Computing/Kubernetes

Install Kubernetes Using Kubespray (Version 0.2)

ChoongLee 2021. 6. 16. 19:26
반응형

 

서버 정보

Kubernetes 물리 노트북 5대 진행 (사양은 좋치 않음)

192.168.100.199 node1
192.168.100.47 node2
192.168.100.48 node3
192.168.100.45
node4
192.168.100.46
node5

 

모든 node 진행

# 스왑메모리 사용 중지
swapoff -a
# selinux
setenforce 0
# check selinux
getenforce
# ip forward 설정
sysctl -w net.ipv4.ip_forward=1

방화벽을 끄기
sudo systemctl stop firewalled
sudo systemctl disabled firewalled

# ssh 설정 (선택 사항)
vi /etc/ssh/sshd_config
...
PermitRootLogin yes
#PasswordAuthentication yes
...
systemctl restart sshd

# keygen
su root
ssh-keygen -t rsa
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
cat ~/.ssh/authorized_keys

# node2 ~5 에 node1 의 authorized_keys 값을 추가 아래 위치에 추가
vi ~/.ssh/authorized_keys
...
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOchlKcDVyEeJ191EpqlEZi+rw0cQ6xUo6q0tnx+YPDwEiWkZP1nqQWDD5wBoE+ZAkhgOgxe4W5Cgallb+dMyd1A/LIX9eN5VkQvAvN0e7dxrIw5FPzQdikc74nbG9lIdI1SwZuCVR1koFNTFnVUvA5+V3c/Q1T99sKDW2Lx2WnxEeoI3mc2Cc+uDD/LF0lSQM3GtAn8/TNLCvAyjWZB0bQk7HNOwCaXBsarbqkK/saQMw+n0w3rXlvyAD67nBpj4eMWFydOz71THhl4DrwNO8f7S6wypfpCIxvD8dpYurEzq/DNu9yu58iLRppDP0Wo0L6LBE+BQQS9BS67dJjv4V root@ip-172-31-31-252.ap-northeast-2.compute.internal
...

# 필요한 yum repo 설정
yum install -y 
https://centos7.iuscommunity.org/ius-release.rpm
yum clean all

# epel 관련 aws 에서 설치 방법
sudo amazon-linux-extras install epel

# yum install
sudo yum install -y wget epel-release openssl-libs openssl openssl-devel libsepol-devel libselinux-python device-mapper-libs ebtables python-httplib2 openssl curl rsync bash-completion socat unzip python-setuptools python-pip python36 python36-libs docker-ce-17.03.2.ce-1.el7.centos.x86_64 docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch vsftpd deltarpm python-deltarpm

systemctl start docker

node1

# root 사용자로 진행
sudo -i
# kubespray github clone 진행 (master branch 설정)
git clone https://github.com/kubernetes-sigs/kubespray.git
cd ~/kubespray
pip install -r requirements.txt

# inventory 설정
cp -rfp inventory/sample/ inventory/mycluster

# kubespray host 설정
vi ~/kubespray/inventory/mycluster/inventory.ini
...
[all]
node1 ansible_host=192.168.100.199 ip=192.168.100.199 etcd_member_name=etcd1
node2 ansible_host=192.168.100.47 ip=192.168.100.47 etcd_member_name=etcd2
node3 ansible_host=192.168.100.48 ip=192.168.100.48 etcd_member_name=etcd3
node4 ansible_host=192.168.100.45 ip=192.168.100.45
node5 ansible_host=192.168.100.46 ip=192.168.100.46

[kube_control_plane]
node1
node2
node3

[etcd]
node1
node2
node3

[kube-node]
node2
node3
node4
node5

[k8s-cluster:children]
kube_control_plane
kube-node
...

# 아래 부분만 수정 또는 추가
vi inventory/mycluster/group_vars/k8s_cluster/addons.yml 
...
# RBAC required. see docs/getting-started.md for access details.
dashboard_enabled: true
# Helm deployment
helm_enabled: true
# Registry deployment
registry_enabled: false
metrics_server_enabled: true
local_path_provisioner_enabled: false
local_volume_provisioner_enabled: false
cephfs_provisioner_enabled: false
rbd_provisioner_enabled: false
ingress_nginx_enabled: true
ingress_publish_status_address: ""
ingress_ambassador_enabled: false
ingress_alb_enabled: false
# Cert manager deployment
cert_manager_enabled: false
# MetalLB deployment
metallb_enabled: false
...

# 아래 부분만 수정 또는 추가 (ipvs 가 아닌 iptables로 진행 <구 방식의 네트워크 관리>
vi inventory/mycluster/group_vars/k8s_cluster/k8s-cluster.yml
...
# Can be ipvs, iptables
#kube_proxy_mode: ipvs
kube_proxy_mode: iptables
...

# ansible playbook 실행
ansible-playbook --flush-cache -u root -b -i inventory/mycluster/inventory.ini cluster.yml -v

# playbook option 중 -e ignore_assert_errors 경우 에러 무시 하고 설치 진행
#ansible-playbook --flush-cache -u root -b -i inventory/mycluster/inventory.ini cluster.yml -v -e ignore_assert_errors=yes

# reset all 
#ansible-playbook -i inventory/mycluster/inventory.ini reset.yml 


# check
kubectl get nodes --all-namespaces -o wide
kubectl get pod --all-namespaces -o wide

 

Tip

# 위 ansible-playbook이 성공적으로 완료가 되면, kubespray로 k8s 설치 완료
# kubectl cli 없을 경우 설치 방법
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

yum install -y kubectl
# network 제어를 iptables 를 이용하기 때문에
# iptables 초기화 방법

# check
iptables -L

# -F [chain], –flush
iptables -F
# -X [chain], –delete-chain
iptables -X

iptables -L
반응형