ARM (RISC 기반) 특징: 명령어 구조 단순 → 저전력·고효율, 발열 적음 활용: 스마트폰, 태블릿, 임베디드, 저전력 서버 등 대표 제품: 애플 M1·M2, 퀄컴 Snapdragon
AMD (x86 CISC 기반) 특징: 복잡한 명령어 → 강력한 연산 성능, 발열·전력 소모 ↑ 활용: 데스크톱, 서버, 게임용 PC, 데이터센터 등 고성능 환경 대표 제품: 라이젠(Ryzen), EPYC 서버 프로세서
ARM은 저전력·경량화가 필요한 모바일·임베디드 환경에 적합 AMD는 고성능·멀티태스킹이 필요한 데스크톱·서버 환경에 적합 최근 ARM도 성능을 높여 서버·데스크톱으로 확장 중이며, AMD도 전력 효율 개선에 주력하고 있음
AWS graviton
AWS Graviton은 AWS가 자체 설계한 ARM 기반 프로세서로, 고성능과 에너지 효율성을 동시에 제공한다. 클라우드 환경에서의 최적화된 성능과 비용 효율성을 목표로 개발되어, 웹 애플리케이션·컨테이너·마이크로서비스·빅데이터 분석·머신러닝 등 다양한 워크로드에서 뛰어난 성능을 발휘한다.
eksctl create nodegroup -c $CLUSTER_NAME -r ap-northeast-2 --subnet-ids "$PubSubnet1","$PubSubnet2","$PubSubnet3" \
-n ng3 -t t4g.medium -N 1 -m 1 -M 1 --node-volume-size=30 --node-labels family=graviton --dry-run > myng3.yaml
eksctl create nodegroup -f myng3.yaml
kubectl get nodes --label-columns eks.amazonaws.com/nodegroup,kubernetes.io/arch,eks.amazonaws.com/capacityType
NAME STATUS ROLES AGE VERSION NODEGROUP ARCH CAPACITYTYPE
ip-192-168-1-127.ap-northeast-2.compute.internal Ready <none> 2m24s v1.31.5-eks-5d632ec ng3 arm64 ON_DEMAND
...
kubectl describe nodes --selector family=graviton
...
System Info:
Machine ID: ec22fa7316c4486fe019bf98a12d486b
System UUID: ec22fa73-16c4-486f-e019-bf98a12d486b
Boot ID: 837ae6ee-0bb0-4615-bd23-da6bc27ecf56
Kernel Version: 5.10.233-224.894.amzn2.aarch64
OS Image: Amazon Linux 2
Operating System: linux
Architecture: arm64
Container Runtime Version: containerd://1.7.25
Kubelet Version: v1.31.5-eks-5d632ec
Kube-Proxy Version: v1.31.5-eks-5d632ec
ProviderID: aws:///ap-northeast-2a/i-008befacce404ca12
Non-terminated Pods: (4 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits Age
--------- ---- ------------ ---------- --------------- ------------- ---
kube-system aws-node-f4kld 50m (2%) 0 (0%) 0 (0%) 0 (0%) 2m29s
kube-system ebs-csi-node-4wdqw 30m (1%) 0 (0%) 120Mi (3%) 768Mi (23%) 2m29s
kube-system efs-csi-node-kv8rj 0 (0%) 0 (0%) 0 (0%) 0 (0%) 2m29s
kube-system kube-proxy-gktwf 100m (5%) 0 (0%) 0 (0%) 0 (0%) 2m29s
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 180m (9%) 0 (0%)
memory 120Mi (3%) 768Mi (23%)
ephemeral-storage 0 (0%) 0 (0%)
hugepages-1Gi 0 (0%) 0 (0%)
hugepages-2Mi 0 (0%) 0 (0%)
hugepages-32Mi 0 (0%) 0 (0%)
hugepages-64Ki 0 (0%) 0 (0%)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Starting 2m26s kube-proxy
Normal Starting 2m30s kubelet Starting kubelet.
Warning CgroupV1 2m30s kubelet Cgroup v1 support is in maintenance mode, please migrate to Cgroup v2.
Warning InvalidDiskCapacity 2m30s kubelet invalid capacity 0 on image filesystem
Normal NodeHasSufficientMemory 2m30s (x2 over 2m30s) kubelet Node ip-192-168-1-127.ap-northeast-2.compute.internal status is now: NodeHasSufficientMemory
Normal NodeHasNoDiskPressure 2m30s (x2 over 2m30s) kubelet Node ip-192-168-1-127.ap-northeast-2.compute.internal status is now: NodeHasNoDiskPressure
Normal NodeHasSufficientPID 2m30s (x2 over 2m30s) kubelet Node ip-192-168-1-127.ap-northeast-2.compute.internal status is now: NodeHasSufficientPID
Normal NodeAllocatableEnforced 2m30s kubelet Updated Node Allocatable limit across pods
Normal Synced 2m29s cloud-node-controller Node synced successfully
Normal RegisteredNode 2m27s node-controller Node ip-192-168-1-127.ap-northeast-2.compute.internal event: Registered Node ip-192-168-1-127.ap-northeast-2.compute.internal in Controller
Normal NodeReady 2m15s kubelet Node ip-192-168-1-127.ap-northeast-2.compute.internal status is now: NodeReady
aws eks update-nodegroup-config --cluster-name $CLUSTER_NAME --nodegroup-name ng3 \
--taints "addOrUpdateTaints=[{key=frontend, value=true, effect=NO_EXECUTE}]"
kubectl describe nodes --selector family=graviton | grep Taints
Taints: frontend=true:NoExecute
aws eks describe-nodegroup --cluster-name $CLUSTER_NAME --nodegroup-name ng3 | jq .nodegroup.taints[
{
"key": "frontend",
"value": "true",
"effect": "NO_EXECUTE"
}
]
cat <<EOF | kubectl apply -f -
> apiVersion: v1
> kind: Pod
> metadata:
> name: busybox
> spec:
> terminationGracePeriodSeconds: 3
> containers:
> - name: busybox
> image: busybox
> command:
> - "/bin/sh"
> - "-c"
> - "while true; do date >> /home/pod-out.txt; cd /home; sync; sync; sleep 10; done"
> tolerations:
> - effect: NoExecute
> key: frontend
> operator: Exists
> nodeSelector:
> family: graviton
> EOF
pod/busybox created
kubectl get pod -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
busybox 1/1 Running 0 6s 192.168.1.244 ip-192-168-1-127.ap-northeast-2.compute.internal <none> <none>
kubectl exec -it busybox -- arch
aarch64
kubectl exec -it busybox -- tail -f /home/pod-out.txt
Sat Feb 22 02:43:11 UTC 2025
Sat Feb 22 02:43:21 UTC 2025
Sat Feb 22 02:43:31 UTC 2025
Sat Feb 22 02:43:41 UTC 2025
Sat Feb 22 02:43:51 UTC 2025
Sat Feb 22 02:44:01 UTC 2025
Sat Feb 22 02:44:11 UTC 2025
BottleRocket AMI
클라우드 환경에서 컨테이너를 실행할 때는 주로 Amazon Linux나 Ubuntu 같은 범용 리눅스 배포판을 사용한다. 그러나 이런 운영체제에는 컨테이너 실행 외에도 여러 패키지와 서비스가 포함되어 있어, 보안 관리와 업데이트가 복잡해질 수 있다. 이를 해결하기 위해 AWS에서는 Bottlerocket이라는 컨테이너 전용 운영체제를 개발했다. Bottlerocket은 컨테이너 실행에 필요한 최소 구성만 포함하여 경량화되었으며, 보안과 성능 최적화에 초점을 맞춘 것이 특징이다.
cat << EOF > ng-br.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: myeks
region: ap-northeast-2
version: "1.31"
managedNodeGroups:
- name: ng-bottlerocket
instanceType: m5.large
amiFamily: Bottlerocket
bottlerocket:
enableAdminContainer: true
settings:
motd: "Hello, eksctl!"
desiredCapacity: 1
maxSize: 1
minSize: 1
labels:
alpha.eksctl.io/cluster-name: myeks
alpha.eksctl.io/nodegroup-name: ng-bottlerocket
ami: bottlerocket
subnets:
- $PubSubnet1
- $PubSubnet2
- $PubSubnet3
tags:
alpha.eksctl.io/nodegroup-name: ng-bottlerocket
alpha.eksctl.io/nodegroup-type: managed
- name: ng-bottlerocket-ssh
instanceType: m5.large
amiFamily: Bottlerocket
desiredCapacity: 1
maxSize: 1
minSize: 1
ssh:
allow: true
publicKeyName: $SSHKEYNAME
labels:
alpha.eksctl.io/cluster-name: myeks
alpha.eksctl.io/nodegroup-name: ng-bottlerocket-ssh
ami: bottlerocket
subnets:
- $PubSubnet1
- $PubSubnet2
- $PubSubnet3
tags:
alpha.eksctl.io/nodegroup-name: ng-bottlerocket-ssh
alpha.eksctl.io/nodegroup-type: managed
EOF
eksctl create nodegroup -f ng-br.yaml
kubectl get node --label-columns=alpha.eksctl.io/nodegroup-name,ami,node.kubernetes.io/instance-type
kubectl get node --label-columns=alpha.eksctl.io/nodegroup-name,ami,node.kubernetes.io/instance-type
NAME STATUS ROLES AGE VERSION NODEGROUP-NAME AMI INSTANCE-TYPE
ip-192-168-1-13.ap-northeast-2.compute.internal Ready <none> 5d15h v1.31.5-eks-5d632ec ng1 t3.medium
ip-192-168-1-69.ap-northeast-2.compute.internal Ready <none> 2m40s v1.31.4-eks-0f56d01 ng-bottlerocket-ssh bottlerocket m5.large
ip-192-168-2-229.ap-northeast-2.compute.internal Ready <none> 5d15h v1.31.5-eks-5d632ec ng1 t3.medium
ip-192-168-2-249.ap-northeast-2.compute.internal Ready <none> 2m40s v1.31.4-eks-0f56d01 ng-bottlerocket bottlerocket m5.large
ip-192-168-3-122.ap-northeast-2.compute.internal Ready <none> 5d15h v1.31.5-eks-5d632ec ng1 t3.medium