{"componentChunkName":"component---src-templates-post-template-jsx","path":"/works/posts/2025-03-19--001","result":{"data":{"site":{"siteMetadata":{"title":"Blog by Eunyoung","subtitle":"작업 기록 블로그","copyright":"© All rights reserved.","author":{"name":"EunYoung","twitter":"#"},"disqusShortname":"","url":"https://ssongey.github.io"}},"markdownRemark":{"id":"d75040f2-526a-5bdf-9ab8-58a6e243736c","html":"<p>이번에 클러스터 이관작업을 하면서 GSLB에 매핑된 VIP 변경도 진행하게 되었는데, 이에 대한 작업 이력을 기록한다.</p>\n<br/>\n<h3>✔︎ GSLB에 새로운 VIP 추가</h3>\n<ul>\n<li>새로운 vip 추가시, 트래픽 분배 방식을 ratio 로 설정. (기존 트래픽 방식은 round robin)</li>\n<li>한 리전씩 1%로 설정하여 투입.</li>\n</ul>\n<Br/>\n<h3>✔︎ 1% 투입 후 테스트</h3>\n<ul>\n<li>도메인에 매핑되는 IP를 강제하여 새로 투입된 VIP 연결에 문제가 없는지 확인한다.</li>\n<li>TLS 또는 Pod까지 플로우에 문제가 없는지 체크</li>\n</ul>\n<p><strong>확인방법 1) /etc/hosts 파일 수정</strong></p>\n<ul>\n<li>여태 <code class=\"language-text\">/etc/hosts</code> 파일을 수정해서 curl 테스트를 진행했었는데, 파일 수정 후 curl 명령어를 수행하는게 번거로웠다.</li>\n</ul>\n<div class=\"gatsby-highlight\" data-language=\"sql\"><pre class=\"language-sql\"><code class=\"language-sql\">$ curl <span class=\"token operator\">-</span>v https:<span class=\"token comment\">//digitaldocs.kakao.com -o /dev/null -s</span>\n\n<span class=\"token operator\">*</span> Host digitaldocs<span class=\"token punctuation\">.</span>kakao<span class=\"token punctuation\">.</span>com:<span class=\"token number\">443</span> was resolved<span class=\"token punctuation\">.</span>\n<span class=\"token operator\">*</span> IPv6: <span class=\"token punctuation\">(</span>none<span class=\"token punctuation\">)</span>\n<span class=\"token operator\">*</span> IPv4: <span class=\"token number\">121.53</span><span class=\"token number\">.108</span><span class=\"token number\">.101</span>\n<span class=\"token operator\">*</span>   Trying <span class=\"token number\">121.53</span><span class=\"token number\">.108</span><span class=\"token number\">.101</span>:<span class=\"token number\">443.</span><span class=\"token punctuation\">.</span><span class=\"token punctuation\">.</span>\n<span class=\"token operator\">*</span> Connected <span class=\"token keyword\">to</span> digitaldocs<span class=\"token punctuation\">.</span>kakao<span class=\"token punctuation\">.</span>com <span class=\"token punctuation\">(</span><span class=\"token number\">121.53</span><span class=\"token number\">.108</span><span class=\"token number\">.101</span><span class=\"token punctuation\">)</span> port <span class=\"token number\">443</span></code></pre></div>\n<br/>\n<p><strong>확인방법 2) curl resolve 옵션</strong></p>\n<ul>\n<li>curl에 <code class=\"language-text\">—resolve</code> 옵션을 사용하여 ip를 강제 지정하는 방법이 있다.</li>\n</ul>\n<div class=\"gatsby-highlight\" data-language=\"sql\"><pre class=\"language-sql\"><code class=\"language-sql\">$ curl <span class=\"token operator\">-</span>v <span class=\"token comment\">--resolve digitaldocs.kakao.com:443:211.183.222.21 https://digitaldocs.kakao.com -o /dev/null -s</span>\n\n<span class=\"token operator\">*</span> Added digitaldocs<span class=\"token punctuation\">.</span>kakao<span class=\"token punctuation\">.</span>com:<span class=\"token number\">443</span>:<span class=\"token number\">211.183</span><span class=\"token number\">.222</span><span class=\"token number\">.21</span> <span class=\"token keyword\">to</span> DNS cache\n<span class=\"token operator\">*</span> Hostname digitaldocs<span class=\"token punctuation\">.</span>kakao<span class=\"token punctuation\">.</span>com was found <span class=\"token operator\">in</span> DNS cache\n<span class=\"token operator\">*</span>   Trying <span class=\"token number\">211.183</span><span class=\"token number\">.222</span><span class=\"token number\">.21</span>:<span class=\"token number\">443.</span><span class=\"token punctuation\">.</span><span class=\"token punctuation\">.</span>\n<span class=\"token operator\">*</span> Connected <span class=\"token keyword\">to</span> digitaldocs<span class=\"token punctuation\">.</span>kakao<span class=\"token punctuation\">.</span>com <span class=\"token punctuation\">(</span><span class=\"token number\">211.183</span><span class=\"token number\">.222</span><span class=\"token number\">.21</span><span class=\"token punctuation\">)</span> port <span class=\"token number\">443</span></code></pre></div>\n<ul>\n<li>ip가 잘못 들어가면 커넥션에 실패한다.</li>\n</ul>\n<div class=\"gatsby-highlight\" data-language=\"sql\"><pre class=\"language-sql\"><code class=\"language-sql\">$ curl <span class=\"token operator\">-</span>v <span class=\"token comment\">--resolve digitaldocs.kakao.com:443:211.183.222.222 https://digitaldocs.kakao.com -o /dev/null -s</span>\n\n<span class=\"token operator\">*</span> Added digitaldocs<span class=\"token punctuation\">.</span>kakao<span class=\"token punctuation\">.</span>com:<span class=\"token number\">443</span>:<span class=\"token number\">211.183</span><span class=\"token number\">.222</span><span class=\"token number\">.222</span> <span class=\"token keyword\">to</span> DNS cache\n<span class=\"token operator\">*</span> Hostname digitaldocs<span class=\"token punctuation\">.</span>kakao<span class=\"token punctuation\">.</span>com was found <span class=\"token operator\">in</span> DNS cache\n<span class=\"token operator\">*</span>   Trying <span class=\"token number\">211.183</span><span class=\"token number\">.222</span><span class=\"token number\">.222</span>:<span class=\"token number\">443.</span><span class=\"token punctuation\">.</span><span class=\"token punctuation\">.</span>\n<span class=\"token operator\">*</span> <span class=\"token keyword\">connect</span> <span class=\"token keyword\">to</span> <span class=\"token number\">211.183</span><span class=\"token number\">.222</span><span class=\"token number\">.222</span> port <span class=\"token number\">443</span> <span class=\"token keyword\">from</span> <span class=\"token number\">172.20</span><span class=\"token number\">.40</span><span class=\"token number\">.200</span> port <span class=\"token number\">50047</span> failed: Operation timed <span class=\"token keyword\">out</span>\n<span class=\"token operator\">*</span> Failed <span class=\"token keyword\">to</span> <span class=\"token keyword\">connect</span> <span class=\"token keyword\">to</span> digitaldocs<span class=\"token punctuation\">.</span>kakao<span class=\"token punctuation\">.</span>com port <span class=\"token number\">443</span> <span class=\"token keyword\">after</span> <span class=\"token number\">75000</span> ms: Couldn't <span class=\"token keyword\">connect</span> <span class=\"token keyword\">to</span> server\n<span class=\"token operator\">*</span> Closing connection</code></pre></div>\n<br/>\n<h3>✔︎ dig 명령어로는 1% 테스트가 잘 안된다?</h3>\n<ul>\n<li>dig(Domain Information Groper)는 <strong>DNS(Domain Name System) 정보를 조회하는 명령어</strong>로, 주로 도메인의 IP 주소, 네임서버(NS)를 조회하는데 확인한다.</li>\n<li>/etc/hosts 파일 수정 후, dig 명령어를 이용해도 동일하게 강제 설정된 IP가 조회될 것이라고 생각했지만, 예상과는 다르게 ratio가 높은 IP가 조회되었다.</li>\n</ul>\n<p><strong>원인)</strong></p>\n<ol>\n<li>\n<p><strong><code class=\"language-text\">/etc/hosts</code>는 로컬에서만 적용됨</strong></p>\n<ul>\n<li>/etc/hosts는 OS의 로컬 DNS 해석 단계에서만 사용.</li>\n<li>하지만 dig는 기본적으로 네트워크상의 DNS 서버를 직접 조회하기 때문에 /etc/hosts의 설정을 반영하지 않음.</li>\n</ul>\n</li>\n<li>\n<p><strong><code class=\"language-text\">dig</code>는 시스템 DNS 설정을 무시하고 네트워크 쿼리를 수행</strong></p>\n<ul>\n<li><code class=\"language-text\">dig example.com</code>을 실행하면, 현재 설정된 DNS 서버(ex. 8.8.8.8 같은 공용 DNS)를 사용해서 실제 네트워크에서 조회한 결과를 반환.</li>\n<li>즉, /etc/hosts 설정을 사용하지 않고, 네트워크에 등록된 공식적인 DNS 정보를 가져온다.</li>\n</ul>\n</li>\n</ol>","fields":{"tagSlugs":["/tags/gslb/"],"slug":"/works/posts/2025-03-19--001"},"frontmatter":{"title":"GSLB에 매핑된 VIP 변경 작업 기록","tags":["gslb"],"date":"2025-03-19","description":""}}},"pageContext":{"slug":"/works/posts/2025-03-19--001"}},"staticQueryHashes":[]}