Kubernetes\u6642\u4ee3\u306eCI\/CD Jenkins X\u3068\u306f?-\u524d\u7de8<\/a><\/p>\n \u5f53\u521d\u306f\u3001\u5404\u30d6\u30e9\u30f3\u30c1\u3054\u3068\u306b\u30c9\u30e1\u30a4\u30f3\u3092\u4f5c\u6210\u3057\u3001Let\u2019s Encrypt \u306b\u3088\u308b SSL \u8a3c\u660e\u66f8\u3092\u767a\u884c\u3057\u3066\u3044\u305f\u306e\u3067\u3059\u304c\u3001\u4e26\u884c\u3067\u958b\u767a\u3059\u308b\u30d6\u30e9\u30f3\u30c1\u6570\u304c\u591a\u304f\u306a\u3063\u3066\u304f\u308b\u3068\u3084\u304c\u3066 rate-limit \u306b\u5f53\u305f\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\u3002 \u4eca\u56de\u306f\u3001\u305d\u308c\u3092\u56de\u907f\u3059\u308b\u305f\u3081\u306b\u5fc5\u8981\u3068\u306a\u3063\u305f\u3001Kubernetes \u30af\u30e9\u30b9\u30bf\u4e0a\u3067 Let\u2019s Encrypt \u3092\u7528\u3044\u305f\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u8a3c\u660e\u66f8\u3092\u81ea\u52d5\u767a\u884c\u30fb\u66f4\u65b0\u3067\u304d\u308b\u57fa\u76e4\u306e\u4f5c\u308a\u65b9\u306b\u3064\u3044\u3066\u3054\u7d39\u4ecb\u3057\u307e\u3059\u3002<\/p>\n \u5f0a\u793e\u3067\u306f AWS Route 53 \u3067\u30c9\u30e1\u30a4\u30f3\u3092\u7ba1\u7406\u3057\u3066\u3044\u308b\u305f\u3081\u3001\u672c\u8a18\u4e8b\u3067\u306f Route 53 \u3092\u5229\u7528\u3057\u305f\u30c9\u30e1\u30a4\u30f3\u3092\u5bfe\u8c61\u3068\u3057\u307e\u3059\u3002<\/p>\n <\/p>\n\n \u672c\u8a18\u4e8b\u3067\u306f\u3001\u4ee5\u4e0b\u306e\u6280\u8853\u7528\u8a9e\u306b\u3064\u3044\u3066\u306f\u8aac\u660e\u3044\u305f\u3057\u307e\u305b\u3093\u306e\u3067\u3001\u307e\u3060\u3054\u5b58\u77e5\u306a\u3044\u3068\u3044\u3046\u65b9\u306f\u53c2\u8003\u30b5\u30a4\u30c8\u3092\u3054\u89a7\u306b\u306a\u3063\u3066\u304b\u3089\u672c\u8a18\u4e8b\u3092\u3054\u89a7\u306b\u306a\u308b\u3068\u3001\u3088\u308a\u7406\u89e3\u304c\u9032\u3080\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n \u672c\u8a18\u4e8b\u3067\u306f\u3001\u4ee5\u4e0b\u306e\u6761\u4ef6\u304c\u63c3\u3063\u305f\u72b6\u614b\u3092\u30b9\u30bf\u30fc\u30c8\u306b\u5fc5\u8981\u306a\u6761\u4ef6\u3068\u3057\u307e\u3059\u3002<\/p>\n \u8a3c\u660e\u66f8\u3092\u767a\u884c\u3059\u308b\u4e88\u5b9a\u306e\u30c9\u30e1\u30a4\u30f3\u3092\u4fdd\u6301\u3057\u3066\u3044\u308b\u3053\u3068<\/p>\n AWS Route 53 \u3067\u4e0a\u8a18\u30c9\u30e1\u30a4\u30f3\u304c\u7ba1\u7406\u3067\u304d\u3066\u3044\u308b\u3053\u3068<\/p>\n Kubernetes \u30af\u30e9\u30b9\u30bf\u4e0a\u3067\u4ee5\u4e0b\u304c\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308b\u3053\u3068\u3092\u30b4\u30fc\u30eb\u3068\u3057\u307e\u3059\u3002<\/p>\n \u672c\u8a18\u4e8b\u3067\u306f\u3001Kubernetes \u30af\u30e9\u30b9\u30bf\u4e0a\u3067\u8a3c\u660e\u66f8\u306e\u81ea\u52d5\u767a\u884c\u30fb\u66f4\u65b0\u3092\u62c5\u3063\u3066\u304f\u308c\u308b\u30df\u30c9\u30eb\u30a6\u30a7\u30a2\u3068\u3057\u3066 cert-manager<\/a> v0.3.0(\u57f7\u7b46\u6642\u6700\u65b0) \u3092\u5229\u7528\u3057\u307e\u3059\u3002<\/p>\n \u3053\u306e\u30df\u30c9\u30eb\u30a6\u30a7\u30a2\u306f\u3001Let\u2019s Encrypt \u3067\u8a3c\u660e\u66f8\u3092\u767a\u884c\u30fb\u66f4\u65b0\u3059\u308b\u4e0a\u3067\u5fc5\u8981\u3068\u306a\u308b\u4ee5\u4e0b\u306e\u4f5c\u696d\u3092\u81ea\u52d5\u5316\u3057\u3066\u304f\u308c\u307e\u3059\u3002<\/p>\n \u307e\u305a\u3001cert-manager \u304c Route 53 \u3092\u64cd\u4f5c\u3059\u308b\u305f\u3081\u306b\u5fc5\u8981\u306a\u30e6\u30fc\u30b6\u3092\u8ffd\u52a0\u3057\u307e\u3059\u3002<\/p>\n \u516c\u5f0f\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8<\/a>\u901a\u308a\u3001helm \u3092\u7528\u3044\u3066 cert-manager \u3092 Kubernetes \u30af\u30e9\u30b9\u30bf\u3078\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u307e\u3059\u3002<\/p>\n \u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u304c\u5b8c\u4e86\u3059\u308b\u3068\u3001\u4ee5\u4e0b\u306e\u69d8\u306b cert-manager \u3067\u306f\u3001\u8a3c\u660e\u66f8\u3092\u767a\u884c\u3059\u308b\u305f\u3081\u306e ACME \u30d7\u30ed\u30d1\u30a4\u30c0(Let\u2019s Encrypt)\u3084 DNS \u30d7\u30ed\u30d1\u30a4\u30c0\u306a\u3069\u306e\u8a2d\u5b9a\u3092 Issuer\/ClusterIssuer \u3068\u3044\u3046\u30ea\u30bd\u30fc\u30b9\u3067\u7ba1\u7406\u3057\u307e\u3059\u3002<\/p>\n Issuer\/ClusterIssuer \u306f namespace \u6bce\u306b\u5229\u7528\u53ef\u80fd\u3068\u3059\u308b\u304b\u3001\u30af\u30e9\u30b9\u30bf\u5168\u4f53\u3067\u5229\u7528\u53ef\u80fd\u3068\u3059\u308b\u304b\u306e\u9055\u3044\u3067\u3001\u672c\u8a18\u4e8b\u3067\u306f\u30af\u30e9\u30b9\u30bf\u5168\u4f53\u3067\u5229\u7528\u3067\u304d\u308b\u3088\u3046\u306b ClusterIssuer \u3068\u3057\u3066\u767b\u9332\u3057\u307e\u3059\u3002<\/p>\n \u3053\u3053\u307e\u3067\u6e96\u5099\u3067\u304d\u305f\u3089\u3001\u3044\u3088\u3044\u3088\u8a3c\u660e\u66f8\u3092\u767a\u884c\u3057\u3066\u307f\u307e\u3059\u3002<\/p>\n cert-manager \u3067\u306f\u3001\u767a\u884c\u3059\u308b\u8a3c\u660e\u66f8\u306e\u4e2d\u8eab\u3092\u5b9a\u7fa9\u3059\u308b\u8a2d\u5b9a\u3092 Certificate \u3068\u3044\u3046\u30ea\u30bd\u30fc\u30b9\u3067\u7ba1\u7406\u3057\u307e\u3059\u3002<\/p>\n \u672c\u8a18\u4e8b\u3067\u306f\u3001 \u8a3c\u660e\u66f8\u306e\u767a\u884c\u72b6\u6cc1\u3092\u78ba\u8a8d\u3057\u307e\u3059<\/p>\n \u672c\u8a18\u4e8b\u3067\u306f\u3001\u30b5\u30f3\u30d7\u30eb\u306e\u305f\u3081\u306e nginx Pod \u3092 Kubernetes \u30af\u30e9\u30b9\u30bf\u4e0a\u306b\u7acb\u3066\u3066\u3001\u305d\u308c\u3092\u5916\u90e8\u306b\u516c\u958b\u3059\u308b\u305f\u3081\u306e Service\/Ingress \u3092\u767b\u9332\u3057\u3066\u307f\u307e\u3059\u3002 AWS Route53<\/a> \u3078\u30a2\u30af\u30bb\u30b9\u3057\u3001\u4e0a\u8a18\u306e\u30a2\u30c9\u30ec\u30b9\u306b\u5bfe\u3057\u3066 https:\/\/nginx.example.com<\/a> \u3078\u30a2\u30af\u30bb\u30b9\u3057\u3066\u3001\u4ee5\u4e0b\u306e\u69d8\u306b\u767a\u884c\u3055\u308c\u305f\u8a3c\u660e\u66f8\u304c\u30d6\u30e9\u30a6\u30b6\u4e0a\u3067\u78ba\u8a8d\u3067\u304d\u308c\u3070\u3001\u8a3c\u660e\u66f8\u767a\u884c\u57fa\u76e4\u306e\u69cb\u7bc9\u306f\u5b8c\u4e86\u3067\u3059\uff01 \u30b5\u30f3\u30d7\u30eb\u3067\u5229\u7528\u3057\u305f\u30b5\u30fc\u30d3\u30b9\u306e\u8a2d\u5b9a\u306f\u4ee5\u4e0b\u3067\u5168\u90e8\u524a\u9664\u3067\u304d\u307e\u3059\u3002<\/p>\n \u672c\u8a18\u4e8b\u3067\u306f\u3001\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u8a3c\u660e\u66f8\u3092\u767a\u884c\u3059\u308b\u305f\u3081\u306b\u5fc5\u8981\u306a DNS-01 \u65b9\u5f0f\u306e\u30c9\u30e1\u30a4\u30f3\u691c\u8a3c\u3092\u3059\u308b\u8a2d\u5b9a\u3092\u4f5c\u6210\u3057\u307e\u3057\u305f\u304c\u3001cert-manager \u3067\u306f DNS-01 \u65b9\u5f0f\u4ee5\u5916\u306b\u3082 HTTP-01 \u65b9\u5f0f\u3067\u306e\u30c9\u30e1\u30a4\u30f3\u691c\u8a3c\u306b\u3082\u5bfe\u5fdc\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n \u8a73\u3057\u304f\u306f\u3001cert-manager \u306e\u516c\u5f0f\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8<\/a>\u3082\u3054\u89a7\u304f\u3060\u3055\u3044\u3002<\/p>\n \u3044\u304b\u304c\u3067\u3057\u305f\u3067\u3057\u3087\u3046\u304b\u3002\u672c\u8a18\u4e8b\u3067\u7d39\u4ecb\u3057\u305f\u57fa\u76e4\u3092 Kubernetes \u30af\u30e9\u30b9\u30bf\u4e0a\u306b\u7528\u610f\u3057\u3066\u304a\u304f\u3053\u3068\u3067\u3001\u30c7\u30e2\u74b0\u5883\u3092\u3088\u308a\u305f\u304f\u3055\u3093\u3001\u5b89\u5168\u306b\u7528\u610f\u3059\u308b\u3053\u3068\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n \u662f\u975e\u3001CI\/CD \u3068\u4f75\u305b\u3066\u7686\u3055\u3093\u306e\u958b\u767a\u74b0\u5883\u306b\u53d6\u308a\u5165\u308c\u3066\u3044\u305f\u3060\u304d\u3001\u672c\u8a18\u4e8b\u304c\u958b\u767a\u30fb\u30ea\u30ea\u30fc\u30b9\u901f\u5ea6\u3092\u5411\u4e0a\u3055\u305b\u308b\u4e0a\u3067\u53c2\u8003\u306b\u306a\u308c\u3070\u5e78\u3044\u3067\u3059\u3002<\/p>\n WESEEK\u3067\u63a1\u7528\u3057\u3066\u3044\u308b CI\/CD \u5b9f\u73fe\u624b\u6cd5<\/a><\/p>\n
\n(\u53c2\u8003: Rate Limits \u2013 Let\u2019s Encrypt \u2013 Free SSL\/TLS Certificates<\/a>)<\/p>\n\u5fc5\u8981\u3068\u306a\u308b\u524d\u63d0\u77e5\u8b58<\/h1>\n
\n
\n
\n
\n
\n
\n
\n
\n
\u57fa\u76e4\u69cb\u7bc9\u306b\u3042\u305f\u3063\u3066\u5fc5\u8981\u3068\u306a\u308b\u30b9\u30bf\u30fc\u30c8\u6761\u4ef6<\/h1>\n
\n
kubectl<\/code> \u30b3\u30de\u30f3\u30c9\u3092\u5229\u7528\u3057\u3066\u3001Kubernetes \u30af\u30e9\u30b9\u30bf\u306b\u30ed\u30b0\u30a4\u30f3\u30fb\u64cd\u4f5c\u3067\u304d\u308b\u3053\u3068<\/p>\n<\/li>\nhelm<\/code> \u30b3\u30de\u30f3\u30c9\u3092\u5229\u7528\u3057\u3066\u3001Kubernetes \u30af\u30e9\u30b9\u30bf\u306b\u4efb\u610f\u306e Chart \u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3067\u304d\u308b\u3053\u3068<\/p>\n<\/li>\n\n
example.com<\/code> \u3068\u3057\u307e\u3059<\/li>\n<\/ul>\n<\/li>\n\n
\u672c\u8a18\u4e8b\u306e\u30b4\u30fc\u30eb<\/h1>\n
\n
\u672c\u8a18\u4e8b\u3067\u3054\u7d39\u4ecb\u3059\u308b\u30df\u30c9\u30eb\u30a6\u30a7\u30a2(cert-manager)\u306b\u3064\u3044\u3066<\/h1>\n
\n
\u69cb\u7bc9\u624b\u9806<\/h1>\n
1. AWS IAM role \u306e\u7528\u610f<\/h2>\n
\n
\n
k8s-cert-manager<\/code> \u306a\u3069<\/li>\n<\/ul>\n<\/li>\n{\n "Version": "2012-10-17",\n "Statement": [\n {\n "Effect": "Allow",\n "Action": "route53:GetChange",\n "Resource": "arn:aws:route53:::change\/*"\n },\n {\n "Effect": "Allow",\n "Action": "route53:ChangeResourceRecordSets",\n "Resource": "arn:aws:route53:::hostedzone\/*"\n },\n {\n "Effect": "Allow",\n "Action": "route53:ListHostedZonesByName",\n "Resource": "*"\n }\n ]\n}<\/code><\/pre>\n\n
\n
route53-access-for-cert-manager<\/code><\/li>\n<\/ul>\n<\/li>\n\n
2. Kubernetes \u30af\u30e9\u30b9\u30bf\u4e0a\u306b cert-manager \u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/h2>\n
$ helm install \n --name cert-manager \n --namespace kube-system \n stable\/cert-manager<\/code><\/pre>\nkube-system<\/code> namespace \u306b cert-manager<\/code> \u306e Pod \u304c\u52d5\u304d\u59cb\u3081\u307e\u3059\u3002<\/p>\n$ kubectl -n kube-system get pod\nNAME READY STATUS RESTARTS AGE\ncert-manager-cert-manager-56fcf79bc8-dx85q 1\/1 Running 0 39m<\/code><\/pre>\n3. \u8a3c\u660e\u66f8\u3092\u767a\u884c\u3059\u308b\u305f\u3081\u306e\u8a2d\u5b9a\u3092\u884c\u3046<\/h2>\n
\n
$ kubectl -n kube-system create secret generic prod-route53-credentials-secret --from-literal=secret-access-key=<\u30b7\u30fc\u30af\u30ec\u30c3\u30c8\u30a2\u30af\u30bb\u30b9\u30ad\u30fc><\/code><\/pre>\n<\/li>\n$ kubectl -n kube-system get secret prod-route53-credentials-secret\nNAME TYPE DATA AGE\nprod-route53-credentials-secret Opaque 1 59d<\/code><\/pre>\n<\/li>\n$ cat <<'EOF'> clusterissuer-letsencrypt.yaml\napiVersion: certmanager.k8s.io\nkind: ClusterIssuer\nmetadata:\nname: letsencrypt\nspec:\nacme:\nemail: <\u4efb\u610f\u306e\u30e1\u30fc\u30eb\u30a2\u30c9\u30ec\u30b9>\nserver: https:\/\/acme-staging-v02.api.letsencrypt.org\/directory\nprivateKeySecretRef:\n name: letsencrypt-private-key\ndns01:\n providers:\n - name: route53\n route53:\n accessKeyID: <\u30a2\u30af\u30bb\u30b9\u30ad\u30fcID>\n region: us-east-1\n secretAccessKeySecretRef:\n key: secret-access-key\n name: prod-route53-credentials-secret\nEOF\n$ kubectl apply -f clusterissuer-letsencrypt.yaml<\/code><\/pre>\n\n
<\u4efb\u610f\u306e\u30e1\u30fc\u30eb\u30a2\u30c9\u30ec\u30b9><\/code> \u306e\u90e8\u5206\u306f\u3001\u3054\u81ea\u8eab\u3067\u53d7\u4fe1\u3067\u304d\u308b\u30e1\u30fc\u30eb\u30a2\u30c9\u30ec\u30b9\u3092\u8a18\u8f09\u3057\u3066\u304f\u3060\u3055\u3044\n\n
$ kubectl describe clusterissuer letsencrypt\n...(snip)...\nStatus:\nAcme:\nUri: https:\/\/acme-v02.api.letsencrypt.org\/acme\/acct\/XXXXXXXX\nConditions:\nLast Transition Time: 2018-05-18T15:20:48Z\nMessage: The ACME account was registered with the ACME server\nReason: ACMEAccountRegistered\nStatus: True\nType: Ready\nEvents: <none><\/code><\/pre>\n\n
The ACME account was registered with the ACME server<\/code> \u3068\u306a\u3063\u3066\u3044\u308c\u3070\u3001Let\u2019s Encrypt \u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u6b63\u5e38\u306b\u4f5c\u6210\u3067\u304d\u3066\u3044\u307e\u3059<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n4. \u8a3c\u660e\u66f8\u306e\u767a\u884c<\/h2>\n
*.example.com<\/code> \u306b\u95a2\u3059\u308b\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u8a3c\u660e\u66f8\u3092\u767a\u884c\u3059\u308b\u3001\u3068\u3044\u3046\u60f3\u5b9a\u3067\u8a2d\u5b9a\u3092\u8a18\u8f09\u3057\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n\n
$ cat <<'EOF'> cert-wildcard-example.yaml\napiVersion: certmanager.k8s.io\/v1alpha1\nkind: Certificate\nmetadata:\n name: wildcard-example\nspec:\n acme:\n config:\n - dns01:\n provider: route53\n domains:\n - '*.example.com'\n commonName: '*.example.com\n issuerRef:\n kind: ClusterIssuer\n name: letsencrypt\n secretName: cert-wildcard-example\nEOF\n$ kubectl apply -f cert-wildcard-example.yaml<\/code><\/pre>\n\n
kubectl apply<\/code> \u306b\u3088\u308b\u30ea\u30bd\u30fc\u30b9\u306e\u767b\u9332\u304c\u5b8c\u4e86\u3059\u308b\u3068\u3001cert-manager \u306b\u3088\u3063\u3066\u3059\u3050\u306b\u8a3c\u660e\u66f8\u767a\u884c\u4f5c\u696d\u304c\u958b\u59cb\u3055\u308c\u307e\u3059<\/li>\nspec.secretName<\/code> \u306b\u8a2d\u5b9a\u3055\u308c\u305f Secret \u306b\u53d6\u5f97\u3057\u305f\u8a3c\u660e\u66f8\u306e\u5185\u5bb9\u304c\u51fa\u529b\u3055\u308c\u307e\u3059<\/li>\n<\/ul>\n<\/li>\n$ kubectl describe cert wildcard-example\n...(snip)...\nStatus:\n Acme:\n Order:\n URL: https:\/\/acme-v02.api.letsencrypt.org\/acme\/order\/XXXXXXXX\/XXXXXXXX\n Conditions:\n Last Transition Time: 2018-06-18T03:26:11Z\n Message: Certificate renewed successfully\n Reason: CertRenewed\n Status: True\n Type: Ready\n Last Transition Time: \n\n<nil>\n Message: Order validated\n Reason: OrderValidated\n Status: False\n Type: ValidateFailed<\/nil><\/code><\/pre>\n\n
\n
Certificate renewed successfully<\/code> \u3068\u3044\u3046\u30e1\u30c3\u30bb\u30fc\u30b8\u304c\u78ba\u8a8d\u3067\u304d\u307e\u3059<\/li>\n<\/ul>\n<\/li>\n$ kubectl get secret cert-wildcard-example\nNAME TYPE DATA AGE\ncert-wildcard-example kubernetes.io\/tls 2 25d<\/code><\/pre>\n\n
kubernetes.io\/tls<\/code> \u30bf\u30a4\u30d7\u306e Secret \u306e\u5b58\u5728\u304c\u78ba\u8a8d\u3067\u304d\u308c\u3070\u3001\u8a3c\u660e\u66f8\u306f\u767a\u884c\u3067\u304d\u3066\u3044\u307e\u3059\uff01<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n5. Kubernetes \u30af\u30e9\u30b9\u30bf\u4e0a\u306b\u7acb\u3066\u305f Web \u30b5\u30fc\u30d3\u30b9\u306e\u516c\u958b<\/h2>\n
\nIngress \u3067\u6307\u5b9a\u3059\u308b\u8a3c\u660e\u66f8\u306b\u3001\u4eca\u56de\u767a\u884c\u3057\u305f\u8a3c\u660e\u66f8\u3092\u6307\u5b9a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n\n
$ cat <<'EOF' > example-nginx.yaml\napiVersion: extensions\/v1beta1\nkind: Deployment\nmetadata:\n name: nginx-example-deployment\n labels:\n app: example-nginx\nspec:\n replicas: 1\n template:\n metadata:\n labels:\n app: example-nginx\n spec:\n containers:\n - name: nginx\n image: nginx\n ports:\n - containerPort: 80\n---\napiVersion: v1\nkind: Service\nmetadata:\n name: example-nginx\n labels:\n app: example-nginx\nspec:\n ports:\n - name: http\n port: 80\n protocol: TCP\n targetPort: 80\n selector:\n app: example-nginx\n type: NodePort\n---\napiVersion: extensions\/v1beta1\nkind: Ingress\nmetadata:\n name: example-nginx\n labels:\n app: example-nginx\nspec:\n rules:\n - host: nginx.example.com\n http:\n paths:\n - backend:\n serviceName: example-nginx\n servicePort: 80\n tls:\n - hosts:\n - nginx.example.com\n secretName: cert-wildcard-example\nEOF\n$ kubectl apply -f example-nginx.yaml<\/code><\/pre>\n<\/li>\n$ kubectl get ing\nNAME HOSTS ADDRESS PORTS AGE\nexample-nginx nginx.example.com XXX.XXX.XXX.XXX 80, 443 3m<\/code><\/pre>\n\n
6. AWS Route 53 \u306e\u8a2d\u5b9a<\/h2>\n
nginx.example.com<\/code> \u3067\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3088\u3046\u306b A \u30ec\u30b3\u30fc\u30c9\u3092\u8ffd\u52a0\u3057\u307e\u3059\u3002<\/p>\n7. Let\u2019s \u30a2\u30af\u30bb\u30b9!!<\/h2>\n
![\"\"](\"https:\/\/weseek.co.jp\/tech\/wp-content\/uploads\/2021\/06\/20190912125006.png\")
<\/p>\n\n
$ kubectl delete deploy,svc,ing -l 'app=example-nginx'<\/code><\/pre>\n\u305d\u306e\u4ed6\u306e\u30c9\u30e1\u30a4\u30f3\u691c\u8a3c\u65b9\u6cd5<\/h1>\n
\u307e\u3068\u3081<\/h1>\n
\u95a2\u9023\u8a18\u4e8b<\/h3>\n