kubernetes test
install kubernetes
#install docker
SELinux 설정을 permissive 모드
#install master
[root@minimacent ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@minimacent ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Loaded plugins: fastestmirror, langpacks
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
[root@minimacent ~]# yum install docker-ce
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: data.aonenetworks.kr
* extras: data.aonenetworks.kr
* updates: data.aonenetworks.kr
Resolving Dependencies
--> Running transaction check
---> Package docker-ce.x86_64 3:19.03.8-3.el7 will be installed
--> Processing Dependency: container-selinux >= 2:2.74 for package: 3:docker-ce-19.03.8-3.el7.x86_64
--> Processing Dependency: containerd.io >= 1.2.2-3 for package: 3:docker-ce-19.03.8-3.el7.x86_64
--> Processing Dependency: docker-ce-cli for package: 3:docker-ce-19.03.8-3.el7.x86_64
--> Running transaction check
---> Package container-selinux.noarch 2:2.107-3.el7 will be installed
---> Package containerd.io.x86_64 0:1.2.13-3.1.el7 will be installed
---> Package docker-ce-cli.x86_64 1:19.03.8-3.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===============================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================
Installing:
docker-ce x86_64 3:19.03.8-3.el7 docker-ce-stable 25 M
Installing for dependencies:
container-selinux noarch 2:2.107-3.el7 extras 39 k
containerd.io x86_64 1.2.13-3.1.el7 docker-ce-stable 23 M
docker-ce-cli x86_64 1:19.03.8-3.el7 docker-ce-stable 40 M
Transaction Summary
===============================================================================================================================
Install 1 Package (+3 Dependent packages)
Total download size: 87 M
Installed size: 363 M
Is this ok [y/d/N]: y
Downloading packages:
(1/4): container-selinux-2.107-3.el7.noarch.rpm | 39 kB 00:00:00
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/containerd.io-1.2.13-3.1.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Public key for containerd.io-1.2.13-3.1.el7.x86_64.rpm is not installed
(2/4): containerd.io-1.2.13-3.1.el7.x86_64.rpm | 23 MB 00:00:02
(3/4): docker-ce-19.03.8-3.el7.x86_64.rpm | 25 MB 00:00:02
(4/4): docker-ce-cli-19.03.8-3.el7.x86_64.rpm | 40 MB 00:00:02
-------------------------------------------------------------------------------------------------------------------------------
Total 18 MB/s | 87 MB 00:00:04
Retrieving key from https://download.docker.com/linux/centos/gpg
Importing GPG key 0x621E9F35:
Userid : "Docker Release (CE rpm) <docker@docker.com>"
Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
From : https://download.docker.com/linux/centos/gpg
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 2:container-selinux-2.107-3.el7.noarch 1/4
Installing : containerd.io-1.2.13-3.1.el7.x86_64 2/4
Installing : 1:docker-ce-cli-19.03.8-3.el7.x86_64 3/4
Installing : 3:docker-ce-19.03.8-3.el7.x86_64 4/4
Verifying : containerd.io-1.2.13-3.1.el7.x86_64 1/4
Verifying : 2:container-selinux-2.107-3.el7.noarch 2/4
Verifying : 3:docker-ce-19.03.8-3.el7.x86_64 3/4
Verifying : 1:docker-ce-cli-19.03.8-3.el7.x86_64 4/4
Installed:
docker-ce.x86_64 3:19.03.8-3.el7
Dependency Installed:
container-selinux.noarch 2:2.107-3.el7 containerd.io.x86_64 0:1.2.13-3.1.el7 docker-ce-cli.x86_64 1:19.03.8-3.el7
Complete!
[root@minimacent ~]# systemctl start docker && systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@minimacent ~]#
#Installing kubeadmSELinux 설정을 permissive 모드
[root@minimacent ~]# setenforce 0
[root@minimacent ~]# sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
[
#Config firewalld
[root@minimacent ~]# cat <<EOF > /etc/sysctl.d/k8s.conf
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
[root@minimacent ~]# sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
fs.aio-max-nr = 1048576
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/k8s.conf ...
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
* Applying /etc/sysctl.conf ...
[root@minimacent ~]#
#Swap off
[root@minimacent ~]# swapoff -a [root@minimacent ~]# cat /etc/fstab # # /etc/fstab # Created by anaconda on Mon Aug 12 23:41:04 2019 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/centos-root / xfs defaults 0 0 UUID=027f66bf-cbb1-4a7c-9648-bba5b93ee870 /boot xfs defaults 0 0 #/dev/mapper/centos-swap swap swap defaults 0 0 [root@minimacent ~]#
#config yum repo
[root@k8s-master ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
>
> [kubernetes]
>
> name=Kubernetes
>
> baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
>
> enabled=1
>
> gpgcheck=1
>
> repo_gpgcheck=1
>
> gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
>
> exclude=kube*
>
> EOF
[root@k8s-master ~]# yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: data.aonenetworks.kr
* extras: data.aonenetworks.kr
* updates: data.aonenetworks.kr
kubernetes/signature | 454 B 00:00:00
Retrieving key from https://packages.cloud.google.com/yum/doc/yum-key.gpg
Importing GPG key 0xA7317B0F:
Userid : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
From : https://packages.cloud.google.com/yum/doc/yum-key.gpg
Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
kubernetes/signature | 1.4 kB 00:00:00 !!!
kubernetes/primary | 65 kB 00:00:01
kubernetes 478/478
Resolving Dependencies
--> Running transaction check
---> Package kubeadm.x86_64 0:1.17.4-0 will be installed
--> Processing Dependency: kubernetes-cni >= 0.7.5 for package: kubeadm-1.17.4-0.x86_64
--> Processing Dependency: cri-tools >= 1.13.0 for package: kubeadm-1.17.4-0.x86_64
---> Package kubectl.x86_64 0:1.17.4-0 will be installed
---> Package kubelet.x86_64 0:1.17.4-0 will be installed
--> Processing Dependency: socat for package: kubelet-1.17.4-0.x86_64
--> Processing Dependency: conntrack for package: kubelet-1.17.4-0.x86_64
--> Running transaction check
---> Package conntrack-tools.x86_64 0:1.4.4-5.el7_7.2 will be installed
--> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.1)(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.0)(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_cthelper.so.0(LIBNETFILTER_CTHELPER_1.0)(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_queue.so.1()(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_cttimeout.so.1()(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_cthelper.so.0()(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
---> Package cri-tools.x86_64 0:1.13.0-0 will be installed
---> Package kubernetes-cni.x86_64 0:0.7.5-0 will be installed
---> Package socat.x86_64 0:1.7.3.2-2.el7 will be installed
--> Running transaction check
---> Package libnetfilter_cthelper.x86_64 0:1.0.0-10.el7_7.1 will be installed
---> Package libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7_7.1 will be installed
---> Package libnetfilter_queue.x86_64 0:1.0.2-2.el7_2 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===============================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================
Installing:
kubeadm x86_64 1.17.4-0 kubernetes 8.7 M
kubectl x86_64 1.17.4-0 kubernetes 9.4 M
kubelet x86_64 1.17.4-0 kubernetes 20 M
Installing for dependencies:
conntrack-tools x86_64 1.4.4-5.el7_7.2 updates 187 k
cri-tools x86_64 1.13.0-0 kubernetes 5.1 M
kubernetes-cni x86_64 0.7.5-0 kubernetes 10 M
libnetfilter_cthelper x86_64 1.0.0-10.el7_7.1 updates 18 k
libnetfilter_cttimeout x86_64 1.0.0-6.el7_7.1 updates 18 k
libnetfilter_queue x86_64 1.0.2-2.el7_2 base 23 k
socat x86_64 1.7.3.2-2.el7 base 290 k
Transaction Summary
===============================================================================================================================
Install 3 Packages (+7 Dependent packages)
Total download size: 54 M
Installed size: 243 M
Downloading packages:
경고: /var/cache/yum/x86_64/7/kubernetes/packages/14bfe6e75a9efc8eca3f638eb22c7e2ce759c67f95b43b16fae4ebabde1549f3-cri-tools-1.13.0-0.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 3e1ba8d5: NOKEY
Public key for 14bfe6e75a9efc8eca3f638eb22c7e2ce759c67f95b43b16fae4ebabde1549f3-cri-tools-1.13.0-0.x86_64.rpm is not installed
(1/10): 14bfe6e75a9efc8eca3f638eb22c7e2ce759c67f95b43b16fae4ebabde1549f3-cri-tools-1.13.0-0.x86_64.rpm | 5.1 MB 00:00:01
(2/10): 0767753f85f415bbdf1df0e974eafccb653bee06149600c3ee05b903bdc897ba-kubeadm-1.17.4-0.x86_64.rpm | 8.7 MB 00:00:01
(3/10): 06400b25ef3577561502f9a7a126bf4975c03b30aca0fb19bb636f870ab93876-kubectl-1.17.4-0.x86_64.rpm | 9.4 MB 00:00:01
(4/10): 0c45baca5fcc05bb75f1e953ecaf85844efac01bf9c1ef3c219f2b41eade3168-kubelet-1.17.4-0.x86_64.rpm | 20 MB 00:00:01
(5/10): libnetfilter_cthelper-1.0.0-10.el7_7.1.x86_64.rpm | 18 kB 00:00:00
(6/10): libnetfilter_cttimeout-1.0.0-6.el7_7.1.x86_64.rpm | 18 kB 00:00:00
(7/10): libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm | 23 kB 00:00:00
(8/10): socat-1.7.3.2-2.el7.x86_64.rpm | 290 kB 00:00:00
(9/10): 548a0dcd865c16a50980420ddfa5fbccb8b59621179798e6dc905c9bf8af3b34-kubernetes-cni-0.7.5-0.x86_64. | 10 MB 00:00:00
(10/10): conntrack-tools-1.4.4-5.el7_7.2.x86_64.rpm | 187 kB 00:00:05
-------------------------------------------------------------------------------------------------------------------------------
Total 9.3 MB/s | 54 MB 00:00:05
Retrieving key from https://packages.cloud.google.com/yum/doc/yum-key.gpg
Importing GPG key 0xA7317B0F:
Userid : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
From : https://packages.cloud.google.com/yum/doc/yum-key.gpg
Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
Importing GPG key 0x3E1BA8D5:
Userid : "Google Cloud Packages RPM Signing Key <gc-team@google.com>"
Fingerprint: 3749 e1ba 95a8 6ce0 5454 6ed2 f09c 394c 3e1b a8d5
From : https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libnetfilter_cttimeout-1.0.0-6.el7_7.1.x86_64 1/10
Installing : socat-1.7.3.2-2.el7.x86_64 2/10
Installing : cri-tools-1.13.0-0.x86_64 3/10
Installing : kubectl-1.17.4-0.x86_64 4/10
Installing : libnetfilter_queue-1.0.2-2.el7_2.x86_64 5/10
Installing : libnetfilter_cthelper-1.0.0-10.el7_7.1.x86_64 6/10
Installing : conntrack-tools-1.4.4-5.el7_7.2.x86_64 7/10
Installing : kubernetes-cni-0.7.5-0.x86_64 8/10
Installing : kubelet-1.17.4-0.x86_64 9/10
Installing : kubeadm-1.17.4-0.x86_64 10/10
Verifying : libnetfilter_cthelper-1.0.0-10.el7_7.1.x86_64 1/10
Verifying : conntrack-tools-1.4.4-5.el7_7.2.x86_64 2/10
Verifying : libnetfilter_queue-1.0.2-2.el7_2.x86_64 3/10
Verifying : kubeadm-1.17.4-0.x86_64 4/10
Verifying : kubectl-1.17.4-0.x86_64 5/10
Verifying : cri-tools-1.13.0-0.x86_64 6/10
Verifying : kubernetes-cni-0.7.5-0.x86_64 7/10
Verifying : socat-1.7.3.2-2.el7.x86_64 8/10
Verifying : kubelet-1.17.4-0.x86_64 9/10
Verifying : libnetfilter_cttimeout-1.0.0-6.el7_7.1.x86_64 10/10
Installed:
kubeadm.x86_64 0:1.17.4-0 kubectl.x86_64 0:1.17.4-0 kubelet.x86_64 0:1.17.4-0
Dependency Installed:
conntrack-tools.x86_64 0:1.4.4-5.el7_7.2 cri-tools.x86_64 0:1.13.0-0
kubernetes-cni.x86_64 0:0.7.5-0 libnetfilter_cthelper.x86_64 0:1.0.0-10.el7_7.1
libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7_7.1 libnetfilter_queue.x86_64 0:1.0.2-2.el7_2
socat.x86_64 0:1.7.3.2-2.el7
Complete!
[root@k8s-master ~]#
[root@k8s-master ~]# systemctl enable kubelet && systemctl start kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
[root@k8s-master ~]#
#install master
[root@k8s-master ~]# kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.0.170
W0324 21:25:04.860975 20299 validation.go:28] Cannot validate kube-proxy config - no validator is available
W0324 21:25:04.861130 20299 validation.go:28] Cannot validate kubelet config - no validator is available
[init] Using Kubernetes version: v1.17.4
[preflight] Running pre-flight checks
[WARNING Firewalld]: firewalld is active, please ensure ports [6443 10250] are open or your cluster may not function correctly
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING Hostname]: hostname "k8s-master" could not be reached
[WARNING Hostname]: hostname "k8s-master": lookup k8s-master on 192.168.0.1:53: no such host
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [k8s-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 192.168.0.170]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.0.170 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.0.170 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
W0324 21:26:32.356584 20299 manifests.go:214] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC"
[control-plane] Creating static Pod manifest for "kube-scheduler"
W0324 21:26:32.368700 20299 manifests.go:214] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[kubelet-check] Initial timeout of 40s passed.
[apiclient] All control plane components are healthy after 44.012370 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.17" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node k8s-master as control-plane by adding the label "node-role.kubernetes.io/master=''"
[mark-control-plane] Marking the node k8s-master as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: ey26o6.7iaksl0wnoc2m5d7
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.0.170:6443 --token ey26o6.7iaksl0wnoc2m5d7 \
--discovery-token-ca-cert-hash sha256:6d78b05b556121c07cfc63288dec29bf39388b8ccb4dad63d92bc2a47585b8a6
[root@k8s-master ~]#
#install cni on master
[root@k8s-master ~]# export KUBECONFIG=/etc/kubernetes/admin.conf [root@k8s-master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml podsecuritypolicy.policy/psp.flannel.unprivileged created clusterrole.rbac.authorization.k8s.io/flannel configured clusterrolebinding.rbac.authorization.k8s.io/flannel unchanged serviceaccount/flannel unchanged configmap/kube-flannel-cfg configured daemonset.apps/kube-flannel-ds-amd64 created daemonset.apps/kube-flannel-ds-arm64 created daemonset.apps/kube-flannel-ds-arm created daemonset.apps/kube-flannel-ds-ppc64le created daemonset.apps/kube-flannel-ds-s390x created [root@k8s-master ~]#
#show nodes
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 10h v1.17.4
------------------------------------------------------------------------------------------------------------------------------------------------------
#install nodes1~2
[root@k8s-master ~]# hostnamectl set-hostname k8s-node1
[root@k8s-master ~]# vi /etc/hosts
[root@k8s-master ~]# kubeadm join 192.168.0.170:6443 --token ey26o6.7iaksl0wnoc2m5d7 \
> --discovery-token-ca-cert-hash sha256:6d78b05b556121c07cfc63288dec29bf39388b8ccb4dad63d92bc2a47585b8a6
W0325 07:44:18.712235 95055 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.17" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
[root@k8s-master ~]# [root@k8s-master ~]#
#show nodes on master
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 10h v1.17.4
k8s-node1 NotReady <none> 30s v1.17.4
[root@k8s-master ~]#
#test kube cluster
[root@k8s-master ~]# kubectl apply -f https://k8s.io/examples/application/php-apache.yaml
deployment.apps/php-apache created
service/php-apache created
[root@k8s-master ~]# kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12h
php-apache ClusterIP 10.109.213.145 <none> 80/TCP 9m53s
[root@k8s-master ~]# kubectl edit service php-apache
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"run":"php-apache"},"name":"php-apache","namespace":"default"},"spec":{"ports":[{"port":80}],"selector":{"run":"php-apache"}}}
creationTimestamp: "2020-03-25T00:55:36Z"
labels:
run: php-apache
name: php-apache
namespace: default
resourceVersion: "96977"
selfLink: /api/v1/namespaces/default/services/php-apache
uid: 147c97d8-4141-48df-ae4a-16040a4c5030
spec:
clusterIP: 10.109.213.145
externalTrafficPolicy: Cluster
ports:
- nodePort: 31931
port: 80
protocol: TCP
targetPort: 80
selector:
run: php-apache
sessionAffinity: None
type: NodePort
status:
loadBalancer: {}
[root@k8s-master ~]# kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12h
php-apache NodePort 10.109.213.145 <none> 80:31931/TCP 14m
#show nodes on master
[root@k8s-master ~]# kubectl apply -f https://k8s.io/examples/application/php-apache.yaml
deployment.apps/php-apache created
s
댓글
댓글 쓰기