu, 12 Dec 2024 08:27:38 +0000 DiskIsReady Monitoring for the Disk system is active
Addresses:
InternalIP: 10.0.140.203
InternalDNS: ip-10-0-140-203.ap-northeast-1.compute.internal
Hostname: ip-10-0-140-203.ap-northeast-1.compute.internal
Capacity:
cpu: 16
ephemeral-storage: 83781432Ki
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 32455708Ki
pods: 110
Allocatable:
cpu: 15890m
ephemeral-storage: 76139225780
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 30853148Ki
pods: 110
System Info:
Machine ID: ec24ab668e09345f5f4b1c62388eff05
System UUID: ec24ab66-8e09-345f-5f4b-1c62388eff05
Boot ID: 97d92ddb-bd09-4938-802f-0eb5f57a3042
Kernel Version: 6.1.115
OS Image: Bottlerocket (EKS Auto) 2024.12.8 (aws-k8s-1.31)
Operating System: linux
Architecture: amd64
Container Runtime Version: containerd://1.7.22+bottlerocket
Kubelet Version: v1.31.1-eks-1b3e656
Kube-Proxy Version: v1.31.1-eks-1b3e656
ProviderID: aws:///ap-northeast-1a/i-55555555555555555
Non-terminated Pods: (10 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits Age
--------- ---- ------------ ---------- --------------- ------------- ---
default myapp-5865fb57f-2rg5j 1 (6%) 0 (0%) 256M (0%) 0 (0%) 15m
default myapp-5865fb57f-7jfln 1 (6%) 0 (0%) 256M (0%) 0 (0%) 16m
default myapp-5865fb57f-btt2j 1 (6%) 0 (0%) 256M (0%) 0 (0%) 16m
default myapp-5865fb57f-d92s5 1 (6%) 0 (0%) 256M (0%) 0 (0%) 15m
default myapp-5865fb57f-gt4l7 1 (6%) 0 (0%) 256M (0%) 0 (0%) 16m
default myapp-5865fb57f-ljmnx 1 (6%) 0 (0%) 256M (0%) 0 (0%) 15m
default myapp-5865fb57f-pnn8l 1 (6%) 0 (0%) 256M (0%) 0 (0%) 16m
default myapp-5865fb57f-pvd6r 1 (6%) 0 (0%) 256M (0%) 0 (0%) 16m
default myapp-5865fb57f-s68bm 1 (6%) 0 (0%) 256M (0%) 0 (0%) 15m
default myapp-5865fb57f-vpwzq 1 (6%) 0 (0%) 256M (0%) 0 (0%) 15m
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 10 (62%) 0 (0%)
memory 2560M (8%) 0 (0%)
ephemeral-storage 0 (0%) 0 (0%)
hugepages-1Gi 0 (0%) 0 (0%)
hugepages-2Mi 0 (0%) 0 (0%)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Starting 16m kube-proxy
Normal NodeHasSufficientPID 16m (x2 over 16m) kubelet Node i-55555555555555555 status is now: NodeHasSufficientPID
Normal Starting 16m kubelet Starting kubelet.
Warning InvalidDiskCapacity 16m kubelet invalid capacity 0 on image filesystem
Normal NodeHasSufficientMemory 16m (x2 over 16m) kubelet Node i-55555555555555555 status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 16m (x2 over 16m) kubelet Node i-55555555555555555 status is now: NodeHasNoDiskPressure
Normal NodeAllocatableEnforced 16m kubelet Updated Node Allocatable limit across pods
Normal NodeReady 16m kubelet Node i-55555555555555555 status is now: NodeReady
Normal Ready 16m karpenter Status condition transitioned, Type: Ready, Status: False -> True, Reason: KubeletReady, Message: kubelet is posting ready status
Normal Synced 16m cloud-node-controller Node synced successfully
Normal RegisteredNode 16m node-controller Node i-55555555555555555 event: Registered Node i-55555555555555555 in Controller
Normal DisruptionBlocked 16m karpenter Cannot disrupt Node: state node is nominated for a pending pod
Normal Unconsolidatable 14m karpenter Can't replace with a cheaper node
- ãƒãƒ¼ã‚¸ãƒ§ãƒ³1.31ã«ã‚¢ãƒƒãƒ—グレードã•ã‚Œã¾ã—ãŸã€‚
ワーカーノードã®ã‚¢ãƒƒãƒ—グレードã®å‹•ãã‚’ã¾ã¨ã‚ã‚‹ã¨ä»¥ä¸‹ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚
- アップグレード先ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ãŒè¿½åŠ ã•ã‚Œã‚‹
- 稼åƒä¸ã®Podã¯ä¸€æ—¦ã€Terminate ã•ã‚Œã€è¿½åŠ ã•ã‚ŒãŸãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ã§å†åº¦èµ·å‹•ã•ã‚Œã‚‹
- ã“ã®æ™‚ã€PDBã§æŒ‡å®šã—ãŸå¯ç”¨æ€§ã¯ç¶æŒã•ã‚Œã‚‹
- å…¨ã¦ã®PodãŒå†èµ·å‹•ã•ã‚ŒãŸå¾Œã€ã‚‚ã¨ã®ï¼ˆæ—§ãƒãƒ¼ã‚¸ãƒ§ãƒ³ï¼‰ã®ãƒ¯ãƒ¼ã‚«ãƒ¼ãƒŽãƒ¼ãƒ‰ãŒå‰Šé™¤ã•ã‚Œã‚‹
アプリã®å¯ç”¨æ€§ã‚’ç¶æŒã—ãŸçŠ¶æ…‹ã§ãƒ¯ãƒ¼ã‚«ãƒŽãƒ¼ãƒ‰ã‚’自動ã§ã‚¢ãƒƒãƒ—グレードã§ãã‚‹ã“ã¨ãŒç¢ºèªã§ãã¾ã—ãŸã€‚
