ENV
export SERVICE=s3
export EKS_CLUSTER_NAME=<CLUSTER_NAME>
export ACK_SYSTEM_NAMESPACE=ack-system
export AWS_REGION=ap-northeast-2
export AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
export BUCKET_NAME=my-ack-s3-bucket-$AWS_ACCOUNT_ID
Shell
복사
HELM 차트 Install
export RELEASE_VERSION=$(curl -sL https://api.github.com/repos/aws-controllers-k8s/$SERVICE-controller/releases/latest | grep '"tag_name":' | cut -d'"' -f4 | cut -c 2-)
helm pull oci://public.ecr.aws/aws-controllers-k8s/$SERVICE-chart --version=$RELEASE_VERSION
tar xzvf $SERVICE-chart-$RELEASE_VERSION.tgz
Shell
복사
ACK S3 Controller Install
helm install --create-namespace -n $ACK_SYSTEM_NAMESPACE ack-$SERVICE-controller --set aws.region="$AWS_REGION" ~/$SERVICE-chart
Shell
복사
설치 확인
helm list --namespace $ACK_SYSTEM_NAMESPACE
kubectl -n ack-system get pods
kubectl get crd | grep $SERVICE
kubectl get all -n ack-system
kubectl describe sa -n ack-system ack-s3-controller
Shell
복사
IAM 서비스 계정 생성 및 권한 부여
eksctl create iamserviceaccount \
--name ack-$SERVICE-controller \
--region=ap-northeast-2 \
--namespace ack-system \
--cluster $EKS_CLUSTER_NAME \
--attach-policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess \
--override-existing-serviceaccounts \
--approve
eksctl delete iamserviceaccount \
--name ack-$SERVICE-controller \
--region=ap-northeast-2 \
--namespace ack-system \
--cluster $EKS_CLUSTER_NAME
Shell
복사
IAM 서비스 계정 확인
eksctl get iamserviceaccount --cluster $EKS_CLUSTER_NAME
Shell
복사
서비스 계정 확인
kubectl get sa -n ack-system
kubectl describe sa ack-$SERVICE-controller -n ack-system
Shell
복사
ACK S3 Controller 재시작
kubectl -n ack-system rollout restart deploy ack-$SERVICE-controller-$SERVICE-chart
Shell
복사
Pod 설명
kubectl describe pod -n ack-system -l k8s-app=$SERVICE-chart
Shell
복사
Amazon S3 생성
aws s3 ls
cat << EOF > bucket.yaml
apiVersion: s3.services.k8s.aws/v1alpha1
kind: Bucket
metadata:
name: BUCKET_NAME
spec:
name: BUCKET_NAME
EOF
sed -i "s|BUCKET_NAME|$BUCKET_NAME|g" bucket.yaml
kubectl create -f bucket.yaml
Shell
복사
Amazon S3 버킷 생성 확인
aws s3 ls
kubectl get buckets
kubectl describe bucket/$BUCKET_NAME | head -6
aws s3 ls | grep $BUCKET_NAME
Shell
복사
S3 버킷 태그 추가 (수정)
cat << EOF > bucket.yaml
apiVersion: s3.services.k8s.aws/v1alpha1
kind: Bucket
metadata:
name: BUCKET_NAME
spec:
name: BUCKET_NAME
tagging:
tagSet:
- key: myTagKey
value: myTagValue
EOF
sed -i "s|BUCKET_NAME|$BUCKET_NAME|g" bucket.yaml
kubectl apply -f bucket.yaml
Shell
복사
S3 버킷 태그 확인
kubectl describe bucket/$BUCKET_NAME | grep Spec: -A5
Shell
복사
S3 버킷 삭제
kubectl delete -f bucket.yaml
kubectl get bucket/$BUCKET_NAME
aws s3 ls | grep $BUCKET_NAME
Shell
복사