ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
Shell
복사
git clone https://github.com/morvencao/kube-mutating-webhook-tutorial.git
cd kube-mutating-webhook-tutorial
Shell
복사
sudo dnf install -y make
sudo yum install -y go
Shell
복사
•
WebHook 이미지 빌드 및 업로드
aws ecr get-login-password --region ap-northeast-2 | docker login --username AWS --password-stdin $ACCOUNT_ID.dkr.ecr.ap-northeast-2.amazonaws.com
make docker-build docker-push IMAGE=$ACCOUNT_ID.dkr.ecr.ap-northeast-2.amazonaws.com/webhook:latest
Shell
복사
cd ~/kube-mutating-webhook-tutorial/deploy/
Shell
복사
cat << EOF > configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: sidecar-injector
labels:
app: sidecar-injector
data:
sidecarconfig.yaml: |
containers:
- name: sidecar-curl
image: curlimages/curl
imagePullPolicy: IfNotPresent
args:
- --version
command:
- sleep
- infinity
EOF
Shell
복사
cat << EOF > kustomization.yaml
namespace: sidecar-injector
resources:
- namespace.yaml
- clusterrole.yaml
- clusterrolebinding.yaml
- deployment.yaml
- service.yaml
- serviceaccount.yaml
- configmap.yaml
images:
- name: sidecar-injector
newName: $ACCOUNT_ID.dkr.ecr.ap-northeast-2.amazonaws.com/webhook
newTag: latest
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
EOF
Shell
복사
cd ~/kube-mutating-webhook-tutorial
make deploy IMAGE=$ACCOUNT_ID.dkr.ecr.ap-northeast-2.amazonaws.com/webhook:latest
Shell
복사
kubectl create ns skills
kubectl label namespace skills sidecar-injection=enabled
Shell
복사
kubectl get namespace -L sidecar-injection
Shell
복사
kubectl -n skills run alpine \
--image=alpine \
--restart=Never \
--command -- sleep infinity
Shell
복사
kubectl -n skills get pod
Shell
복사
•
성공적으로 사이드카가 주입된 모습 확인 가능
