IT 잡지식/DevOps

[CKA] KodeKloud - Cluster Installation using Kubeadm

쯀리♥️ 2024. 8. 15. 17:30

안녕하세요, 쯀리입니다.

오늘은 Cluster Installation using Kubeadm에 관해 배워보겠습니다. 

https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/

 

Creating a cluster with kubeadm

Using kubeadm, you can create a minimum viable Kubernetes cluster that conforms to best practices. In fact, you can use kubeadm to set up a cluster that will pass the Kubernetes Conformance tests. kubeadm also supports other cluster lifecycle functions, su

kubernetes.io

 

 

 


 

kubeadm

kubeadm을 사용하면 모범 사례를 준수하는 최소 실행 가능한 쿠버네티스 클러스터를 생성할 수 있습니다.. 실제로 kubeadm을 사용하여 Kubernetes 적합성 테스트를 통과하는 클러스터를 설정할 수 있으며, kubeadm은 부트스트랩 토큰 및 클러스터 업그레이드와 같은 다른 클러스터 수명 주기 기능도 지원합니다.

 

 


Quiz

1. Install the kubeadm and kubelet packages on the controlplane and node01 nodes.
Use the exact version of 1.30.0-1.1 for both.

두 과정 모두  controlplane 와 node01 에서 실행해주세요. 

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sudo sysctl --system



sudo apt-get update

sudo apt-get install -y apt-transport-https ca-certificates curl

curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg

echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt-get update

# To see the new version labels
sudo apt-cache madison kubeadm

sudo apt-get install -y kubelet=1.30.0-1.1 kubeadm=1.30.0-1.1 kubectl=1.30.0-1.1

sudo apt-mark hold kubelet kubeadm kubectl

 

2. What is the version of kubelet installed?

controlplane ~ ➜  kubelet --version
Kubernetes v1.30.0

 

3. How many nodes are part of kubernetes cluster currently?
Are you able to run kubectl get nodes?

controlplane ~ ➜  k get nodes
E0815 08:02:41.326260   18980 memcache.go:265] couldn't get current server API group list: the server could not find the requested resource
E0815 08:02:41.327399   18980 memcache.go:265] couldn't get current server API group list: the server could not find the requested resource
E0815 08:02:41.328491   18980 memcache.go:265] couldn't get current server API group list: the server could not find the requested resource
E0815 08:02:41.329575   18980 memcache.go:265] couldn't get current server API group list: the server could not find the requested resource
E0815 08:02:41.330602   18980 memcache.go:265] couldn't get current server API group list: the server could not find the requested resource
Error from server (NotFound): the server could not find the requested resource

 

4. Lets now bootstrap a kubernetes cluster using kubeadm.
The latest version of Kubernetes will be installed.

https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/

 

Bootstrapping clusters with kubeadm

Production-Grade Container Orchestration

kubernetes.io

 

5. Initialize Control Plane Node (Master Node). Use the following options:

  1. apiserver-advertise-address - Use the IP address allocated to eth0 on the controlplane node

  2. apiserver-cert-extra-sans - Set it to controlplane

  3. pod-network-cidr - Set to 10.244.0.0/16

Once done, set up the default kubeconfig file and wait for node to be part of the cluster.

https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/

 

Creating a cluster with kubeadm

Using kubeadm, you can create a minimum viable Kubernetes cluster that conforms to best practices. In fact, you can use kubeadm to set up a cluster that will pass the Kubernetes Conformance tests. kubeadm also supports other cluster lifecycle functions, su

kubernetes.io

controlplane ~ ✖ ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 192.14.34.12  netmask 255.255.255.0  broadcast 192.14.34.255
        ether 02:42:c0:0e:22:0c  txqueuelen 0  (Ethernet)
        RX packets 6935  bytes 801589 (801.5 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 5629  bytes 2584665 (2.5 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

controlplane ~ ✖ IP_ADDR=$(ip addr show eth0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}')

controlplane ~ ➜  echo $IP_ADDR
192.14.34.12

controlplane ~ ➜  kubeadm init --apiserver-cert-extra-sans=controlplane --apiserver-advertise-address $IP_ADDR --pod-network-cidr=10.244.0.0/16

로그들이 나오면

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

이대로 실행해주면 됩니다.

 

6. Generate a kubeadm join token Or copy the one that was generated by kubeadm init command

controlplane ~ ➜  kubeadm token list
TOKEN                     TTL         EXPIRES                USAGES                   DESCRIPTION                                                EXTRA GROUPS
02qlgo.z6eq4pc6y0mt9mdi   23h         2024-08-16T08:08:33Z   authentication,signing   The default bootstrap token generated by 'kubeadm init'.   system:bootstrappers:kubeadm:default-node-token

새로 토큰 만드는 방법은 create명령어를 사용할 수 있습니다.

kubeadm token create

 

7. Join node01 to the cluster using the join token

과정: 

## controleplane에서 토큰추가
kubeadm token create --print-join-command

## node01로 접근후 join실행
ssh node01
## 해시값을 구해야할떄: 
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'

## join명령
kubeadm join <controlplane-ip>:6443 --token <your-token> --discovery-token-ca-cert-hash sha256:<hash>

node01 ~ ✖ kubeadm join 192.14.34.12:6443 --token vzsb4v.srnmh1qhv2014efc --discovery-token-ca-cert-hash sha256:c71edf467fffc7f96cefaef84103c1bf47cae1aee5ddc8b91e933e377b077bb3
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

controlplane ~ ➜  k get nodes
NAME           STATUS     ROLES           AGE   VERSION
controlplane   NotReady   control-plane   17m   v1.30.0
node01         NotReady   <none>          36s   v1.30.0

 

8. To install a network plugin, we will go with Flannel as the default choice. For inter-host communication, we will utilize the eth0 interface.
Please ensure that the Flannel manifest includes the appropriate options for this configuration.
Refer to the official documentation for the procedure.

controlplane ~ ➜  curl -LO https://raw.githubusercontent.com/flannel-io/flannel/v0.20.2/Documentation/kube-flannel.yml
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--   100  4591  100  4591    0     0  27344      0 --:--:-- --:--:-- --:--:-- 27491

controlplane ~ ➜  vi kube-flannel.yml 
## 159번줄쪽 args 에  --iface=eth0 추가해줍니다.
157         args:
158         - --ip-masq
159         - --kube-subnet-mgr
160         - --iface=eth0


controlplane ~ ➜  kubectl apply -f kube-flannel.yml
namespace/kube-flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created


controlplane ~ ➜  k get nodes
NAME           STATUS   ROLES           AGE     VERSION
controlplane   Ready    control-plane   19m     v1.30.0
node01         Ready    <none>          3m10s   v1.30.0

 

 

 


참조

 Udemy Labs - Certified Kubernetes Administrator with Practice Tests