1. 쿠버네티스 클러스터 구성
1-1. 시스템 구성
| HOSTNAME | IP | ROLE | 비고 |
| k8s-master | 192.168.0.1 | master | |
| k8s-worker1 | 192.168.0.2 | worker | |
| k8s-worker2 | 192.168.0.3 | worker |
1-2. 설치 사전준비
- SELINUX 비활성화
$ setenforce 0
$ sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
- SWAP 비활성화
$ swapoff -a
$ sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
- 방화벽 비활성화
$ systemctl disable firewalld
$ systemctl stop firewalld
- IPTABLES 설정
$ vi /etc/modules-load.d/k8s.conf
br_netfilter$ vi /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
$ sudo sysctl --system
- /etc/hosts 파일 수정
$ vi /etc/hosts
...
192.168.0.1 k8s-master m
192.168.0.2 k8s-worker1 w1
192.168.0.3 k8s-worker2 w2
1-3. Docker 설치
- Docker 설치 및 활성화
$ curl -s https://get.docker.com | sudo sh
$ systemctl enable docker
$ systemctl start docker
- Docker 버전 확인
$ docker version
Client: Docker Engine - Community
Version: 20.10.14
API version: 1.41
Go version: go1.16.15
Git commit: a224086
Built: Thu Mar 24 01:49:57 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.14
API version: 1.41 (minimum version 1.12)
Go version: go1.16.15
Git commit: 87a90dc
Built: Thu Mar 24 01:48:24 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.5.11
GitCommit: 3df54a852345ae127d1fa3092b95168e4a88e2f8
runc:
Version: 1.0.3
GitCommit: v1.0.3-0-gf46b6ba
docker-init:
Version: 0.19.0
GitCommit: de40ad0
- 컨테이너 런타임 설정
$ vi /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
- Docker 재시작
$ systemctl daemon-reload
$ systemctl restart docker
1-4. 쿠버네티스 Repository 등록 및 설치
- kubernetes.repo 등록
$ vi /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
- kubeadm, kubelet, kubectl 패키지 설치
$ yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
$ systemctl enable kubelet
$ systemctl start kubelet
- kubeadm, kubelet, kubectl 패키지 버전 확인
$ kubeadm version -o short
v1.23.5
$ kubectl version --short
Client Version: v1.23.5
$ kubelet --version
Kubernetes v1.23.5
위 과정까지 master, worker1, worker2 모두 동일하게 반복하여 작업합니다.
2. 노드 설치 작업
master node와 worker node 나누어져 작업을 진행하니 헷갈리지 않도록 주의해야합니다.
2-1. master node 작업
- kubeadm init 설치
$ kubeadm init --apiserver-advertise-address {k8s-master IP} --pod-network-cidr=172.31.0.0/16...
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.0.1:6443 --token j20we1.f6o~~~ \
--discovery-token-ca-cert-hash sha256:~~~
kubeadm join... 을 복사합니다. (worker 설치시 사용됨)
- .kube/config 파일생성
$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config# worker1, worker2로 .kube/config 파일을 전달한다.
$ scp -P22 .kube/config root@w1:
$ scp -P22 .kube/config root@w2:
2-2. worker node 작업
worker 노드 수 만큼 작업을 반복합니다. (worker1, 2라면 2번 실시)
- kubeadm join 설치
master node의 kubeadm init 설치 시 출력된 kubeadm join... 을 입력합니다.
kubeadm join 192.168.0.1:6443 --token j20we1.f6o~~~ \
--discovery-token-ca-cert-hash sha256:~~~
- .kube/config 파일생성
master 노드로부터 전달받은 .kube/config 파일을 $HOME/.kube/ 로 이동시킵니다.
$ mkdir -p $HOME/.kube
$ sudo mv $HOME/config $HOME/.kube/
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
- 클러스터 노드 확인
노드가 클러스터에 참여하는지 확인한다. 시간이 지나면 자동으로 STATUS가 Ready로 변경됩니다.
$ kubectl get nodesNAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 16m v1.23.5
k8s-worker1 Ready <none> 12m v1.23.5
k8s-worker2 Ready <none> 10m v1.23.5
- 클러스터 ROLE 추가
k8s-worker1, k8s-worker2의 ROLES 가 <none>으로 되어있어, worker Role로 변경하는 작업을 진행합니다.
$ kubectl label nodes k8s-worker1 kubernetes.io/role=worker
$ kubectl label nodes k8s-worker2 kubernetes.io/role=workerNAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 4h29m v1.23.5
k8s-worker1 Ready worker 4h26m v1.23.5
k8s-worker2 Ready worker 4h24m v1.23.5
2-3. Weave CNI 플러그인 설치
쿠버네티스의 CNI 종류는 Flannel, Calico, Weave가 대표적입니다.
이중 Weave를 이용한 설치 매뉴얼은 다음과 같습니다.
- master node에 Weave CNI 플러그인 설치
$ kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"serviceaccount/weave-net created
clusterrole.rbac.authorization.k8s.io/weave-net created
clusterrolebinding.rbac.authorization.k8s.io/weave-net created
role.rbac.authorization.k8s.io/weave-net created
rolebinding.rbac.authorization.k8s.io/weave-net created
daemonset.apps/weave-net created
- 클러스터 Nodes 및 Pods 확인
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 44m v1.23.5
k8s-worker1 Ready <none> 41m v1.23.5
k8s-worker2 Ready <none> 39m v1.23.5$ kubectl get pods --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system coredns-64897985d-lf2s9 1/1 Running 0 44m 10.32.0.2 k8s-worker2 <none> <none>
kube-system coredns-64897985d-nsjtl 1/1 Running 0 44m 10.40.0.1 k8s-worker1 <none> <none>
kube-system etcd-k8s-master 1/1 Running 0 44m 192.168.0.1 k8s-master <none> <none>
kube-system kube-apiserver-k8s-master 1/1 Running 0 44m 192.168.0.1 k8s-master <none> <none>
kube-system kube-controller-manager-k8s-master 1/1 Running 0 44m 192.168.0.1 k8s-master <none> <none>
kube-system kube-proxy-bvspl 1/1 Running 0 41m 192.168.0.2 k8s-worker1 <none> <none>
kube-system kube-proxy-k7sj9 1/1 Running 0 39m 192.168.0.3 k8s-worker2 <none> <none>
kube-system kube-proxy-nvvnr 1/1 Running 0 44m 192.168.0.1 k8s-master <none> <none>
kube-system kube-scheduler-k8s-master 1/1 Running 0 44m 192.168.0.1 k8s-master <none> <none>
kube-system weave-net-bz75k 2/2 Running 1 (4m5s ago) 4m33s 192.168.0.3 k8s-worker2 <none> <none>
kube-system weave-net-k6wkw 2/2 Running 1 (4m4s ago) 4m33s 192.168.0.2 k8s-worker1 <none> <none>
kube-system weave-net-nscff 2/2 Running 1 (4m1s ago) 4m33s 192.168.0.1 k8s-master <none> <none>
다음 포스팅에서는 웹 브라우저 상에서 쿠버네티스를 관리할 수 있는 쿠버네티스 대시보드 설치하는 내용을 다루어 보겠습니다.
'컨테이너 > Kubernetes' 카테고리의 다른 글
| 쿠버네티스 대시보드 설치 (Centos7.9) (0) | 2022.04.19 |
|---|