kubernetes test

-
install kubernetes

#install docker
[root@minimacent ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@minimacent ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Loaded plugins: fastestmirror, langpacks
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
[root@minimacent ~]# yum install docker-ce
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: data.aonenetworks.kr
 * extras: data.aonenetworks.kr
 * updates: data.aonenetworks.kr
Resolving Dependencies
--> Running transaction check
---> Package docker-ce.x86_64 3:19.03.8-3.el7 will be installed
--> Processing Dependency: container-selinux >= 2:2.74 for package: 3:docker-ce-19.03.8-3.el7.x86_64
--> Processing Dependency: containerd.io >= 1.2.2-3 for package: 3:docker-ce-19.03.8-3.el7.x86_64
--> Processing Dependency: docker-ce-cli for package: 3:docker-ce-19.03.8-3.el7.x86_64
--> Running transaction check
---> Package container-selinux.noarch 2:2.107-3.el7 will be installed
---> Package containerd.io.x86_64 0:1.2.13-3.1.el7 will be installed
---> Package docker-ce-cli.x86_64 1:19.03.8-3.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================
 Package                          Arch                  Version                          Repository                       Size
===============================================================================================================================
Installing:
 docker-ce                        x86_64                3:19.03.8-3.el7                  docker-ce-stable                 25 M
Installing for dependencies:
 container-selinux                noarch                2:2.107-3.el7                    extras                           39 k
 containerd.io                    x86_64                1.2.13-3.1.el7                   docker-ce-stable                 23 M
 docker-ce-cli                    x86_64                1:19.03.8-3.el7                  docker-ce-stable                 40 M

Transaction Summary
===============================================================================================================================
Install  1 Package (+3 Dependent packages)

Total download size: 87 M
Installed size: 363 M
Is this ok [y/d/N]: y
Downloading packages:
(1/4): container-selinux-2.107-3.el7.noarch.rpm                                                         |  39 kB  00:00:00
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/containerd.io-1.2.13-3.1.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Public key for containerd.io-1.2.13-3.1.el7.x86_64.rpm is not installed
(2/4): containerd.io-1.2.13-3.1.el7.x86_64.rpm                                                          |  23 MB  00:00:02
(3/4): docker-ce-19.03.8-3.el7.x86_64.rpm                                                               |  25 MB  00:00:02
(4/4): docker-ce-cli-19.03.8-3.el7.x86_64.rpm                                                           |  40 MB  00:00:02
-------------------------------------------------------------------------------------------------------------------------------
Total                                                                                           18 MB/s |  87 MB  00:00:04
Retrieving key from https://download.docker.com/linux/centos/gpg
Importing GPG key 0x621E9F35:
 Userid     : "Docker Release (CE rpm) <docker@docker.com>"
 Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
 From       : https://download.docker.com/linux/centos/gpg
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : 2:container-selinux-2.107-3.el7.noarch                                                                      1/4
  Installing : containerd.io-1.2.13-3.1.el7.x86_64                                                                         2/4
  Installing : 1:docker-ce-cli-19.03.8-3.el7.x86_64                                                                        3/4
  Installing : 3:docker-ce-19.03.8-3.el7.x86_64                                                                            4/4
  Verifying  : containerd.io-1.2.13-3.1.el7.x86_64                                                                         1/4
  Verifying  : 2:container-selinux-2.107-3.el7.noarch                                                                      2/4
  Verifying  : 3:docker-ce-19.03.8-3.el7.x86_64                                                                            3/4
  Verifying  : 1:docker-ce-cli-19.03.8-3.el7.x86_64                                                                        4/4

Installed:
  docker-ce.x86_64 3:19.03.8-3.el7

Dependency Installed:
  container-selinux.noarch 2:2.107-3.el7     containerd.io.x86_64 0:1.2.13-3.1.el7     docker-ce-cli.x86_64 1:19.03.8-3.el7

Complete!
[root@minimacent ~]# systemctl start docker && systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@minimacent ~]#
#Installing kubeadm
SELinux 설정을 permissive 모드

[root@minimacent ~]# setenforce 0
[root@minimacent ~]# sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
[

#Config firewalld
[root@minimacent ~]# cat <<EOF >  /etc/sysctl.d/k8s.conf
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
[root@minimacent ~]# sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
fs.aio-max-nr = 1048576
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/k8s.conf ...
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
* Applying /etc/sysctl.conf ...
[root@minimacent ~]#

#Swap off
[root@minimacent ~]# swapoff -a
[root@minimacent ~]# cat /etc/fstab

#
# /etc/fstab
# Created by anaconda on Mon Aug 12 23:41:04 2019
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=027f66bf-cbb1-4a7c-9648-bba5b93ee870 /boot                   xfs     defaults        0 0
#/dev/mapper/centos-swap swap                    swap    defaults        0 0
[root@minimacent ~]#

#config yum repo
[root@k8s-master ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
>
> [kubernetes]
>
> name=Kubernetes
>
> baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
>
> enabled=1
>
> gpgcheck=1
>
> repo_gpgcheck=1
>
> gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
>
> exclude=kube*
>
> EOF
[root@k8s-master ~]#  yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: data.aonenetworks.kr
 * extras: data.aonenetworks.kr
 * updates: data.aonenetworks.kr
kubernetes/signature                                                                                    |  454 B  00:00:00
Retrieving key from https://packages.cloud.google.com/yum/doc/yum-key.gpg
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg
Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
kubernetes/signature                                                                                    | 1.4 kB  00:00:00 !!!
kubernetes/primary                                                                                      |  65 kB  00:00:01
kubernetes                                                                                                             478/478
Resolving Dependencies
--> Running transaction check
---> Package kubeadm.x86_64 0:1.17.4-0 will be installed
--> Processing Dependency: kubernetes-cni >= 0.7.5 for package: kubeadm-1.17.4-0.x86_64
--> Processing Dependency: cri-tools >= 1.13.0 for package: kubeadm-1.17.4-0.x86_64
---> Package kubectl.x86_64 0:1.17.4-0 will be installed
---> Package kubelet.x86_64 0:1.17.4-0 will be installed
--> Processing Dependency: socat for package: kubelet-1.17.4-0.x86_64
--> Processing Dependency: conntrack for package: kubelet-1.17.4-0.x86_64
--> Running transaction check
---> Package conntrack-tools.x86_64 0:1.4.4-5.el7_7.2 will be installed
--> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.1)(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.0)(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_cthelper.so.0(LIBNETFILTER_CTHELPER_1.0)(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_queue.so.1()(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_cttimeout.so.1()(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
--> Processing Dependency: libnetfilter_cthelper.so.0()(64bit) for package: conntrack-tools-1.4.4-5.el7_7.2.x86_64
---> Package cri-tools.x86_64 0:1.13.0-0 will be installed
---> Package kubernetes-cni.x86_64 0:0.7.5-0 will be installed
---> Package socat.x86_64 0:1.7.3.2-2.el7 will be installed
--> Running transaction check
---> Package libnetfilter_cthelper.x86_64 0:1.0.0-10.el7_7.1 will be installed
---> Package libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7_7.1 will be installed
---> Package libnetfilter_queue.x86_64 0:1.0.2-2.el7_2 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================
 Package                               Arch                  Version                           Repository                 Size
===============================================================================================================================
Installing:
 kubeadm                               x86_64                1.17.4-0                          kubernetes                8.7 M
 kubectl                               x86_64                1.17.4-0                          kubernetes                9.4 M
 kubelet                               x86_64                1.17.4-0                          kubernetes                 20 M
Installing for dependencies:
 conntrack-tools                       x86_64                1.4.4-5.el7_7.2                   updates                   187 k
 cri-tools                             x86_64                1.13.0-0                          kubernetes                5.1 M
 kubernetes-cni                        x86_64                0.7.5-0                           kubernetes                 10 M
 libnetfilter_cthelper                 x86_64                1.0.0-10.el7_7.1                  updates                    18 k
 libnetfilter_cttimeout                x86_64                1.0.0-6.el7_7.1                   updates                    18 k
 libnetfilter_queue                    x86_64                1.0.2-2.el7_2                     base                       23 k
 socat                                 x86_64                1.7.3.2-2.el7                     base                      290 k

Transaction Summary
===============================================================================================================================
Install  3 Packages (+7 Dependent packages)

Total download size: 54 M
Installed size: 243 M
Downloading packages:
경고: /var/cache/yum/x86_64/7/kubernetes/packages/14bfe6e75a9efc8eca3f638eb22c7e2ce759c67f95b43b16fae4ebabde1549f3-cri-tools-1.13.0-0.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 3e1ba8d5: NOKEY
Public key for 14bfe6e75a9efc8eca3f638eb22c7e2ce759c67f95b43b16fae4ebabde1549f3-cri-tools-1.13.0-0.x86_64.rpm is not installed
(1/10): 14bfe6e75a9efc8eca3f638eb22c7e2ce759c67f95b43b16fae4ebabde1549f3-cri-tools-1.13.0-0.x86_64.rpm  | 5.1 MB  00:00:01
(2/10): 0767753f85f415bbdf1df0e974eafccb653bee06149600c3ee05b903bdc897ba-kubeadm-1.17.4-0.x86_64.rpm    | 8.7 MB  00:00:01
(3/10): 06400b25ef3577561502f9a7a126bf4975c03b30aca0fb19bb636f870ab93876-kubectl-1.17.4-0.x86_64.rpm    | 9.4 MB  00:00:01
(4/10): 0c45baca5fcc05bb75f1e953ecaf85844efac01bf9c1ef3c219f2b41eade3168-kubelet-1.17.4-0.x86_64.rpm    |  20 MB  00:00:01
(5/10): libnetfilter_cthelper-1.0.0-10.el7_7.1.x86_64.rpm                                               |  18 kB  00:00:00
(6/10): libnetfilter_cttimeout-1.0.0-6.el7_7.1.x86_64.rpm                                               |  18 kB  00:00:00
(7/10): libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm                                                     |  23 kB  00:00:00
(8/10): socat-1.7.3.2-2.el7.x86_64.rpm                                                                  | 290 kB  00:00:00
(9/10): 548a0dcd865c16a50980420ddfa5fbccb8b59621179798e6dc905c9bf8af3b34-kubernetes-cni-0.7.5-0.x86_64. |  10 MB  00:00:00
(10/10): conntrack-tools-1.4.4-5.el7_7.2.x86_64.rpm                                                     | 187 kB  00:00:05
-------------------------------------------------------------------------------------------------------------------------------
Total                                                                                          9.3 MB/s |  54 MB  00:00:05
Retrieving key from https://packages.cloud.google.com/yum/doc/yum-key.gpg
Importing GPG key 0xA7317B0F:
 Userid     : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
 Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
 From       : https://packages.cloud.google.com/yum/doc/yum-key.gpg
Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
Importing GPG key 0x3E1BA8D5:
 Userid     : "Google Cloud Packages RPM Signing Key <gc-team@google.com>"
 Fingerprint: 3749 e1ba 95a8 6ce0 5454 6ed2 f09c 394c 3e1b a8d5
 From       : https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : libnetfilter_cttimeout-1.0.0-6.el7_7.1.x86_64                                                              1/10
  Installing : socat-1.7.3.2-2.el7.x86_64                                                                                 2/10
  Installing : cri-tools-1.13.0-0.x86_64                                                                                  3/10
  Installing : kubectl-1.17.4-0.x86_64                                                                                    4/10
  Installing : libnetfilter_queue-1.0.2-2.el7_2.x86_64                                                                    5/10
  Installing : libnetfilter_cthelper-1.0.0-10.el7_7.1.x86_64                                                              6/10
  Installing : conntrack-tools-1.4.4-5.el7_7.2.x86_64                                                                     7/10
  Installing : kubernetes-cni-0.7.5-0.x86_64                                                                              8/10
  Installing : kubelet-1.17.4-0.x86_64                                                                                    9/10
  Installing : kubeadm-1.17.4-0.x86_64                                                                                   10/10
  Verifying  : libnetfilter_cthelper-1.0.0-10.el7_7.1.x86_64                                                              1/10
  Verifying  : conntrack-tools-1.4.4-5.el7_7.2.x86_64                                                                     2/10
  Verifying  : libnetfilter_queue-1.0.2-2.el7_2.x86_64                                                                    3/10
  Verifying  : kubeadm-1.17.4-0.x86_64                                                                                    4/10
  Verifying  : kubectl-1.17.4-0.x86_64                                                                                    5/10
  Verifying  : cri-tools-1.13.0-0.x86_64                                                                                  6/10
  Verifying  : kubernetes-cni-0.7.5-0.x86_64                                                                              7/10
  Verifying  : socat-1.7.3.2-2.el7.x86_64                                                                                 8/10
  Verifying  : kubelet-1.17.4-0.x86_64                                                                                    9/10
  Verifying  : libnetfilter_cttimeout-1.0.0-6.el7_7.1.x86_64                                                             10/10

Installed:
  kubeadm.x86_64 0:1.17.4-0                 kubectl.x86_64 0:1.17.4-0                 kubelet.x86_64 0:1.17.4-0

Dependency Installed:
  conntrack-tools.x86_64 0:1.4.4-5.el7_7.2                       cri-tools.x86_64 0:1.13.0-0
  kubernetes-cni.x86_64 0:0.7.5-0                                libnetfilter_cthelper.x86_64 0:1.0.0-10.el7_7.1
  libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7_7.1                libnetfilter_queue.x86_64 0:1.0.2-2.el7_2
  socat.x86_64 0:1.7.3.2-2.el7

Complete!
[root@k8s-master ~]#
[root@k8s-master ~]# systemctl enable kubelet && systemctl start kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
[root@k8s-master ~]#


#install master



[root@k8s-master ~]# kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.0.170
W0324 21:25:04.860975   20299 validation.go:28] Cannot validate kube-proxy config - no validator is available
W0324 21:25:04.861130   20299 validation.go:28] Cannot validate kubelet config - no validator is available
[init] Using Kubernetes version: v1.17.4
[preflight] Running pre-flight checks
        [WARNING Firewalld]: firewalld is active, please ensure ports [6443 10250] are open or your cluster may not function correctly
        [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
        [WARNING Hostname]: hostname "k8s-master" could not be reached
        [WARNING Hostname]: hostname "k8s-master": lookup k8s-master on 192.168.0.1:53: no such host
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [k8s-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 192.168.0.170]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.0.170 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.0.170 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
W0324 21:26:32.356584   20299 manifests.go:214] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC"
[control-plane] Creating static Pod manifest for "kube-scheduler"
W0324 21:26:32.368700   20299 manifests.go:214] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[kubelet-check] Initial timeout of 40s passed.
[apiclient] All control plane components are healthy after 44.012370 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.17" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node k8s-master as control-plane by adding the label "node-role.kubernetes.io/master=''"
[mark-control-plane] Marking the node k8s-master as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: ey26o6.7iaksl0wnoc2m5d7
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.0.170:6443 --token ey26o6.7iaksl0wnoc2m5d7 \
    --discovery-token-ca-cert-hash sha256:6d78b05b556121c07cfc63288dec29bf39388b8ccb4dad63d92bc2a47585b8a6
[root@k8s-master ~]#

#install cni on master
[root@k8s-master ~]# export KUBECONFIG=/etc/kubernetes/admin.conf
[root@k8s-master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel configured
clusterrolebinding.rbac.authorization.k8s.io/flannel unchanged
serviceaccount/flannel unchanged
configmap/kube-flannel-cfg configured
daemonset.apps/kube-flannel-ds-amd64 created
daemonset.apps/kube-flannel-ds-arm64 created
daemonset.apps/kube-flannel-ds-arm created
daemonset.apps/kube-flannel-ds-ppc64le created
daemonset.apps/kube-flannel-ds-s390x created
[root@k8s-master ~]#
#show nodes
[root@k8s-master ~]# kubectl get nodes
NAME         STATUS   ROLES    AGE   VERSION
k8s-master   Ready    master   10h   v1.17.4
------------------------------------------------------------------------------------------------------------------------------------------------------
#install nodes1~2
[root@k8s-master ~]# hostnamectl set-hostname k8s-node1
[root@k8s-master ~]#  vi /etc/hosts
[root@k8s-master ~]# kubeadm join 192.168.0.170:6443 --token ey26o6.7iaksl0wnoc2m5d7 \
>     --discovery-token-ca-cert-hash sha256:6d78b05b556121c07cfc63288dec29bf39388b8ccb4dad63d92bc2a47585b8a6
W0325 07:44:18.712235   95055 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.
[preflight] Running pre-flight checks
        [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.17" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

[root@k8s-master ~]# [root@k8s-master ~]#

#show nodes on master
[root@k8s-master ~]# kubectl get nodes
NAME         STATUS     ROLES    AGE   VERSION
k8s-master   Ready      master   10h   v1.17.4
k8s-node1    NotReady   <none>   30s   v1.17.4
[root@k8s-master ~]#
#test kube cluster
[root@k8s-master ~]# kubectl apply -f https://k8s.io/examples/application/php-apache.yaml
deployment.apps/php-apache created
service/php-apache created
[root@k8s-master ~]# kubectl get services
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP        12h
php-apache   ClusterIP   10.109.213.145   <none>        80/TCP         9m53s
[root@k8s-master ~]# kubectl edit service php-apache
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"run":"php-apache"},"name":"php-apache","namespace":"default"},"spec":{"ports":[{"port":80}],"selector":{"run":"php-apache"}}}
  creationTimestamp: "2020-03-25T00:55:36Z"
  labels:
    run: php-apache
  name: php-apache
  namespace: default
  resourceVersion: "96977"
  selfLink: /api/v1/namespaces/default/services/php-apache
  uid: 147c97d8-4141-48df-ae4a-16040a4c5030
spec:
  clusterIP: 10.109.213.145
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 31931
    port: 80
    protocol: TCP
    targetPort: 80
  selector:
    run: php-apache
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}
[root@k8s-master ~]# kubectl get services
NAME         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP        12h
php-apache   NodePort    10.109.213.145   <none>        80:31931/TCP   14m

#show nodes on master
[root@k8s-master ~]# kubectl apply -f https://k8s.io/examples/application/php-apache.yaml
deployment.apps/php-apache created
s

댓글

댓글 쓰기

이 블로그의 인기 게시물

error You have $NVM_DIR set to "/root/.nvm", but that directory does not exist. Check your profile files and environment.

-
#error [min@localhost ~]$ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 13527 100 13527 0 0 17679 0 --:--:-- --:--:-- --:--:-- 17682 You have $NVM_DIR set to "/root/.nvm", but that directory does not exist. Check your profile files and environment. #fix error [min@localhost ~]$ unset NVM_DIR [min@localhost ~]$ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 13527 100 13527 0 0 28270 0 --:--:-- --:--:-- --:--:-- 28240 => Downloading nvm from git to '/home/min/.nvm' => Cloning into '/home/min/.nvm'... remote: Enumerating objects: 290, done. remot
자세한 내용 보기

linux mint install xrdp

-
이미지
## install xrdp $ sudo apt install xrdp $ sudo adduser xrdp ssl-cert $ sudo ufw allow from 192.168.2.0/24 to any port 3389 $ sudo ufw reload $ sudo ufw status ## xrdp connection closes immediately? $ sudo vim /etc/xrdp/startwm.sh unset DBUS_SESSION_BUS_ADDRESS unset XDG_RUNTIME_DIR $ sudo systemctl restart xrdp ## xrdp connection closes immediately? $ sudo vim /etc/xrdp/startwm.sh #!/bin/sh # xrdp X session start script (c) 2015, 2017 mirabilos # published under The MirOS Licence if test -r /etc/profile; then . /etc/profile fi if test -r /etc/default/locale; then . /etc/default/locale test -z "${LANG+x}" || export LANG test -z "${LANGUAGE+x}" || export LANGUAGE test -z "${LC_ADDRESS+x}" || export LC_ADDRESS test -z "${LC_ALL+x}" || export LC_ALL test -z "${LC_COLLATE+x}" || export LC_COLLATE test -z "${LC_CTYPE+x}" || export LC_CTYPE test -z "${LC_IDENTIFICATION+x}" || export L
자세한 내용 보기

centos 6.x yum update problem making ssl connection

-
이미지
## yum update [root@localhost ~]# yum update Loaded plugins: fastestmirror Setting up Update Process Loading mirror speeds from cached hostfile https://vault.centos.org/centos/6/os/x86_64/repodata/repomd.xml: [Errno 14] problem making ssl connection Trying other mirror. Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again ## fix repo [root@localhost ~]# cd /etc/yum yum/ yum.conf yum.repos.d/ [root@localhost ~]# cd /etc/yum.repos.d/ [root@localhost ~]# yum clean all Loaded plugins: fastestmirror Cleaning repos: base update Cleaning up Everything Cleaning up list of fastest mirrors ## fix repo [root@localhost yum.repos.d]# vi CentOS-Base.repo [base] name= CentOS-6 - Base baseurl= http://mirror.nsc.liu.se/centos-store/6.6/os/x86_64/ gpgcheck=0 priority=1 protect=1 [update] name=CentOS-6 - Updates baseurl=https://archive.kernel.org/centos-vault/6.6/updates/x86_64/ gpgcheck=0 priority=1 protect=1
자세한 내용 보기