Created
February 12, 2024 13:40
-
-
Save RajaniCode/e0ebbf7dfed1a778878f7a2d90d547ff to your computer and use it in GitHub Desktop.
Amazon Elastic Kubernetes Service (Amazon EKS) Docker Amazon Elastic Container Registry (Amazon ECR) Node.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
########################################################################################################################### | |
Amazon Elastic Kubernetes Service (Amazon EKS) | |
########################################################################################################################### | |
# AWS # Docker # ECR # EKS # Node.js | |
########################################################################################################################### | |
https://aws.amazon.com | |
Sign in to the Console | |
Sign in using root user email | |
Root user | |
Account owner that performs tasks requiring unrestricted access. | |
Root user email address | |
Next | |
Root user sign in | |
Password | |
Sign in | |
[ | |
# N. California # us-west-1 # | |
] | |
# Oregon # us-west-2 # | |
*************************************************************************************************************************** | |
## IAM ## Manage access to AWS resources ## | |
https://console.aws.amazon.com/iam/ | |
Search for IAM in the AWS Console and click on IAM in the Services | |
# Global # | |
*************************************************************************************************************************** | |
Dashboard | |
Access management > | |
Users | |
Create user | |
User name | |
#**********# | |
node-mongodb-app-aws-eks-iam-user | |
#**********# | |
[ | |
Provide user access to the AWS Management Console - optional | |
I want to create an IAM user | |
Custom password | |
#**********# | |
AWS!@#$%67890iam | |
#**********# | |
Users must create a new password at next sign-in - Recommended | |
] | |
Next | |
Set permissions | |
Attach policies directly | |
Attach a managed policy directly to a user. As a best practice, we recommend attaching policies to a group instead. Then, add the user to the appropriate group. | |
Permissions policies | |
#**********# | |
AdministratorAccess | |
AmazonEC2FullAccess | |
AmazonEKSClusterPolicy | |
AmazonEKSWorkerNodePolicy | |
AWSCloudFormationFullAccess | |
AmazonVPCFullAccess | |
IAMFullAccess | |
AmazonElasticContainerRegistryPublicFullAccess | |
[ | |
AmazonEC2ContainerRegistryFullAccess | |
] | |
#**********# | |
Next | |
Review and create | |
Review your choices. After you create the user, you can view and download the autogenerated password, if enabled. | |
User details | |
[ | |
User name | |
#**********# | |
node-mongodb-app-aws-eks-iam-user | |
#**********# | |
Console password type | |
Custom password | |
Require password reset | |
Yes | |
] | |
Permissions summary | |
[ | |
#**********# | |
Name Type Used as | |
AdministratorAccess AWS managed - job function Permissions policy | |
AmazonEC2FullAccess AWS managed Permissions policy | |
AmazonEKSClusterPolicy AWS managed Permissions policy | |
AmazonEKSWorkerNodePolicy AWS managed Permissions policy | |
AmazonElasticContainerRegistryPublicFullAccess AWS managed Permissions policy | |
AmazonVPCFullAccess AWS managed Permissions policy | |
AWSCloudFormationFullAccess AWS managed Permissions policy | |
IAMFullAccess AWS managed Permissions policy | |
IAMUserChangePassword AWS managed Permissions policy | |
#**********# | |
] | |
NB: # IAMUserChangePassword # Default # Users must create a new password at next sign-in - Recommended | |
Tags - optional | |
Create user | |
"User created successfully" | |
"You can view and download the user’s password and email instructions for signing in to the AWS Management Console." | |
Retrieve password | |
You can view and download the user's password below or email users instructions for signing in to the AWS Management Console. This is the only time you can view and download this password. | |
Console sign-in details | |
Console sign-in URL | |
#**********# | |
https://<Account ID>.signin.aws.amazon.com/console | |
#**********# | |
User name | |
#**********# | |
node-mongodb-app-aws-eks-iam-user | |
#**********# | |
Console password | |
#**********# | |
AWS!@#$%67890iam | |
#**********# | |
#**********# | |
Download node-mongodb-app-aws-eks-iam-user_credentials.csv file | |
#**********# | |
View user | |
*************************************************************************************************************************** | |
IAM > Users > | |
#**********# | |
node-mongodb-app-aws-eks-iam-user | |
#**********# | |
Summary | |
[ | |
ARN | |
#**********# | |
arn:aws:iam::<Account ID>:user/node-mongodb-app-aws-eks-iam-user | |
#**********# | |
Console access | |
Enabled without MFA | |
Access key 1 | |
Create access key | |
Created | |
November 15, 2023, 10:58 (UTC+05:30) | |
Last console sign-in | |
Never | |
] | |
Create access key | |
Access key best practices & alternatives | |
Avoid using long-term credentials like access keys to improve your security. Consider the following use cases and alternatives. | |
Use case | |
Command Line Interface (CLI) | |
You plan to use this access key to enable the AWS CLI to access your AWS account. | |
Alternatives recommended | |
Use AWS CloudShell, a browser-based CLI, to run commands. | |
Use the AWS CLI V2 and enable authentication through a user in IAM Identity Center. | |
Confirmation | |
I understand the above recommendation and want to proceed to create an access key. | |
Next | |
Set description tag - optional | |
Create access key | |
"Access key created" | |
"This is the only time that the secret access key can be viewed or downloaded. You cannot recover it later. However, you can create a new access key any time." | |
Retrieve access keys | |
Access key | |
If you lose or forget your secret access key, you cannot retrieve it. Instead, create a new access key and make the old key inactive. | |
Access key | |
#**********# | |
AKIAWECQW54Q25IEBVHA | |
#**********# | |
Secret access key | |
#**********# | |
WUDt274GF9sE4Vkpxkl9yFVDEde+KM0wEqzC2ggr | |
#**********# | |
Access key best practices | |
Never store your access key in plain text, in a code repository, or in code. | |
Disable or delete access key when no longer needed. | |
Enable least-privilege permissions. | |
Rotate access keys regularly. | |
#**********# | |
Download node-mongodb-app-aws-eks-iam-user_accessKeys.csv file | |
#**********# | |
Done | |
*************************************************************************************************************************** | |
IAM > Users > | |
#**********# | |
node-mongodb-app-aws-eks-iam-user | |
#**********# | |
Summary | |
[ | |
ARN | |
#**********# | |
arn:aws:iam::<Account ID>:user/node-mongodb-app-aws-eks-iam-user | |
#**********# | |
Console access | |
Enabled without MFA | |
Access key 1 | |
#**********# | |
AKIAWECQW54Q25IEBVHA - Active | |
#**********# | |
Never used. Created today. | |
Created | |
November 15, 2023, 10:58 (UTC+05:30) | |
Last console sign-in | |
Never | |
Access key 2 | |
Create access key | |
] | |
Permissions | |
[ | |
Permissions policies (8) | |
] | |
Groups | |
[ | |
User groups membership (0) | |
] | |
Tags | |
[ | |
Tags (0) | |
] | |
Security credentials | |
[ | |
Console sign-in | |
Console sign-in link | |
#**********# | |
https://<Account ID>.signin.aws.amazon.com/console | |
#**********# | |
Console password | |
Updated 13 minutes ago (2023-11-15 10:58 GMT+5:30) | |
Last console sign-in | |
Never | |
] | |
Access Advisor | |
Access Advisor shows the services that this user can access and when those services were last accessed. Review this data to remove unused permissions. | |
[ | |
Allowed services (363) | |
] | |
Permissions boundary (not set) | |
Generate policy based on CloudTrail events | |
You can generate a new policy based on the access activity for this user, then customize, create, and attach it to this role. AWS uses your CloudTrail events to identify the services and actions used and generate a policy. | |
No requests to generate a policy in the past 7 days. | |
*************************************************************************************************************************** | |
Sign out | |
*************************************************************************************************************************** | |
#**********# | |
https://<Account ID>.signin.aws.amazon.com/console | |
#**********# | |
Sign in as IAM user | |
Account ID (12 digits) or account alias | |
#**********# | |
<Account ID> | |
#**********# | |
IAM user name | |
#**********# | |
node-mongodb-app-aws-eks-iam-user | |
#**********# | |
Password | |
#**********# | |
AWS!@#$%67890iam | |
AWS12345^&*()iam | |
#**********# | |
*************************************************************************************************************************** | |
# AWS CloudShell | |
*************************************************************************************************************************** | |
# https://us-west-2.console.aws.amazon.com/console/home?nc2=h_ct®ion=us-west-2&src=header-signin# | |
*************************************************************************************************************************** | |
# Amazon Linux [centos rhel fedora] | |
*************************************************************************************************************************** | |
$ sudo cat /etc/os-release | |
$ sudo cat /etc/*release | |
[ | |
$ sudo cat /etc/*version | |
] | |
$ sudo cat /etc/issue | |
$ sudo more /etc/issue | |
$ sudo less /etc/issue | |
$ sudo cat /proc/version | |
[ | |
$ sudo lsb_release --all | |
$ sudo lsb_release --description | |
$ sudo man lsb_release | |
] | |
$ sudo hostnamectl | |
$ sudo man hostnamectl | |
$ sudo uname -r | |
$ sudo uname --release | |
$ sudo uname -srm | |
$ sudo uname --kernel-name --kernel-release --kernel-version | |
$ sudo uname --all | |
$ sudo man uname | |
$ sudo grep -E '^(VERSION|NAME)=' /etc/os-release | |
$ sudo grep '^VERSION' /etc/os-release | |
$ sudo rpm -qa | |
$ sudo which rpm | |
$ sudo man rpm | |
$ sudo arch | |
$ sudo whoami | |
$ whoami | |
$ sudo echo $USER | |
$ sudo echo $USERNAME | |
$ sudo echo $PATH | |
$ sudo echo $HOME | |
$ sudo echo ~/ | |
$ sudo echo $SHELL | |
$ sudo env | |
$ sudo pwd | |
$ sudo ls | |
$ sudo ls -a | |
$ sudo date | |
*************************************************************************************************************************** | |
# Network | |
*************************************************************************************************************************** | |
$ sudo yum update | |
$ sudo yum upgrade | |
[ | |
$ sudo yum install net-tools | |
] | |
$ sudo netstat -tunpl | |
$ sudo netstat -nr | |
$ sudo netstat -ai | |
$ sudo netstat -ant | |
[ | |
$ sudo yum remove net-tools | |
] | |
[ | |
$ sudo yum install iproute iproute-doc | |
] | |
$ sudo ss -tunl | |
$ sudo ss -t | |
$ sudo ss -A tcp | |
$ sudo ss -ua | |
$ sudo ss -a -A udp | |
$ sudo ss -nt | |
$ sudo ss -ltn | |
[ | |
$ sudo yum remove iproute iproute-doc | |
] | |
$ sudo yum install nc | |
# Ncat: bind to 127.0.0.1:36563: Address already in use. QUITTING. | |
$ sudo nc -l localhost 36563 | |
# Not in use # 27017 | |
$ sudo nc -l localhost 27017 | |
# control + C | |
[ | |
$ sudo yum remove nc | |
$ sudo yum erase nc | |
$ sudo yum autoremove | |
] | |
$ sudo yum install nmap | |
$ sudo nmap -n -PN -sT -sU -p- localhost | |
[ | |
$ sudo yum remove nmap | |
$ sudo yum erase nmap | |
$ sudo yum autoremove | |
] | |
*************************************************************************************************************************** | |
# Docker install | |
*************************************************************************************************************************** | |
[ | |
$ sudo yum update | |
$ sudo yum upgrade | |
] | |
[ | |
$ sudo yum install -y docker | |
] | |
$ sudo amazon-linux-extras install docker | |
$ sudo docker --version | |
$ sudo dockerd | |
] | |
*************************************************************************************************************************** | |
# Node.js | |
*************************************************************************************************************************** | |
$ sudo mkdir -p node-21-express-app | |
[ | |
$ sudo rm -rf node-21-express-app | |
] | |
$ cd node-21-express-app | |
$ sudo nano index.js | |
[ | |
const express = require('express'); | |
const app = express(); | |
const port = 3000; | |
app.get('/', (req, res) => { | |
res.send("Node.js Version: " + process.version + "\n"); | |
}); | |
app.listen(port, () => { | |
console.log(`Server started on port ${port}`); | |
}); | |
] | |
[ | |
$ sudo rm -rf index.js | |
] | |
$ sudo cat index.js | |
$ sudo npm --version | |
# node-21-express-app | |
$ sudo npm init | |
$ sudo npm update --global | |
$ sudo npm upgrade --global | |
$ sudo npm outdated --global | |
$ sudo npm list --global | |
$ sudo npm list | |
$ sudo npm install express | |
$ sudo npm list | |
$ sudo npm list --global | |
$ sudo node index.js | |
[ | |
Server started on port 3000 | |
] | |
control + C | |
[ | |
$ sudo rm -rf package.json | |
$ sudo rm -rf package-lock.json | |
$ sudo rm -rf index.js | |
] | |
# Actions New tab | |
$ curl http://localhost:3000/ | |
$ curl http://127.0.0.1:3000/ | |
# ip-10-130-56-54 | |
$ curl http://ip-10-130-56-54:3000/ | |
[ | |
$ ps -ef | |
$ ps aux | grep -v grep | grep node | awk '{print $2}' | |
$ sudo kill <> | |
] | |
[ | |
$ node | |
> var app = require('http').createServer() | |
> app.close() | |
> .exit | |
] | |
# Tab where node was started | |
control + c | |
*************************************************************************************************************************** | |
# Docker | |
*************************************************************************************************************************** | |
# Actions New tab | |
$ cd node-21-express-app | |
$ sudo docker --version | |
$ sudo docker version | |
$ sudo docker info | |
[ | |
$ sudo docker init | |
$ sudo cat Dockerfile | |
$ sudo cat .dockerignore | |
$ sudo cat compose.yaml | |
$ sudo docker compose up --build | |
$ curl http://localhost:3000/ | |
$ curl http://127.0.0.1:3000/ | |
] | |
$ sudo nano Dockerfile | |
[ | |
FROM node:20.9-slim | |
WORKDIR /usr/src/app | |
COPY . . | |
RUN npm install | |
CMD [ "node", "index.js" ] | |
] | |
$ sudo cat Dockerfile | |
[ | |
$ sudo echo node_modules > .dockerignore | |
] | |
$ sudo nano .dockerignore | |
node_modules | |
$ sudo cat .dockerignore | |
$ sudo cat package.json | |
$ sudo cat package-lock.json | |
$ sudo docker build -t node-21-express-app . | |
[ | |
$ sudo docker container list | |
] | |
$ sudo docker image list --all | |
$ sudo docker run -it --rm -p 3000:3000 node-21-express-app | |
# Actions New tab | |
$ curl http://localhost:3000/ | |
$ curl http://127.0.0.1:3000/ | |
$ sudo docker tag node-21-express-app dockerrajani/node-21-express-app-amazon-linux-extras-x86-64:version1.0.0 | |
$ sudo docker login | |
$ sudo docker push dockerrajani/node-21-express-app-amazon-linux-extras-x86-64:version1.0.0 | |
https://hub.docker.com/repository/docker/dockerrajani/node-21-express-app-amazon-linux-extras-x86-64 | |
$ sudo docker image list | |
$ sudo docker pull dockerrajani/node-21-express-app-amazon-linux-extras-x86-64:version1.0.0 | |
$ sudo docker run -it --rm -p 3000:3000 dockerrajani/node-21-express-app-amazon-linux-extras-x86-64:version1.0.0 | |
[ | |
# Private | |
$ aws ecr create-repository \ | |
--repository-name node-21-express-app-amazon-linux-extras-x86-64-private-repository | |
# Public # --region us-east-1 # CreateRepository command is only supported in us-east-1 | |
$ aws ecr-public create-repository \ | |
--repository-name node-21-express-app-amazon-linux-extras-x86-64-public-repository \ | |
--region us-east-1 | |
] | |
*************************************************************************************************************************** | |
# Docker cleanup | |
*************************************************************************************************************************** | |
[ | |
$ sudo docker ps --all --quiet | |
$ sudo docker stop $(sudo docker ps -a -q) | |
$ sudo docker rm $(sudo docker ps -a -q) --force | |
] | |
$ sudo docker container list --all --quiet | |
$ sudo docker stop $(sudo docker container list -a -q) | |
$ sudo docker rm $(sudo docker container list -a -q) --force | |
$ sudo docker container prune | |
$ sudo docker image list --all --quiet | |
$ sudo docker rmi $(sudo docker image list -a -q) --force | |
$ sudo docker image prune --all | |
$ sudo docker volume list --quiet | |
$ sudo docker volume rm $(sudo docker volume list --quiet) --force | |
$ sudo docker volume prune | |
$ sudo docker network list --quiet --filter "type=custom" | |
$ sudo docker network rm $(sudo docker network list --quiet --filter "type=custom") | |
$ sudo docker network prune | |
$ sudo docker system info | |
$ sudo docker system prune --all --volumes | |
*************************************************************************************************************************** | |
# Docker uninstall | |
*************************************************************************************************************************** | |
# Tab where dockerd was started | |
control + C | |
[ | |
# sudo kill <> | |
$ sudo ps aux | grep -v grep | grep docker | awk '{print $2}' | |
$ sudo ps aux | grep -v grep | grep dockerd | awk '{print $2}' | |
] | |
[ | |
$ sudo ls /var/run/docker.pid | |
$ sudo rm -rf /var/run/docker.pid | |
] | |
$ sudo yum remove docker | |
[ | |
$ sudo yum erase docker | |
] | |
$ sudo yum autoremove | |
$ sudo ls /var/lib/docker | |
$ sudo rm -rf /var/lib/docker | |
[ | |
$ sudo ls /var/lib/containerd | |
$ sudo rm -rf /var/lib/containerd | |
] | |
*************************************************************************************************************************** | |
# ECR | |
# Elastic Container Registry | |
# Fully-managed Docker container registry : Fully-managed Docker container registry : Share and deploy container software, publicly or privately | |
# Terminal | |
# AWS CLI V2 | |
# docker | |
*************************************************************************************************************************** | |
=========================================================================================================================== | |
# Cleanup # $HOME | |
=========================================================================================================================== | |
% ls ~/.kube | |
% rm -rf ~/.kube | |
% ls ~/.ssh | |
% rm -rf ~/.ssh | |
% ls ~/.aws | |
% rm -rf ~/.aws | |
=========================================================================================================================== | |
# Version | |
=========================================================================================================================== | |
% aws --version | |
% eksctl version | |
[ | |
% aws-iam-authenticator version | |
] | |
% kubectl version | |
=========================================================================================================================== | |
#**********# | |
% aws configure | |
AWS Access Key ID [None]: AKIAWECQW54Q25IEBVHA | |
AWS Secret Access Key [None]: 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 | |
Default region name [None]: us-west-2 | |
Default output format [None]: yaml | |
#**********# | |
% ls $HOME/.aws/credentials | |
% cat $HOME/.aws/credentials | |
% ls $HOME/.aws/config | |
% cat $HOME/.aws/config | |
% aws iam list-users | |
[ | |
Users: | |
- Arn: arn:aws:iam::<Account ID>:user/node-mongodb-app-aws-eks-iam-user | |
CreateDate: '2023-11-20T08:42:50+00:00' | |
Path: / | |
UserId: AIDAWECQW54QQDC35JZZC | |
UserName: node-mongodb-app-aws-eks-iam-user | |
] | |
# Private | |
% aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin <Account ID>.dkr.ecr.us-west-2.amazonaws.com | |
# Private | |
% aws ecr create-repository \ | |
--repository-name node-21-express-app-amazon-linux-extras-x86-64-private-repository | |
# Public | |
% aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/j9k4y3w5 | |
# Public # --region us-east-1 # CreateRepository command is only supported in us-east-1 | |
% aws ecr-public create-repository \ | |
--repository-name node-21-express-app-amazon-linux-extras-x86-64-public-repository \ | |
--region us-east-1 | |
] | |
% docker version | |
% docker image list | |
https://hub.docker.com/repository/docker/dockerrajani/node-21-express-app-amazon-linux-extras-x86-64 | |
% docker pull dockerrajani/node-21-express-app-amazon-linux-extras-x86-64:version1.0.0 | |
% docker image list | |
# Private | |
% docker tag dockerrajani/node-21-express-app-amazon-linux-extras-x86-64:version1.0.0 <Account ID>.dkr.ecr.us-west-2.amazonaws.com/node-21-express-app-amazon-linux-extras-x86-64-private-repository:latest | |
% docker push <Account ID>.dkr.ecr.us-west-2.amazonaws.com/node-21-express-app-amazon-linux-extras-x86-64-private-repository:latest | |
# Image URI | |
<Account ID>.dkr.ecr.us-west-2.amazonaws.com/node-21-express-app-amazon-linux-extras-x86-64-private-repository:latest | |
% docker image list | |
# Public # --region us-east-1 | |
% docker tag dockerrajani/node-21-express-app-amazon-linux-extras-x86-64:version1.0.0 public.ecr.aws/j9k4y3w5/node-21-express-app-amazon-linux-extras-x86-64-public-repository:latest | |
% docker push public.ecr.aws/j9k4y3w5/node-21-express-app-amazon-linux-extras-x86-64-public-repository:latest | |
# Image URI | |
public.ecr.aws/j9k4y3w5/node-21-express-app-amazon-linux-extras-x86-64-public-repository:latest | |
=========================================================================================================================== | |
*************************************************************************************************************************** | |
########################################################################################################################### | |
# Terminal | |
# SSH Key Pair | |
########################################################################################################################### | |
# AWS@EKS | |
% ssh-keygen -b 4096 -t rsa | |
[ | |
% cat .ssh/id_rsa | |
% cat .ssh/id_rsa.pub | |
] | |
% cat ~/.ssh/id_rsa | |
% cat ~/.ssh/id_rsa.pub | |
########################################################################################################################### | |
# Terminal | |
# eksctl | |
# kubectl | |
# AWS CLI V2 | |
########################################################################################################################### | |
*************************************************************************************************************************** | |
* * | |
* * Elastic Kubernetes Service * CloudFormation * EC2 * VPC * | |
* * | |
*************************************************************************************************************************** | |
% cd ~/Desktop/Working/Technology/Kubernetes/Proof-of-Concept/AWS | |
% mkdir -p eksctl-cluster | |
% nano eksctl-cluster/aws-eksctl-cluster.yaml # eu-north-1 | |
[ | |
apiVersion: eksctl.io/v1alpha5 | |
kind: ClusterConfig | |
metadata: | |
name: aws-eksctl-cluster | |
region: eu-north-1 | |
nodeGroups: | |
- name: ng-1 | |
instanceType: m5.large | |
desiredCapacity: 10 | |
volumeSize: 80 | |
ssh: | |
allow: true # will use ~/.ssh/id_rsa.pub as the default ssh key | |
- name: ng-2 | |
instanceType: m5.xlarge | |
desiredCapacity: 2 | |
volumeSize: 100 | |
ssh: | |
publicKeyPath: ~/.ssh/id_rsa.pub | |
] | |
% cat eksctl-cluster/aws-eksctl-cluster.yaml | |
% eksctl create cluster -f eksctl-cluster/aws-eksctl-cluster.yaml | |
# Elastic Kubernetes Service # | |
% aws eks list-clusters --region=eu-north-1 | |
% eksctl get cluster | |
% eksctl get iamidentitymapping --cluster aws-eksctl-cluster --region=eu-north-1 | |
% aws eks describe-cluster --name=aws-eksctl-cluster --region=eu-north-1 --query=cluster.status | |
% aws eks describe-cluster --name=aws-eksctl-cluster --region=eu-north-1 --query=cluster.endpoint | |
% aws eks describe-cluster --name=aws-eksctl-cluster --region=eu-north-1 | |
# CloudFormation # | |
% aws cloudformation list-stacks --region=eu-north-1 | |
% aws cloudformation list-stacks --region=eu-north-1 --stack-status-filter CREATE_COMPLETE | |
# VPCs # | |
% aws ec2 describe-vpcs --region=eu-north-1 | |
# NAT Gateways | |
% aws ec2 describe-nat-gateways --region=eu-north-1 | |
# Subnets | |
% aws ec2 describe-subnets --region=eu-north-1 | |
[ | |
# VPC Peering Connections | |
% aws ec2 describe-vpc-peering-connections --region=eu-north-1 | |
] | |
# Route tables | |
% aws ec2 describe-route-tables --region=eu-north-1 | |
# Network ACLs | |
% aws ec2 describe-network-acls --region=eu-north-1 | |
# Internet gateways | |
% aws ec2 describe-internet-gateways --region=eu-north-1 | |
# Security Groups | |
% aws ec2 describe-security-groups --region=eu-north-1 | |
[ | |
# Egress only internet gateways | |
% aws ec2 describe-egress-only-internet-gateways --region=eu-north-1 | |
] | |
[ | |
# Customer Gateways | |
% aws ec2 describe-customer-gateways --region=eu-north-1 | |
] | |
# DHCP option sets | |
% aws ec2 describe-dhcp-options --region=eu-north-1 | |
[ | |
# Virtual Private Gateways | |
% aws ec2 describe-vpn-gateways --region=eu-north-1 | |
] | |
[ | |
# Endpoints | |
% aws ec2 describe-vpc-endpoints --region=eu-north-1 | |
] | |
[ | |
# Site-to-Site VPN Connections | |
% aws ec2 describe-vpn-connections --region=eu-north-1 | |
] | |
[ | |
# Instance Connect Endpoints | |
% aws ec2 describe-instance-connect-endpoints --region=eu-north-1 | |
] | |
[ | |
# Running Instances | |
% aws ec2 describe-instances --region=eu-north-1 | |
] | |
[ | |
# Endpoint Services | |
% aws ec2 describe-vpc-endpoint-services --region=eu-north-1 | |
] | |
*************************************************************************************************************************** | |
% kubectl get services | |
[ | |
% kubectl config current-context | |
% aws eks update-kubeconfig --name aws-eksctl-cluster --region eu-north-1 | |
% export KUBECONFIG=~/.kube/config | |
% echo $KUBECONFIG | |
] | |
# Private | |
% nano eksctl-cluster/node-21-express-app-amazon-linux-extras-x86-64-private.yaml | |
[ | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: node-21-express-app-private-service | |
spec: | |
selector: | |
app: node-21-express-app-private | |
ports: | |
- port: 80 | |
targetPort: 3000 | |
type: LoadBalancer | |
--- | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: node-21-express-app-private-deployment | |
spec: | |
replicas: 2 | |
selector: | |
matchLabels: | |
app: node-21-express-app-private | |
template: | |
metadata: | |
labels: | |
app: node-21-express-app-private | |
spec: | |
containers: | |
- name: node-21-express-app-private-container | |
image: <Account ID>.dkr.ecr.us-west-2.amazonaws.com/node-21-express-app-amazon-linux-extras-x86-64-private-repository:latest | |
ports: | |
- containerPort: 3000 | |
] | |
% cat eksctl-cluster/node-21-express-app-amazon-linux-extras-x86-64-private.yaml | |
% kubectl apply -f eksctl-cluster/node-21-express-app-amazon-linux-extras-x86-64-private.yaml | |
[ | |
% kubectl delete -f eksctl-cluster/node-21-express-app-amazon-linux-extras-x86-64-private.yaml | |
] | |
% kubectl get pods --watch | |
[ | |
NAME READY STATUS RESTARTS AGE | |
node-21-express-app-private-deployment-5d6679b677-ddhds 1/1 Running 0 29s | |
node-21-express-app-private-deployment-5d6679b677-z8ktp 1/1 Running 0 29s | |
] | |
% kubectl get services | |
[ | |
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | |
kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 76m | |
node-21-express-app-private-service LoadBalancer 10.100.36.248 abadb6031dae94493a82178e1a6c5c47-251863209.eu-north-1.elb.amazonaws.com 80:31742/TCP 73s | |
] | |
% nslookup abadb6031dae94493a82178e1a6c5c47-251863209.eu-north-1.elb.amazonaws.com | |
[ | |
Server: 218.248.112.65 | |
Address: 218.248.112.65#53 | |
Non-authoritative answer: | |
Name: abadb6031dae94493a82178e1a6c5c47-251863209.eu-north-1.elb.amazonaws.com | |
Address: 16.170.89.8 | |
Name: abadb6031dae94493a82178e1a6c5c47-251863209.eu-north-1.elb.amazonaws.com | |
Address: 16.16.225.224 | |
Name: abadb6031dae94493a82178e1a6c5c47-251863209.eu-north-1.elb.amazonaws.com | |
Address: 13.50.159.112 | |
] | |
% curl abadb6031dae94493a82178e1a6c5c47-251863209.eu-north-1.elb.amazonaws.com | |
Node.js Version: v20.9.0 | |
# Public | |
% nano eksctl-cluster/node-21-express-app-amazon-linux-extras-x86-64-public.yaml | |
[ | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: node-21-express-app-public-service | |
spec: | |
selector: | |
app: node-21-express-app-public | |
ports: | |
- port: 80 | |
targetPort: 3000 | |
type: LoadBalancer | |
--- | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: node-21-express-app-public-deployment | |
spec: | |
replicas: 2 | |
selector: | |
matchLabels: | |
app: node-21-express-app-public | |
template: | |
metadata: | |
labels: | |
app: node-21-express-app-public | |
spec: | |
containers: | |
- name: node-21-express-app-public-container | |
image: public.ecr.aws/j9k4y3w5/node-21-express-app-amazon-linux-extras-x86-64-public-repository:latest | |
ports: | |
- containerPort: 3000 | |
] | |
% cat eksctl-cluster/node-21-express-app-amazon-linux-extras-x86-64-public.yaml | |
% kubectl apply -f eksctl-cluster/node-21-express-app-amazon-linux-extras-x86-64-public.yaml | |
[ | |
% kubectl delete -f eksctl-cluster/node-21-express-app-amazon-linux-extras-x86-64-public.yaml | |
] | |
% kubectl get pods --watch | |
[ | |
NAME READY STATUS RESTARTS AGE | |
node-21-express-app-public-deployment-7f7557787d-hkc6b 1/1 Running 0 7s | |
node-21-express-app-public-deployment-7f7557787d-s6mqq 1/1 Running 0 7s | |
] | |
% kubectl get services | |
[ | |
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | |
kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 85m | |
node-21-express-app-public-service LoadBalancer 10.100.223.5 a5d703dec064e4afda1950bd6b27650b-1075462190.eu-north-1.elb.amazonaws.com 80:31544/TCP 26s | |
] | |
% nslookup a5d703dec064e4afda1950bd6b27650b-1075462190.eu-north-1.elb.amazonaws.com | |
[ | |
Server: 218.248.112.65 | |
Address: 218.248.112.65#53 | |
Non-authoritative answer: | |
Name: a5d703dec064e4afda1950bd6b27650b-1075462190.eu-north-1.elb.amazonaws.com | |
Address: 16.16.49.126 | |
Name: a5d703dec064e4afda1950bd6b27650b-1075462190.eu-north-1.elb.amazonaws.com | |
Address: 13.49.169.106 | |
Name: a5d703dec064e4afda1950bd6b27650b-1075462190.eu-north-1.elb.amazonaws.com | |
Address: 16.170.139.209 | |
] | |
% curl http://a5d703dec064e4afda1950bd6b27650b-1075462190.eu-north-1.elb.amazonaws.com/ | |
Node.js Version: v20.9.0 | |
*************************************************************************************************************************** | |
=========================================================================================================================== | |
# Cleanup # $HOME | |
=========================================================================================================================== | |
% ls ~/.kube | |
% rm -rf ~/.kube | |
% ls ~/.ssh | |
% rm -rf ~/.ssh | |
% ls ~/.aws | |
% rm -rf ~/.aws | |
=========================================================================================================================== | |
*************************************************************************************************************************** | |
########################################################################################################################### |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment