[K8S] 따배쿠 - Kubernetes 설치
1. 서론
CKA 준비를 위해 따배쿠 by TTABAE-LEARN 강의를 듣기 시작했다. 오늘은 0 ~ 2-2 까지의 강의내용을 복습겸 정리해보려고 한다.
2. 본론
1. Install Docker
//Ubuntu 22.04.2
1. Set up the repository
//Update the apt package index and install packages to allow apt to use a repository over HTTPS:
# apt-get update
# apt-get install -y ca-certificates curl gnupg
//Add Docker’s official GPG key:
# install -m 0755 -d /etc/apt/keyrings
# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
//Use the following command to set up the repository:
# chmod a+r /etc/apt/keyrings/docker.gpg
# echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
2. Install Docker Engine
# apt-get update
# apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
3. Run docker engine
# systemctl disable --now ufw
# systemctl enable --now docker
# docker -v //verify
2. Install K8S
1. Verify the MAC address and product_uuid are unique for every node
# apt install -y net-tools
# ifconfig -a
2. Disable firewall
# systemctl disable --now ufw
3. Installing a container runtime
//By default, Kubernetes uses the Container Runtime Interface (CRI) to interface with your chosen container runtime.
//Forwarding IPv4 and letting iptables see bridged traffic
# cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
# modprobe overlay
# modprobe br_netfilter
//sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
//Apply sysctl params without reboot
# sysctl --system
//Configuring the systemd cgroup driver
# containerd config default | tee /etc/containerd/config.toml
# apt-get install -y vim
# vim /etc/containerd/config.toml
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
...
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
# systemctl restart containerd
4. Installing kubeadm
//kubeadm : kubelet을 서비스에 등록하고, 클러스터 컴포넌트들 사이의 통신을 위한 인증서 발급 등 설치 과정 자동화
//kubelet : container 리소스를 실행, 종료를 해 주는 컨테이너 핸들러
//kubectl : 쿠버네티스 클러스터를 터미널에서 확인, 조작하기 위한 CLI 도구
//Disable swap
# swapoff -a && sed -i '/swap/s/^/#/' /etc/fstab
//Update the apt package index and install packages needed to use the Kubernetes apt repository:
# apt update
# apt-get install -y apt-transport-https ca-certificates curl
//Download the Google Cloud public signing key:
# curl -fsSLo /etc/apt/trusted.gpg.d/kubernetes-archive-keyring.gpg https://dl.k8s.io/apt/doc/apt-key.gpg
//Add the Kubernetes apt repository:
# echo "deb [signed-by=/etc/apt/trusted.gpg.d/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list
//Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:
# apt update
# apt-get install -y kubelet kubeadm kubectl
# apt-mark hold kubelet kubeadm kubectl
//Run
# systemctl enable --now kubelet
3. Control Plane Node
1. Initializing your control-plane node
# kubeadm init
# mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# kubectl get nodes
# cat > token.txt
kubeadm join 192.168.32.142:6443 --token ox1aj0.yn5sj2ig6h63bz9w \
--discovery-token-ca-cert-hash sha256:71693493af087c0bf19995913006b75c88c050f407d09952992a64c46f2ad4af
//optional
# kubeadm reset
# kubectl delete node <node name>
2. Installing a Pod network add-on
# kubectl apply -f https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml
# kubectl get nodes //STATUS(Not Ready -> Ready)
4. Worker Node
# kubeadm join 192.168.32.142:6443 --token ox1aj0.yn5sj2ig6h63bz9w \
--discovery-token-ca-cert-hash sha256:71693493af087c0bf19995913006b75c88c050f407d09952992a64c46f2ad4af
5. kubectl cheat sheet
# alias k=kubectl
# complete -o default -F __start_kubectl k
# source /etc/bash_completion
# source <(kubectl completion bash) //bash-completion 패키지를 먼저 설치한 후, bash의 자동 완성을 현재 셸에 설정한다
# echo "source <(kubectl completion bash)" >> ~/.bashrc //자동 완성을 bash 셸에 영구적으로 추가한다
3. 결론
쉽진 않지만, 또 새로운 부분이라 재미있다.
4. 참고자료
1. Cisco Docs
- ARP
- CDP / VLAN
- Frame Relay
- Static Routing
- VLAN
- VTP
- Routed Port
- AD
- Route Selection
- FHRP
- HSRP
- DHCP
- DNS
- STP
- NAT
- EtherChannel
- DTP
- RIP
- NTP
- Offset List
- Password Encryption
- ACL
- CAR Attack
- Broadcast
- Port Assignments
- IPv6 Static Routing
- HSRP for IPv6
- Clock Rate
- DHCPv6 Guard
- EIGRP
- Express Forwarding
- Routing and Switching
- Load Balancing
- Ping, Traceroute
- Load Balancing
- Fast Switching
- CEF
- DNS
- SSH
- Regular Expression
- OSPF
- EIGRP’s SIA
- NSSA
- AAA
- Understand the Zone-Based Policy Firewall Design
- The Cisco SD-WAN Solution
- Understand the Zone-Based Policy Firewall Design
2. Linux
- rhel9’s docs
- Linux Directory Structure
- File Types in Linux
- fstab
- Vim Cheat Sheet
- Protecting GRUB with a password
- SELinux
- DNS
- Samba as a server
- DHCP
- NFS
- SSH
- VNC
- heredoc
- docker vs podman + buildqh + skopeo
- Docker란?
- Linux 컨테이너란?
- Container vs VM
- 컨테이너화란?
- container
- 컨테이너 오케스트레이션이란?
- 쿠버네티스란?
- 쿠버네티스 아키텍처 소개
- 쿠버네티스 기본 사항 학습
- 쿠버네티스 클러스터란?
- Ansible과 Puppet: 알아야 할 사항
3. Docker / k8s
- nextcloud
- cadvisor
- Dangling Image
- Swarm
- Install Docker Engine on Ubuntu
- Install kubdadm
- container-runtimes
- kubectl cheat sheet
4. Web
- HTML’s Elements
- Emmet
- JavaScript
- Anchor Tag
- Post, Get
- Block, Inline Elements
- Semantic Web
- Semantic Elements
- CSS
- Viewport_meta_tag
- Media_queries
- JavaScript
5. DB
클라우드 엔지니어를 꿈꾸며 공부를 시작한 초보 엔지니어입니다. 틀린점 또는 조언해주실 부분이 있으시면 친절하게 댓글 부탁드립니다. 방문해 주셔서 감사합니다 :)
댓글남기기