forked from 237summit/k8s_core_labs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathk8s-install
150 lines (105 loc) · 4.62 KB
/
k8s-install
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.2.5/cri-dockerd-0.2.5.amd64.tgz
tar -xf cri-dockerd-0.2.5.amd64.tgz
cp cri-dockerd/cri-dockerd /usr/bin/
chmod +x /usr/bin/cri-dockerd
# systemctl 데몬 시작파일 구성
cat <<"EOF" > /usr/lib/systemd/system/cri-docker.service
[Unit]
Description=CRI Interface for Docker Application Container Engine
Documentation=https://docs.mirantis.com
After=network-online.target firewalld.service docker.service
Wants=network-online.target
Requires=cri-docker.socket
[Service]
Type=notify
ExecStart=/usr/bin/cri-dockerd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.7
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
EOF
# socket 파일 생성
cat <<"EOF" > /usr/lib/systemd/system/cri-docker.socket
[Unit]
Description=CRI Docker Socket for the API
PartOf=cri-docker.service
[Socket]
ListenStream=%t/cri-dockerd.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target
EOF
#cri-docker 시작
systemctl daemon-reload
systemctl enable --now cri-docker
systemctl status cri-docker
...
<CTRL>+<c>
- ****Installing kubeadm, kubelet and kubectl****
# Update the apt package index and install packages needed to use the Kubernetes apt repository:
apt-get update
apt-get install -y apt-transport-https ca-certificates curl
# Download the Google Cloud public signing key:
curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
# Add the Kubernetes apt repository:
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
# Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:
apt-get update
apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl
Initializing your control-plane node
# control-plaine 컴포넌트 구성
kubeadm init --pod-network-cidr=192.168.0.0/16 --cri-socket unix:///var/run/cri-dockerd.sock
...
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
# Kubectl을 명령 실행 허용하려면 kubeadm init 명령의 실행결과 나온 내용을 동작해야 함
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
# root 권한으로 worker node join을 위한 명령어. 별도 저장해둠.
cat > token.join
kubeadm join 10.0.2.50:6443 --token 2whvdj...qbbib \
--discovery-token-ca-cert-hash sha256:7125...78570b57
<CTRL>+<d>
Installing a Pod network add-on
# CNI(컨테이너 네트워크 인터페이스) 기반 Pod 네트워크 추가 기능을 배포해야 Pod가 서로 통신할 수 있습니다. 네트워크를 설치하기 전에 클러스터 DNS(CoreDNS)가 시작되지 않습니다.
kubectl get nodes
NAME STATUS ROLES AGE VERSION
master NotReady control-plane 7m31s v1.24.3
# Pod 네트워크가 호스트 네트워크와 겹치지 않도록 주의해야함.
# Calico 설치
kubectl create -f https://projectcalico.docs.tigera.io/manifests/tigera-operator.yaml
kubectl create -f https://projectcalico.docs.tigera.io/manifests/custom-resources.yaml
# node 초기화 될때까지 기다림
watch kubectl get pods -n calico-system
kubectl get pods -n calico-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-657d56796-nrxbx 0/1 Pending 0 75s
calico-node-w2n8f 1/1 Running 0 75s
calico-typha-5d9f7ffbf4-mx846 1/1 Running 0 75s
# 다시 확인
kubectl get nodes
NAME STATUS ROLES AGE VERSION
master.example.com Ready control-plane 15m v1.24.3
# workernode join
kubeadm join 10.0.2.50:6443 --token 2whv...bbib --discovery-token-ca-cert-hash sha256:712538d8a5a...6a5078570b57 --cri-socket unix:///var/run/cri-dockerd.sock
apt-get install bash-completion -y
source <(kubectl completion bash) # setup autocomplete in bash into the current shell, bash-completion package should be installed first.
echo "source <(kubectl completion bash)" >> ~/.bashrc # add autocomplete permanently to your bash shell.
mkdir -p ~user/.kube
cp -i /etc/kubernetes/admin.conf ~user/.kube/config
chown user:user ~user/.kube/config
```