공부하기싫어
article thumbnail
Published 2022. 11. 16. 17:24
Jenkins + ArgoCD + EKS 구성해보기 4 (실패) Kubernetes/CICD

어제 만났던 오류 로그

nginx.conf 파일에 문제가 있다는것 같은데

Dockerfile 을 수정해줬다

 

그리고 eks 클러스터를 다시 생성한다고 해서

argocd 설치도 다시 진행해봤다

 

curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 > get_helm.sh
chmod 700 get_helm.sh
./get_helm.sh

helm version --short | cut -d + -f 1

헬름 설치 참고

https://docs.aws.amazon.com/ko_kr/eks/latest/userguide/helm.html

 

Amazon EKS에 Helm 사용 - Amazon EKS

openssl을 먼저 설치해야 한다는 메시지가 나타나는 경우 다음 명령으로 설치할 수 있습니다. sudo yum install openssl

docs.aws.amazon.com

 

이후 aws-load-balancer-controller 를 설치해주고 argo CD 를 설치해줬다

 

helm repo add eks https://aws.github.io/eks-charts
helm repo list
helm repo update
helm install aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=project-myeks --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller --set image.repository=602401143452.dkr.ecr.ap-northeast-2.amazonaws.com/amazon/aws-load-balancer-controller
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'

kubectl -n argocd get all

 

로드밸런서 타입으로 서버를 바꿔주고 argocd 네임스페이스 전체 출력해봤다

 

pending

 

describe

multiple tagged security groups 이라고 한다.

 

기본 보안그룹을 삭제해줬더니 dns 주소가 나왔다

https://docs.aws.amazon.com/ko_kr/eks/latest/userguide/sec-group-reqs.html

 

Amazon EKS 보안 그룹 요구 사항 및 고려 사항 - Amazon EKS

이 페이지에 작업이 필요하다는 점을 알려 주셔서 감사합니다. 실망시켜 드려 죄송합니다. 잠깐 시간을 내어 설명서를 향상시킬 수 있는 방법에 대해 말씀해 주십시오.

docs.aws.amazon.com

 

kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d; echo

비밀번호를 찾아서 admin 으로 들어가주고

 

??

아니 여기서 실패한 블로그들은 한개도 없다 ㅋㅋ

보안그룹이 문제인가 해서

혹시몰라 80, 443 둘 다 노드단, 클러스터 단 다 열어줬는데도 안됨

argoCD 다시 깔아봐도 안됨

다른 분 깃 주소로 해봐도 안됨

ㅈㅈ

argo-server log

 

aicore0934:~/environment $ kubectl describe pods argocd-server-5b8c45c484-wcjwm -n argocd                                                                                                                                                    
Name:         argocd-server-5b8c45c484-wcjwm
Namespace:    argocd
Priority:     0
Node:         ip-10-0-159-101.ap-northeast-2.compute.internal/10.0.159.101
Start Time:   Wed, 16 Nov 2022 07:09:17 +0000
Labels:       app.kubernetes.io/name=argocd-server
              pod-template-hash=5b8c45c484
Annotations:  container.seccomp.security.alpha.kubernetes.io/argocd-server: runtime/default
              kubernetes.io/psp: eks.privileged
Status:       Running
IP:           10.0.151.8
IPs:
  IP:           10.0.151.8
Controlled By:  ReplicaSet/argocd-server-5b8c45c484
Containers:
  argocd-server:
    Container ID:  docker://41ded5e2090af07ad4ac7477a04b30770ee207668234ebf24a20bc3849a88667
    Image:         quay.io/argoproj/argocd:v2.5.2
    Image ID:      docker-pullable://quay.io/argoproj/argocd@sha256:9df610ec57cb8ec08001ffaeeedfe1c248e7906707a654801f8d7b4d07905693
    Ports:         8080/TCP, 8083/TCP
    Host Ports:    0/TCP, 0/TCP
    Command:
      argocd-server
    State:          Running
      Started:      Wed, 16 Nov 2022 07:09:28 +0000
    Ready:          True
    Restart Count:  0
    Liveness:       http-get http://:8080/healthz%3Ffull=true delay=3s timeout=1s period=30s #success=1 #failure=3
    Readiness:      http-get http://:8080/healthz delay=3s timeout=1s period=30s #success=1 #failure=3
    Environment:
      ARGOCD_SERVER_INSECURE:                            <set to the key 'server.insecure' of config map 'argocd-cmd-params-cm'>                            Optional: true
      ARGOCD_SERVER_BASEHREF:                            <set to the key 'server.basehref' of config map 'argocd-cmd-params-cm'>                            Optional: true
      ARGOCD_SERVER_ROOTPATH:                            <set to the key 'server.rootpath' of config map 'argocd-cmd-params-cm'>                            Optional: true
      ARGOCD_SERVER_LOGFORMAT:                           <set to the key 'server.log.format' of config map 'argocd-cmd-params-cm'>                          Optional: true
      ARGOCD_SERVER_LOG_LEVEL:                           <set to the key 'server.log.level' of config map 'argocd-cmd-params-cm'>                           Optional: true
      ARGOCD_SERVER_REPO_SERVER:                         <set to the key 'repo.server' of config map 'argocd-cmd-params-cm'>                                Optional: true
      ARGOCD_SERVER_DEX_SERVER:                          <set to the key 'server.dex.server' of config map 'argocd-cmd-params-cm'>                          Optional: true
      ARGOCD_SERVER_DISABLE_AUTH:                        <set to the key 'server.disable.auth' of config map 'argocd-cmd-params-cm'>                        Optional: true
      ARGOCD_SERVER_ENABLE_GZIP:                         <set to the key 'server.enable.gzip' of config map 'argocd-cmd-params-cm'>                         Optional: true
      ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS:         <set to the key 'server.repo.server.timeout.seconds' of config map 'argocd-cmd-params-cm'>         Optional: true
      ARGOCD_SERVER_X_FRAME_OPTIONS:                     <set to the key 'server.x.frame.options' of config map 'argocd-cmd-params-cm'>                     Optional: true
      ARGOCD_SERVER_CONTENT_SECURITY_POLICY:             <set to the key 'server.content.security.policy' of config map 'argocd-cmd-params-cm'>             Optional: true
      ARGOCD_SERVER_REPO_SERVER_PLAINTEXT:               <set to the key 'server.repo.server.plaintext' of config map 'argocd-cmd-params-cm'>               Optional: true
      ARGOCD_SERVER_REPO_SERVER_STRICT_TLS:              <set to the key 'server.repo.server.strict.tls' of config map 'argocd-cmd-params-cm'>              Optional: true
      ARGOCD_SERVER_DEX_SERVER_PLAINTEXT:                <set to the key 'server.dex.server.plaintext' of config map 'argocd-cmd-params-cm'>                Optional: true
      ARGOCD_SERVER_DEX_SERVER_STRICT_TLS:               <set to the key 'server.dex.server.strict.tls' of config map 'argocd-cmd-params-cm'>               Optional: true
      ARGOCD_TLS_MIN_VERSION:                            <set to the key 'server.tls.minversion' of config map 'argocd-cmd-params-cm'>                      Optional: true
      ARGOCD_TLS_MAX_VERSION:                            <set to the key 'server.tls.maxversion' of config map 'argocd-cmd-params-cm'>                      Optional: true
      ARGOCD_TLS_CIPHERS:                                <set to the key 'server.tls.ciphers' of config map 'argocd-cmd-params-cm'>                         Optional: true
      ARGOCD_SERVER_CONNECTION_STATUS_CACHE_EXPIRATION:  <set to the key 'server.connection.status.cache.expiration' of config map 'argocd-cmd-params-cm'>  Optional: true
      ARGOCD_SERVER_OIDC_CACHE_EXPIRATION:               <set to the key 'server.oidc.cache.expiration' of config map 'argocd-cmd-params-cm'>               Optional: true
      ARGOCD_SERVER_LOGIN_ATTEMPTS_EXPIRATION:           <set to the key 'server.login.attempts.expiration' of config map 'argocd-cmd-params-cm'>           Optional: true
      ARGOCD_SERVER_STATIC_ASSETS:                       <set to the key 'server.staticassets' of config map 'argocd-cmd-params-cm'>                        Optional: true
      ARGOCD_APP_STATE_CACHE_EXPIRATION:                 <set to the key 'server.app.state.cache.expiration' of config map 'argocd-cmd-params-cm'>          Optional: true
      REDIS_SERVER:                                      <set to the key 'redis.server' of config map 'argocd-cmd-params-cm'>                               Optional: true
      REDIS_COMPRESSION:                                 <set to the key 'redis.compression' of config map 'argocd-cmd-params-cm'>                          Optional: true
      REDISDB:                                           <set to the key 'redis.db' of config map 'argocd-cmd-params-cm'>                                   Optional: true
      ARGOCD_DEFAULT_CACHE_EXPIRATION:                   <set to the key 'server.default.cache.expiration' of config map 'argocd-cmd-params-cm'>            Optional: true
      ARGOCD_MAX_COOKIE_NUMBER:                          <set to the key 'server.http.cookie.maxnumber' of config map 'argocd-cmd-params-cm'>               Optional: true
      ARGOCD_SERVER_OTLP_ADDRESS:                        <set to the key 'otlp.address' of config map 'argocd-cmd-params-cm'>                               Optional: true
      ARGOCD_APPLICATION_NAMESPACES:                     <set to the key 'application.namespaces' of config map 'argocd-cmd-params-cm'>                     Optional: true
    Mounts:
      /app/config/dex/tls from argocd-dex-server-tls (rw)
      /app/config/server/tls from argocd-repo-server-tls (rw)
      /app/config/ssh from ssh-known-hosts (rw)
      /app/config/tls from tls-certs (rw)
      /home/argocd from plugins-home (rw)
      /tmp from tmp (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-wggq2 (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  plugins-home:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:     
    SizeLimit:  <unset>
  tmp:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:     
    SizeLimit:  <unset>
  ssh-known-hosts:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      argocd-ssh-known-hosts-cm
    Optional:  false
  tls-certs:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      argocd-tls-certs-cm
    Optional:  false
  argocd-repo-server-tls:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  argocd-repo-server-tls
    Optional:    true
  argocd-dex-server-tls:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  argocd-dex-server-tls
    Optional:    true
  kube-api-access-wggq2:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:                      <none>

argo-server describe

 

봐도 뭔지 알아야 고치지 ㅅㅂ

학교갈시간이네 학교가자

'Kubernetes > CICD' 카테고리의 다른 글

Jenkins + EKS 구성해보기 6 (테스트 성공)  (0) 2022.11.17
Jenkins + EKS 구성해보기 5 (참고)  (0) 2022.11.17
Jenkins + ArgoCD + EKS 구성해보기 3 (실패)  (0) 2022.11.15
Jenkins + ArgoCD + EKS 구성해보기 2 (실패)  (0) 2022.11.14
Jenkins + ArgoCD + EKS 구성해보기 1 (실패)  (0) 2022.11.13

검색 태그

python
AWS Certified Solutions Architect Associate
docker
awslambda
루비프로젝트
OSS
리눅스마스터2급
코딩테스트
백준온라인저지
유니티
리눅스마스터2급2차
serverless
TensorFlow
AWS Certified Developer Associate
유니티1인게임개발
CICD
구름KDT쿠버네티스전문가양성과정6기
조코딩
유니티게임개발
유니티1인개발
1인게임개발
dynamodb
Kubernetes
SQLD
Ethereum-auto-trade
1인개발
Ethereum-Autotrade
rancher
Ai
AWS

티스토리툴바