문서 목적

• 2023년 11월 19일 기준 라즈베리파이로 docker 기반 쿠버네티스를 구축 진행
• 이런 저러한 삽질의 결과물로, 라즈베리 파이를 이용하여 구축할 때 참고시 도움이 될 것으로 보임

결과

$ kubectl get node -o wide
NAME            STATUS   ROLES           AGE     VERSION   INTERNAL-IP    EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION      CONTAINER-RUNTIME
raspberrypi01   Ready    control-plane   3h16m   v1.28.2   192.168.0.x    <none>        Ubuntu 22.04.3 LTS   5.15.0-1034-raspi   docker://24.0.7
raspberrypi02   Ready    <none>          3h11m   v1.28.2   192.168.0.x    <none>        Ubuntu 22.04.3 LTS   5.15.0-1034-raspi   docker://24.0.7
raspberrypi03   Ready    <none>          3h2m    v1.28.2   192.168.0.x    <none>        Ubuntu 22.04.3 LTS   5.15.0-1034-raspi   docker://24.0.7
raspberrypi04   Ready    <none>          3h2m    v1.28.2   192.168.0.x    <none>        Ubuntu 22.04.3 LTS   5.15.0-1034-raspi   docker://24.0.7

Environment

• Raspberry PI 4B
  • Memory : 8 GB
  • Storage : 32 GB
  • Arm 기반 64 bit
  • OS : Ubuntu 22.04 LTS
• Docker 24.0.7
• Kubernetes Version 1.28.2

설치 과정

✅ All Node 환경 설정

---

croups를 위한 설정

• cgroup이란 ? : https://sonseungha.tistory.com/535
• About cgroup v2 : https://kubernetes.io/docs/concepts/architecture/cgroups/

$ sudo vi /boot/firmware/cmdline.txt
# cgroup_enable=memory cgroup_memory=1 을 앞에 추가

Linux 패키지 최신화

# 패키지를 최신 버전으로 갱신하고 리부팅한다.
$ sudo apt update && sudo apt -y full-upgrade
[ -f /var/run/reboot-required ] && sudo reboot -f

SwapOff 처리

주로 아래와 같은 이유로 swap off를 함

• 쿠버네티스 노드의 안정성 향상
• 컨테이너 환경에서의 메모리 관리
• 스왑 사용 시 성능 저하 방지

sudo swapoff -a && sudo sed -i '/ swap / s/^/#/' /etc/fstab

Docker 설치

$ sudo apt -y install curl apt-transport-https net-tools vim git curl wget software-properties-common
$ curl -sSL https://get.docker.com | sh
$ sudo usermod -aG docker $USER # sudo를 안쓰기 위해
$ sudo docker run hello-world # 잘 나오는지 테스트를 위해

cri-dockered 설치

• 1.24 버전 이후로 도커심 대신 cri-dockered를 통해 도커 엔진을 사용할 수 있음

$ VER=$(curl -s https://api.github.com/repos/Mirantis/cri-dockerd/releases/latest|grep tag_name | cut -d '"' -f 4|sed 's/v//g') # for latest
$ echo $VER # 0.3.7
$ wget https://github.com/Mirantis/cri-dockerd/releases/download/v${VER}/cri-dockerd-${VER}.arm64.tgz
$ tar xvf cri-dockerd-${VER}.arm64.tgz
$ sudo mv cri-dockerd/cri-dockerd /usr/local/bin/
$ cri-dockerd --version # cri-dockerd 0.3.7 
$ wget https://raw.githubusercontent.com/Mirantis/cri-dockerd/master/packaging/systemd/cri-docker.service
$ wget https://raw.githubusercontent.com/Mirantis/cri-dockerd/master/packaging/systemd/cri-docker.socket
$ sudo mv cri-docker.socket cri-docker.service /etc/systemd/system/
$ sudo sed -i -e 's,/usr/bin/cri-dockerd,/usr/local/bin/cri-dockerd,' /etc/systemd/system/cri-docker.service
$ sudo systemctl daemon-reload
$ sudo systemctl enable cri-docker.service
$ sudo systemctl enable --now cri-docker.socket
$ sudo systemctl restart docker && sudo systemctl restart cri-docker
$ sudo systemctl status cri-docker.socket --no-pager
$ sudo mkdir /etc/docker
$ cat <<EOF | sudo tee /etc/docker/daemon.json
{
	"exec-opts": ["native.cgroupdriver=systemd"],
	"log-driver": "json-file",
	"log-opts": {
		"max-size": "100m"
	},
	"storage-driver": "overlay2"
}
EOF
$ sudo systemctl restart docker && sudo systemctl restart cri-docker
$ sudo docker info | grep Cgroup

cri-o 설치

• 현재는 어떤 건지는 모르겠으나, 해당 내용이 없을 경우 core-dns POD가 Creating 단계에서 멈춰버림

$ OS_NAME=xUbuntu_22.04
$ CRIO_VER=1.28
$ echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/${OS_NAME}/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
$ echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/${CRIO_VER}/${OS_NAME}/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VER.list
$ curl -L https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$CRIO_VER/$OS_NAME/Release.key | sudo apt-key add -
$ curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS_NAME/Release.key | sudo apt-key add -
$ sudo apt update
$ sudo apt -y install cri-o cri-o-runc
$ crio version

kubelet, kubeadm, kubectl 설치

$ curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
$ echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
$ sudo apt update
$ sudo apt -y install kubeadm kubelet kubectl
$ sudo apt-mark hold kubelet kubeadm kubectl # 버전 고정
$ kubectl version --client && kubeadm version # 잘 설치 되었는지 확인

IPv4를 포워딩하여 iptables가 브리지된 트래픽을 보게 하기

$ cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
  overlay
  br_netfilter
  EOF

$ sudo modprobe overlay
$ sudo modprobe br_netfilter

# 필요한 sysctl 파라미터를 설정하면, 재부팅 후에도 값이 유지된다.
$ cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
  net.bridge.bridge-nf-call-iptables  = 1
  net.bridge.bridge-nf-call-ip6tables = 1
  net.ipv4.ip_forward                 = 1
  EOF

# 재부팅하지 않고 sysctl 파라미터 적용하기
$ sudo sysctl --system

잘 적용되었는지 확인하는 방법은 여기에 잘 정리 되어 있음

---

✅ Master Node에서만 적용

마스터 노드 초기화 작업

$ sudo systemctl enable kubelet # kubelet enable
$ sudo kubeadm config images pull --cri-socket unix:///run/cri-dockerd.sock
$ mkdir -p ~/tmp
$ cat > ~/tmp/kube-admin-config.yaml <<EOF
---
apiVersion: "kubeadm.k8s.io/v1beta3"
kind: InitConfiguration
nodeRegistration:
  criSocket: "unix:///run/cri-dockerd.sock"
---
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
failSwapOn: false
featureGates:
  NodeSwap: true
memorySwap:
  swapBehavior: LimitedSwap
---
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
networking:
  podSubnet: "172.24.0.0/24" # --pod-network-cidr
EOF
sudo kubeadm init --config ~/tmp/kube-admin-config.yaml # 해당 결과 복사 (kubeadm join 부분)

kubectl 설정

$ mkdir -p $HOME/.kube
$ sudo cp -f /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

자동 완성을 위해 아래처럼 실행(출처)

$ echo 'source <(kubectl completion bash)' >>~/.bashrc # 현재 사용자만
$ kubectl completion bash | sudo tee /etc/bash_completion.d/kubectl > /dev/null # 시스템 전체 적용

NetworkPlugin 설치

$ curl -O https://raw.githubusercontent.com/projectcalico/calico/v3.26.4/manifests/tigera-operator.yaml
$ curl -O https://raw.githubusercontent.com/projectcalico/calico/v3.26.4/manifests/custom-resources.yaml
$ kubectl create -f tigera-operator.yaml
$ sed -ie 's/192.168.0.0/172.24.0.0/g' custom-resources.yaml # CIDR 수정
$ kubectl create -f custom-resources.yaml
$ kubectl get pods --all-namespaces -w # 정상 설치 확인
$ kubectl taint nodes --all  node-role.kubernetes.io/control-plane- # 격리 해제
$ kubectl get nodes # 확인

---

✅ WorkerNode에서만 적용

$ sudo kubeadm join master_node_host:6443 --token we7mc5.************ \
	--discovery-token-ca-cert-hash sha256:61d59b805bb8a9c3649f004e28d8bed***************** \
    --cri-socket unix:///run/cri-dockerd.sock

---

Reference

• kubernetes : https://velog.io/@sororiri/k8s-kubeadm-%EC%84%A4%EC%B9%98-big2bz1i
• cri-dockered : https://tech.hostway.co.kr/2022/08/30/1374/
• cri-o : https://tech.hostway.co.kr/2022/05/12/1029/
• https://truelifer.medium.com/raspberry-pi-4b-%EC%97%90-kubernetes-cluster-%EC%84%A4%EC%B9%98%ED%95%98%EA%B8%B0-35a1c7be3cbd