반응형

서버 정보
Kubernetes 물리 노트북 5대 진행 (사양은 좋치 않음)
192.168.100.199 | node1 |
192.168.100.47 | node2 |
192.168.100.48 | node3 |
192.168.100.45 |
node4 |
192.168.100.46 |
node5 |
모든 node 진행
# 스왑메모리 사용 중지
swapoff -a
# selinux
setenforce 0
# check selinux
getenforce
# ip forward 설정
sysctl -w net.ipv4.ip_forward=1
방화벽을 끄기
sudo systemctl stop firewalled
sudo systemctl disabled firewalled
# ssh 설정 (선택 사항)
vi /etc/ssh/sshd_config
...
PermitRootLogin yes
#PasswordAuthentication yes
...
systemctl restart sshd
# keygen
su root
ssh-keygen -t rsa
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
cat ~/.ssh/authorized_keys
# node2 ~5 에 node1 의 authorized_keys 값을 추가 아래 위치에 추가
vi ~/.ssh/authorized_keys
...
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOchlKcDVyEeJ191EpqlEZi+rw0cQ6xUo6q0tnx+YPDwEiWkZP1nqQWDD5wBoE+ZAkhgOgxe4W5Cgallb+dMyd1A/LIX9eN5VkQvAvN0e7dxrIw5FPzQdikc74nbG9lIdI1SwZuCVR1koFNTFnVUvA5+V3c/Q1T99sKDW2Lx2WnxEeoI3mc2Cc+uDD/LF0lSQM3GtAn8/TNLCvAyjWZB0bQk7HNOwCaXBsarbqkK/saQMw+n0w3rXlvyAD67nBpj4eMWFydOz71THhl4DrwNO8f7S6wypfpCIxvD8dpYurEzq/DNu9yu58iLRppDP0Wo0L6LBE+BQQS9BS67dJjv4V root@ip-172-31-31-252.ap-northeast-2.compute.internal
...
# 필요한 yum repo 설정
yum install -y
https://centos7.iuscommunity.org/ius-release.rpm
yum clean all
# epel 관련 aws 에서 설치 방법
sudo amazon-linux-extras install epel
# yum install
sudo yum install -y wget epel-release openssl-libs openssl openssl-devel libsepol-devel libselinux-python device-mapper-libs ebtables python-httplib2 openssl curl rsync bash-completion socat unzip python-setuptools python-pip python36 python36-libs docker-ce-17.03.2.ce-1.el7.centos.x86_64 docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch vsftpd deltarpm python-deltarpm
systemctl start docker
node1
# root 사용자로 진행
sudo -i
# kubespray github clone 진행 (master branch 설정)
git clone https://github.com/kubernetes-sigs/kubespray.git
cd ~/kubespray
pip install -r requirements.txt
# inventory 설정
cp -rfp inventory/sample/ inventory/mycluster
# kubespray host 설정
vi ~/kubespray/inventory/mycluster/inventory.ini
...
[all]
node1 ansible_host=192.168.100.199 ip=192.168.100.199 etcd_member_name=etcd1
node2 ansible_host=192.168.100.47 ip=192.168.100.47 etcd_member_name=etcd2
node3 ansible_host=192.168.100.48 ip=192.168.100.48 etcd_member_name=etcd3
node4 ansible_host=192.168.100.45 ip=192.168.100.45
node5 ansible_host=192.168.100.46 ip=192.168.100.46
[kube_control_plane]
node1
node2
node3
[etcd]
node1
node2
node3
[kube-node]
node2
node3
node4
node5
[k8s-cluster:children]
kube_control_plane
kube-node
...
# 아래 부분만 수정 또는 추가
vi inventory/mycluster/group_vars/k8s_cluster/addons.yml
...
# RBAC required. see docs/getting-started.md for access details.
dashboard_enabled: true
# Helm deployment
helm_enabled: true
# Registry deployment
registry_enabled: false
metrics_server_enabled: true
local_path_provisioner_enabled: false
local_volume_provisioner_enabled: false
cephfs_provisioner_enabled: false
rbd_provisioner_enabled: false
ingress_nginx_enabled: true
ingress_publish_status_address: ""
ingress_ambassador_enabled: false
ingress_alb_enabled: false
# Cert manager deployment
cert_manager_enabled: false
# MetalLB deployment
metallb_enabled: false
...
# 아래 부분만 수정 또는 추가 (ipvs 가 아닌 iptables로 진행 <구 방식의 네트워크 관리>
vi inventory/mycluster/group_vars/k8s_cluster/k8s-cluster.yml
...
# Can be ipvs, iptables
#kube_proxy_mode: ipvs
kube_proxy_mode: iptables
...
# ansible playbook 실행
ansible-playbook --flush-cache -u root -b -i inventory/mycluster/inventory.ini cluster.yml -v
# playbook option 중 -e ignore_assert_errors 경우 에러 무시 하고 설치 진행
#ansible-playbook --flush-cache -u root -b -i inventory/mycluster/inventory.ini cluster.yml -v -e ignore_assert_errors=yes
# reset all
#ansible-playbook -i inventory/mycluster/inventory.ini reset.yml
# check
kubectl get nodes --all-namespaces -o wide
kubectl get pod --all-namespaces -o wide
Tip
# 위 ansible-playbook이 성공적으로 완료가 되면, kubespray로 k8s 설치 완료
# kubectl cli 없을 경우 설치 방법
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubectl
# network 제어를 iptables 를 이용하기 때문에
# iptables 초기화 방법
# check
iptables -L
# -F [chain], –flush
iptables -F
# -X [chain], –delete-chain
iptables -X
iptables -L
반응형
'Computing > Kubernetes' 카테고리의 다른 글
Install Kubernetes Using Kubespray (Version 0.1) (0) | 2021.04.28 |
---|---|
Install Kubernetes Using Kubespray (offline) (0) | 2021.04.28 |