์ƒˆ์†Œ์‹

์ธ๊ธฐ ๊ฒ€์ƒ‰์–ด

Containers/Kubernetes

๐Ÿ“š[Sprint1] ์ฟ ๋ฒ„๋„คํ‹ฐ์Šค ๋ฌด๊ฒŒ๊ฐ ์žˆ๊ฒŒ ์„ค์น˜ํ•˜๊ธฐ

  • -

*ํ•ด๋‹น ๊ธ€์€ ์ธํ”„๋Ÿฐ ใ€Ž์ฟ ๋ฒ„๋„คํ‹ฐ์Šค ์–ด๋‚˜๋” ํด๋ž˜์Šค (์ง€์ƒํŽธ) - Sprint1ใ€ ๊ฐ•์˜๋ฅผ ๊ธฐ๋ฐ˜์œผ๋กœ ๋ณต์Šต&์ •๋ฆฌ ์ฐจ ์ž‘์„ฑ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

 

๐Ÿ“Œ์‹ค์Šต ํ™˜๊ฒฝ ๊ตฌ์„ฑ

์ด๋ฒˆ์—๋Š” ์ฟ ๋ฒ„๋„คํ‹ฐ์Šค ์‹ค์Šตํ™˜๊ฒฝ์„ ๊ตฌ์„ฑํ•ด๋ณด๊ณ ์ž ํ•ฉ๋‹ˆ๋‹ค.
๊ฐœ์ธ์ ์œผ๋กœ ๊ณต๋ถ€ํ• ๋•Œ๋Š” VMware๊ด€๋ จ ์ œํ’ˆ์„ ์‚ฌ์šฉํ•˜๋‹ค๋ณด๋‹ˆ VMware Workstation์„ ํ†ตํ•ด์„œ ์ง„ํ–‰ํ•˜๋ ค๊ณ  ํ–ˆ์œผ๋‚˜, ์ฒซ ์‹ค์Šต์ด๊ธฐ ๋•Œ๋ฌธ์— ์‹ค์Šต๋‚ด์šฉ์— ๋” ์ง‘์ค‘ํ•˜๊ณ ์ž VirtualBox๋กœ ์ง„ํ–‰ํ–ˆ์Šต๋‹ˆ๋‹ค.

์ถœ์ฒ˜: https://inf.run/k7mF

๐Ÿ”Vagrant๋ฅผ ํ™œ์šฉํ•˜์—ฌ  VM ์ƒ์„ฑ

* OS: Rocky Linux
* ์‹ค์Šต ์Šคํฌ๋ฆฝํŠธ๋ฅผ ํ™œ์šฉํ•˜์—ฌ k8s ๋งˆ์Šคํ„ฐ ๋…ธ๋“œ ์ƒ์„ฑ

# Vagrant ํด๋” ์ƒ์„ฑ
D:\> mkdir k8s

# Vagrant ์Šคํฌ๋ฆฝํŠธ ๋‹ค์šด๋กœ๋“œ
D:\k8s> curl -O https://raw.githubusercontent.com/k8s-1pro/install/main/ground/k8s-1.27/vagrant-2.3.4/Vagrantfile

# Rocky Linux Repo ์„ธํŒ…
D:\k8s> curl -O https://raw.githubusercontent.com/k8s-1pro/install/main/ground/k8s-1.27/vagrant-2.3.4/rockylinux-repo.json
D:\k8s> vagrant box add rockylinux-repo.json

# Vagrant Disk ์„ค์ • Plugin ์„ค์น˜ 
D:\k8s> vagrant plugin install vagrant-vbguest vagrant-disksize

# Vagrant ์‹คํ–‰ (VM์ƒ์„ฑ)
D:\k8s> vagrant up

์Šคํฌ๋ฆฝํŠธ๋ฅผ ์ด์šฉํ•˜๋ฉด ๋‹จ ๋ช‡ ๋ถ„๋งŒ์— ๋งˆ์Šคํ„ฐ ๋…ธ๋“œ ์ƒ์„ฑ์ด ๊ฐ€๋Šฅํ•ด์ง‘๋‹ˆ๋‹ค.. ์—ฌ๊ธฐ์„œ ๊ทธ์น˜๋ฉด ์•ˆ๋˜๊ฒ ์ฃ ..? 
 
์–ด๋–ป๊ฒŒ ์Šคํฌ๋ฆฝํŠธ๊ฐ€ ๊ตฌ์„ฑ๋˜์–ด ๋งˆ์Šคํ„ฐ ๋…ธ๋“œ๊ฐ€ ์ƒ์„ฑ๋˜์—ˆ๋Š”์ง€ ์•„๋ž˜์™€ ๊ฐ™์€ ์ˆœ์„œ์— ๋”ฐ๋ผ ๊ทธ ๊ณผ์ •์„ ์ฒœ์ฒœํžˆ ์‚ดํŽด๋ณด๋ฉด ์ดํ•ดํ•˜๋Š” ๋ฐ ๋„์›€์ด ๋ฉ๋‹ˆ๋‹ค. 
 

๐Ÿ“Œ์Šคํฌ๋ฆฝํŠธ ๋ง›๋ณด๊ณ  ๋œฏ์–ด๋ณด๊ธฐ

๐Ÿ”OS ๊ตฌ์„ฑ

Vagrant.configure("2") do |config|
    
  config.vm.box = "rockylinux/8"		→ OS ์ข…๋ฅ˜ ์„ ํƒ
  config.disksize.size = "50GB"			→ ๋””์Šคํฌ ํฌ๊ธฐ ์„ค์ •
  config.vbguest.installer_options = { allow_kernel_upgrade: true }
  config.vbguest.auto_update = false
  config.vm.provision :shell, privileged: true, inline: $install_default

  config.vm.define "master-node" do |master|			→ VM Name ์„ค์ •
    master.vm.hostname = "k8s-master"			→ hostname ์„ค์ •
    master.vm.network "private_network", ip: "192.168.56.30"	→ ip ์„ค์ •(private ๋Œ€์—ญ)
	master.vm.provider :virtualbox do |vb|
      vb.memory = 6144		→ ๋ฉ”๋ชจ๋ฆฌ ์„ค์ •
      vb.cpus = 4			→ CPU ์„ค์ •
	  vb.customize ["modifyvm", :id, "--firmware", "efi"]
	end
    master.vm.provision :shell, privileged: true, inline: $install_master
  end

end

$install_default = <<-SHELL		→ node๋ณ„ ๊ธฐ๋ณธ ์„ค์น˜ ์–ธ์–ด ์„ค์ •

๋„คํŠธ์›Œํฌ๋Š” Private-Network๋กœ ๋‚ด๋ถ€ ํ†ต์‹ ์„ ํ•˜๊ณ , NAT๋ฅผ ํ†ตํ•ด ์™ธ๋ถ€ ์ธํ„ฐ๋„ท๋ง๊ณผ ํ†ต์‹ ํ•˜์—ฌ Kubernetes์„ค์น˜ ์‹œ ํ•„์š”ํ•œ ํŒจํ‚ค์ง€๋“ค์„ ๋ฐ›์„ ์ˆ˜ ์žˆ๋„๋ก ํ•˜์˜€์Šต๋‹ˆ๋‹ค. 
 

๐Ÿ” ์ปจํ…Œ์ด๋„ˆ ๋Ÿฐํƒ€์ž„ ๋ฐ ์ฟ ๋ฒ„๋„คํ‹ฐ์Šค ์„ค์น˜

๊ธฐ๋ณธ์ ์ธ ํƒ€์ž„์กด ์„ค์ •๊ณผ ํŒจํ‚ค์ง€ ์—…๋ฐ์ดํŠธ๋ฅผ ์ง„ํ–‰ ํ•œ ํ›„ ๋ณธ๊ฒฉ์ ์œผ๋กœ ์ฟ ๋ฒ„๋„คํ‹ฐ์Šค๋ฅผ ์„ค์น˜ํ•˜๊ธฐ ์œ„ํ•œ ์ž‘์—…์„ ์‹œ์ž‘ํ•ฉ๋‹ˆ๋‹ค.

# ๋ฐฉํ™”๋ฒฝ off ๋ฐ ๋น„ํ™œ์„ฑํ™”
[root@k8s-master ~]# systemctl stop firewalld 
[root@k8s-master ~]# systemctl disable firewalld
# swap ๋น„ํ™œ์„ฑํ™”
[root@k8s-master ~]# swapoff -a && sed -i '/ swap / s/^/#/' /etc/fstab 

# swap ์‚ฌ์šฉ๋ฅ  0 ํ™•์ธ
[root@k8s-master ~]# free
              total        used        free      shared  buff/cache   available
Mem:        6063280     1599260      130720       19168     4333300     4161612
Swap:             0           0           0


# fstab์— swap ๋ถ€๋ถ„ ์ฃผ์„์ฒ˜๋ฆฌ ํ™•์ธ
[root@k8s-master ~]# cat /etc/fstab | grep swap
#/swapfile none swap defaults 0 0

 
IPv4๋ฅผ ํฌ์›Œ๋”ฉํ•˜์—ฌ iptables๊ฐ€ ๋ธŒ๋ฆฌ์ง€๋œ ํŠธ๋ž˜ํ”ฝ์„ ๋ณด๊ฒŒ ํ•˜๊ธฐ
(๋ฆฌ๋ˆ…์Šค ๋…ธ๋“œ์˜ iptables๊ฐ€ ๋ธŒ๋ฆฌ์ง€๋œ ํŠธ๋ž˜ํ”ฝ์„ ์˜ฌ๋ฐ”๋ฅด๊ฒŒ ๋ณด๊ธฐ ์œ„ํ•œ ์š”๊ตฌ ์‚ฌํ•ญ์œผ๋กœ ํ•ด๋‹น ์„ธํŒ… ๊ฐ’์„ ํ™•์ธ)

 

# ์„ค์ • ์„ธํŒ… ํ™•์ธ
[root@k8s-master ~]# cat /etc/modules-load.d/k8s.conf
overlay
br_netfilter

[root@k8s-master ~]# cat /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1

# ๋ชจ๋“ˆ ์ ์žฌ ํ™•์ธ
[root@k8s-master ~]# lsmod | grep overlay
overlay               139264  35

[root@k8s-master ~]# lsmod | grep br_netfilter
br_netfilter           24576  0
bridge                290816  1 br_netfilter

์ปจํ…Œ์ด๋„ˆ ๋Ÿฐํƒ€์ž„ ์„ค์น˜

# docker repo ์„ค์ •
[root@k8s-master ~]# yum install -y yum-utils
[root@k8s-master ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

# containerd ์„ค์น˜
[root@k8s-master ~]# yum install -y containerd.io-1.6.21-3.1.el8
[root@k8s-master ~]# systemctl daemon-reload
[root@k8s-master ~]# systemctl enable --now containerd

# containerd CRI ํ™œ์„ฑํ™”
[root@k8s-master ~]# sed -i 's/^disabled_plugins/#disabled_plugins/' /etc/containerd/config.toml

# ["cri"] ์ฃผ์„์ฒ˜๋ฆฌ ํ™•์ธ
[root@k8s-master ~]# cat /etc/containerd/config.toml
#   Copyright 2018-2022 Docker Inc.

#   Licensed under the Apache License, Version 2.0 (the "License");
#   you may not use this file except in compliance with the License.
#   You may obtain a copy of the License at

#       http://www.apache.org/licenses/LICENSE-2.0

#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.

#disabled_plugins = ["cri"]	
...

[root@k8s-master ~]# systemctl restart containerd

kubeadm ์„ค์น˜

# kubernetes.repo ์„ค์ •
cat /etc/yum.repos.d/kubernetes.repo

[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl

# repo ํ™•์ธ
[root@k8s-master yum.repos.d]# yum repolist enabled
repo id                                    repo name
appstream                                  Rocky Linux 8 - AppStream
baseos                                     Rocky Linux 8 - BaseOS
docker-ce-stable                           Docker CE Stable - x86_64
extras                                     Rocky Linux 8 - Extras
kubernetes                                 Kubernetes

# SELinux ์„ค์ • ํ™•์ธ
[root@k8s-master ~]# cat /etc/selinux/config
SELINUX=permissive	→ permissive ํ™•์ธ

[root@k8s-master ~]# sestatus
Current mode:                   permissive		→ permissive ํ™•์ธ
Mode from config file:          permissive		→ permissive ํ™•์ธ

# kubelet, kubeadm, kubectl ํŒจํ‚ค์ง€ ์„ค์น˜
[root@k8s-master ~]# yum install -y kubelet-1.27.1-0.x86_64 kubeadm-1.27.1-0.x86_64 kubectl-1.27.1-0.x86_64 --disableexcludes=kubernetes
systemctl enable --now kubelet

 

๐Ÿ” ๋งˆ์Šคํ„ฐ ๋…ธ๋“œ ์„ธํŒ…

kubeadm์œผ๋กœ ํด๋Ÿฌ์Šคํ„ฐ ์ƒ์„ฑ

# pod ๋„คํŠธ์›Œํฌ ์„ธํŒ…
[root@k8s-master ~]# kubeadm init --pod-network-cidr=20.96.0.0/12 --apiserver-advertise-address 192.168.56.30


# master node ์ƒํƒœํ™•์ธ
[root@k8s-master ~]# kubectl get node
NAME         STATUS   ROLES           AGE   VERSION
k8s-master   Ready    control-plane   85m   v1.27.1


# pod network cidr ์„ค์ • ํ™•์ธ
[root@k8s-master ~]# kubectl cluster-info dump | grep -m 1 cluster-cidr
                            "--cluster-cidr=20.96.0.0/12",

# apiserver advertise address ์ ์šฉ ํ™•์ธ
[root@k8s-master ~]# kubectl cluster-info
Kubernetes control plane is running at https://192.168.56.30:6443

# kubernetes component pod ํ™•์ธ (Running ํ™•์ธ)
[root@k8s-master ~]# kubectl get pods -n kube-system
NAME                                 READY   STATUS    RESTARTS   AGE
coredns-5d78c9869d-l8kpn             1/1     Running   0          85m
coredns-5d78c9869d-qftxg             1/1     Running   0          85m
etcd-k8s-master                      1/1     Running   0          86m
kube-apiserver-k8s-master            1/1     Running   0          86m
kube-controller-manager-k8s-master   1/1     Running   0          86m
kube-proxy-tht2n                     1/1     Running   0          85m
kube-scheduler-k8s-master            1/1     Running   0          86m
metrics-server-7db4fb59f9-r8zwv      1/1     Running   0          85m

# kubectl ์‚ฌ์šฉ ์„ค์ •
[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# chown $(id -u):$(id -g) $HOME/.kube/config

# ์ธ์ฆ์„œ ์„ค์ • ํ™•์ธ
[root@k8s-master ~]# cat ~/.kube/config
...
    server: https://192.168.56.30:6443	→ IP ์„ค์ • ํ™•์ธ
...

# Pod Network ์„ค์น˜ (calico)
[root@k8s-master ~]# kubectl create -f https://raw.githubusercontent.com/k8s-1pro/install/main/ground/k8s-1.27/calico-3.25.1/calico.yaml
[root@k8s-master ~]# kubectl create -f https://raw.githubusercontent.com/k8s-1pro/install/main/ground/k8s-1.27/calico-3.25.1/calico-custom.yaml

# Calico Pod ์ƒํƒœ ํ™•์ธ (Running ํ™•์ธ)
[root@k8s-master ~]# kubectl get -n calico-system pod
NAME                                       READY   STATUS    RESTARTS   AGE
calico-kube-controllers-789dc4c76b-ls888   1/1     Running   0          97m
calico-node-qck7p                          1/1     Running   0          97m
calico-typha-86d895795d-wghjr              1/1     Running   0          97m
csi-node-driver-69qsk                      2/2     Running   0          97m

[root@k8s-master ~]# kubectl get -n calico-apiserver pod
NAME                                READY   STATUS    RESTARTS   AGE
calico-apiserver-5c57b4569f-dd6qk   1/1     Running   0          96m
calico-apiserver-5c57b4569f-s5h6p   1/1     Running   0          96m


# Calico์— pod network cidr ์ ์šฉ ํ™•์ธ
[root@k8s-master ~]# kubectl get installations.operator.tigera.io default -o yaml  | grep cidr
      cidr: 20.96.0.0/12
        cidr: 20.96.0.0/12
        
# Master์— Pod๋ฅผ ์ƒ์„ฑ ํ• ์ˆ˜ ์žˆ๋„๋ก ์„ค์ •
[root@k8s-master ~]# kubectl taint nodes k8s-master node-role.kubernetes.io/control-plane-

# Taints ํ•ด์ œ ํ™•์ธ
[root@k8s-master ~]# kubectl describe nodes | grep Taints
Taints:             <none>

 
์ฟ ๋ฒ„๋„คํ‹ฐ์Šค ํŽธ์˜ ๊ธฐ๋Šฅ ์„ค์น˜

# kubectl ์ž๋™์™„์„ฑ ๊ธฐ๋Šฅ ์„ค์ •
echo "source <(kubectl completion bash)" >> ~/.bashrc
echo 'alias k=kubectl' >>~/.bashrc
echo 'complete -o default -F __start_kubectl k' >>~/.bashrc

# kubectl ์ž๋™์™„์„ฑ ๊ธฐ๋Šฅ ์„ค์ • ํ™•์ธ
[root@k8s-master ~]# cat ~/.bashrc
# .bashrc

# User specific aliases and functions

alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc
fi
source <(kubectl completion bash)
alias k=kubectl
complete -o default -F __start_kubectl k

# Dashboard ์„ค์น˜
kubectl create -f https://raw.githubusercontent.com/k8s-1pro/install/main/ground/k8s-1.27/dashboard-2.7.0/dashboard.yaml

# Dashboard Running ํ™•์ธ
[root@k8s-master ~]# kubectl get pod -n kubernetes-dashboard
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-5cb4f4bb9c-rpwk4   1/1     Running   0          111m
kubernetes-dashboard-6bc7c98694-5d9bz        1/1     Running   0          111m

# Metrics Server ์„ค์น˜
kubectl create -f https://raw.githubusercontent.com/k8s-1pro/install/main/ground/k8s-1.27/metrics-server-0.6.3/metrics-server.yaml

# Metrics Server ์„ค์น˜ ํ™•์ธ
[root@k8s-master ~]# kubectl get pod -n kube-system  | grep metrics
metrics-server-7db4fb59f9-r8zwv      1/1     Running   0          112m

๐Ÿ”pod ์ƒํƒœ ํ™•์ธ

[root@k8s-master ~]# k get pods -A
NAMESPACE              NAME                                         READY   STATUS    RESTARTS   AGE
calico-apiserver       calico-apiserver-6d7f77dc86-24nkn            1/1     Running   0          19m
calico-apiserver       calico-apiserver-6d7f77dc86-9mjt6            1/1     Running   0          19m
calico-system          calico-kube-controllers-789dc4c76b-zf2z6     1/1     Running   0          21m
calico-system          calico-node-bsgs5                            1/1     Running   0          21m
calico-system          calico-typha-956d8d9f5-kwjq5                 1/1     Running   0          21m
calico-system          csi-node-driver-rwf22                        2/2     Running   0          21m
kube-system            coredns-5d78c9869d-j4dk6                     1/1     Running   0          21m
kube-system            coredns-5d78c9869d-zwwhn                     1/1     Running   0          21m
kube-system            etcd-k8s-master                              1/1     Running   0          21m
kube-system            kube-apiserver-k8s-master                    1/1     Running   0          21m
kube-system            kube-controller-manager-k8s-master           1/1     Running   0          21m
kube-system            kube-proxy-gx62q                             1/1     Running   0          21m
kube-system            kube-scheduler-k8s-master                    1/1     Running   0          21m
kube-system            metrics-server-7db4fb59f9-jl8mz              1/1     Running   0          21m
kubernetes-dashboard   dashboard-metrics-scraper-5cb4f4bb9c-2cr78   1/1     Running   0          21m
kubernetes-dashboard   kubernetes-dashboard-6bc7c98694-zd7xz        1/1     Running   0          21m
tigera-operator        tigera-operator-549d4f9bdb-svv47             1/1     Running   0          21m

๐Ÿ” Kubernetes Dashboard ์ ‘์† ๋ฐ ์ƒํƒœ ํ™•์ธ

https://192.168.56.30:30000/#/login

 

'Containers > Kubernetes' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

๐Ÿ“š[Sprint1] ์‹ค๋ฌด์—์„œ ๋Š๊ปด๋ณธ ์ฟ ๋ฒ„๋„คํ‹ฐ์Šค๊ฐ€ ์ •๋ง ํŽธํ•œ ์ด์œ   (0) 2023.12.06
๐Ÿ“š[Sprint1] ์ปจํ…Œ์ด๋„ˆ ํ•œ๋ฐฉ ์ •๋ฆฌ  (0) 2023.09.16
Contents

๋‹น์‹ ์ด ์ข‹์•„ํ• ๋งŒํ•œ ์ฝ˜ํ…์ธ 

๋Œ“๊ธ€ 0

ํฌ์ŠคํŒ… ์ฃผ์†Œ๋ฅผ ๋ณต์‚ฌํ–ˆ์Šต๋‹ˆ๋‹ค

์ด ๊ธ€์ด ๋„์›€์ด ๋˜์—ˆ๋‹ค๋ฉด ๊ณต๊ฐ ๋ถ€ํƒ๋“œ๋ฆฝ๋‹ˆ๋‹ค.

SHARE

DARK

MENU

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”