Udemy Labs - Certified Kubernetes Administrator with Practice Tests - Lightning Labs 문제 풀이
Kubernetes
목록 보기
5/53
문제 1
1
Weight: 15
Upgrade the current version of kubernetes from 1.28.0 to 1.29.0 exactly using the kubeadm utility. Make sure that the upgrade is carried out one node at a time starting with the controlplane node. To minimize downtime, the deployment gold-nginx should be rescheduled on an alternate node before upgrading each node.
Upgrade controlplane node first and drain node node01 before upgrading it. Pods for gold-nginx should run on the controlplane node subsequently.
Cluster Upgraded?
pods 'gold-nginx' running on controlplane?
docs
- kubeadm 1.29.0이 없을 때
- controlplane node update
- node01 update:
정답
- 먼저 2번 docs를 보고 따라한다
controlplane ~ ➜ sudo apt-mark unhold kubeadm
kubeadm was already not hold.
controlplane ~ ➜ sudo apt-get update && sudo apt-get install -y kubeadm='1.29.0-*'
Get:2 https://download.docker.com/linux/ubuntu focal InRelease [57.7 kB]
Get:3 http://security.ubuntu.com/ubuntu focal-security InRelease [128 kB]
Get:4 http://archive.ubuntu.com/ubuntu focal InRelease [265 kB]
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb InRelease [1,189 B]
Get:5 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages [52.2 kB]
Get:6 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb Packages [15.1 kB]
Get:7 http://archive.ubuntu.com/ubuntu focal-updates InRelease [128 kB]
Get:8 http://archive.ubuntu.com/ubuntu focal-backports InRelease [128 kB]
Get:9 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages [3,675 kB]
Get:10 http://archive.ubuntu.com/ubuntu focal/restricted amd64 Packages [33.4 kB]
Get:11 http://archive.ubuntu.com/ubuntu focal/universe amd64 Packages [11.3 MB]
Get:12 http://security.ubuntu.com/ubuntu focal-security/multiverse amd64 Packages [29.8 kB]
Get:13 http://security.ubuntu.com/ubuntu focal-security/restricted amd64 Packages [3,616 kB]
Get:14 http://security.ubuntu.com/ubuntu focal-security/universe amd64 Packages [1,208 kB]
Get:15 http://archive.ubuntu.com/ubuntu focal/multiverse amd64 Packages [177 kB]
Get:16 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages [1,275 kB]
Get:17 http://archive.ubuntu.com/ubuntu focal-updates/restricted amd64 Packages [3,766 kB]
Get:18 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 Packages [1,504 kB]
Get:19 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages [4,149 kB]
Get:20 http://archive.ubuntu.com/ubuntu focal-updates/multiverse amd64 Packages [32.5 kB]
Get:21 http://archive.ubuntu.com/ubuntu focal-backports/main amd64 Packages [55.2 kB]
Get:22 http://archive.ubuntu.com/ubuntu focal-backports/universe amd64 Packages [28.6 kB]
Fetched 31.7 MB in 3s (12.1 MB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Version '1.29.0-*' for 'kubeadm' was not found- 1.29.0-* 버전이 없다고 뜨면 docs 1을 보고 따라한다
controlplane ~ ✖ sudo apt-get install -y apt-transport-https ca-certificates curl gpg
Reading package lists... Done
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20230311ubuntu0.20.04.1).
gpg is already the newest version (2.2.19-3ubuntu2.2).
gpg set to manually installed.
The following additional packages will be installed:
libcurl4
The following packages will be upgraded:
apt-transport-https curl libcurl4
3 upgraded, 0 newly installed, 0 to remove and 81 not upgraded.
Need to get 398 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 apt-transport-https all 2.0.10 [1,704 B]
Get:2 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 curl amd64 7.68.0-1ubuntu2.22 [161 kB]
Get:3 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 libcurl4 amd64 7.68.0-1ubuntu2.22 [235 kB]
Fetched 398 kB in 0s (1,077 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 20477 files and directories currently installed.)
Preparing to unpack .../apt-transport-https_2.0.10_all.deb ...
Unpacking apt-transport-https (2.0.10) over (2.0.9) ...
Preparing to unpack .../curl_7.68.0-1ubuntu2.22_amd64.deb ...
Unpacking curl (7.68.0-1ubuntu2.22) over (7.68.0-1ubuntu2.20) ...
Preparing to unpack .../libcurl4_7.68.0-1ubuntu2.22_amd64.deb ...
Unpacking libcurl4:amd64 (7.68.0-1ubuntu2.22) over (7.68.0-1ubuntu2.20) ...
Setting up apt-transport-https (2.0.10) ...
Setting up libcurl4:amd64 (7.68.0-1ubuntu2.22) ...
Setting up curl (7.68.0-1ubuntu2.22) ...
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.12) ...
controlplane ~ ➜ curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
File '/etc/apt/keyrings/kubernetes-apt-keyring.gpg' exists. Overwrite? (y/N) y
controlplane ~ ➜ echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /
controlplane ~ ➜ sudo apt-get update
Hit:2 https://download.docker.com/linux/ubuntu focal InRelease
Hit:3 http://archive.ubuntu.com/ubuntu focal InRelease
Hit:4 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:5 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb InRelease [1,186 B]
Hit:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Get:7 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb Packages [9,029 B]
Fetched 10.2 kB in 1s (16.1 kB/s)
Reading package lists... Done
controlplane ~ ➜ sudo apt-get install -y kubelet kubeadm kubectl
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
kubeadm kubectl kubelet
3 upgraded, 0 newly installed, 0 to remove and 80 not upgraded.
Need to get 40.5 MB of archives.
After this operation, 1,257 kB disk space will be freed.
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubelet 1.29.5-1.1 [19.8 MB]
Get:2 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubectl 1.29.5-1.1 [10.5 MB]
Get:3 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubeadm 1.29.5-1.1 [10.1 MB]
Fetched 40.5 MB in 1s (72.4 MB/s)
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 20477 files and directories currently installed.)
Preparing to unpack .../kubelet_1.29.5-1.1_amd64.deb ...
Unpacking kubelet (1.29.5-1.1) over (1.28.0-1.1) ...
Preparing to unpack .../kubectl_1.29.5-1.1_amd64.deb ...
Unpacking kubectl (1.29.5-1.1) over (1.28.0-1.1) ...
Preparing to unpack .../kubeadm_1.29.5-1.1_amd64.deb ...
Unpacking kubeadm (1.29.5-1.1) over (1.28.0-1.1) ...
Setting up kubectl (1.29.5-1.1) ...
Setting up kubelet (1.29.5-1.1) ...
Setting up kubeadm (1.29.5-1.1) ...
controlplane ~ ➜ sudo apt-mark hold kubelet kubeadm kubectl
kubelet set on hold.
kubeadm set on hold.
kubectl set on hold.- 다시 docs 1로 와서 madison하면 1.29.0버전이 나타난다 이 이후로는 docs 1을 보고 따라한다
controlplane ~ ➜ sudo apt-cache madison kubeadm
kubeadm | 1.29.5-1.1 | https://pkgs.k8s.io/core:/stable:/v1.29/deb Packages
kubeadm | 1.29.4-2.1 | https://pkgs.k8s.io/core:/stable:/v1.29/deb Packages
kubeadm | 1.29.3-1.1 | https://pkgs.k8s.io/core:/stable:/v1.29/deb Packages
kubeadm | 1.29.2-1.1 | https://pkgs.k8s.io/core:/stable:/v1.29/deb Packages
kubeadm | 1.29.1-1.1 | https://pkgs.k8s.io/core:/stable:/v1.29/deb Packages
kubeadm | 1.29.0-1.1 | https://pkgs.k8s.io/core:/stable:/v1.29/deb Packages
controlplane ~ ➜ sudo apt-mark unhold kubeadm
Canceled hold on kubeadm.
controlplane ~ ➜ sudo apt-get update && sudo apt-get install -y kubeadm='1.29.0-*'
Hit:2 https://download.docker.com/linux/ubuntu focal InRelease
Hit:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb InRelease
Hit:3 http://archive.ubuntu.com/ubuntu focal InRelease
Hit:4 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:5 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Selected version '1.29.0-1.1' (isv:kubernetes:core:stable:v1.29:pkgs.k8s.io [amd64]) for 'kubeadm'
The following packages will be DOWNGRADED:
kubeadm
0 upgraded, 0 newly installed, 1 downgraded, 0 to remove and 80 not upgraded.
E: Packages were downgraded and -y was used without --allow-downgrades.
controlplane ~ ✖ sudo apt-mark hold kubeadm
kubeadm set on hold.
controlplane ~ ➜ kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"29", GitVersion:"v1.29.5", GitCommit:"59755ff595fa4526236b0cc03aa2242d941a5171", GitTreeState:"clean", BuildDate:"2024-05-14T10:44:51Z", GoVersion:"go1.21.9", Compiler:"gc", Platform:"linux/amd64"}
controlplane ~ ➜ ^C
controlplane ~ ✖ sudo apt-get install kubeadm='1.29.0-1.1'
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following held packages will be changed:
kubeadm
The following packages will be DOWNGRADED:
kubeadm
0 upgraded, 0 newly installed, 1 downgraded, 0 to remove and 80 not upgraded.
Need to get 10.1 MB of archives.
After this operation, 123 kB disk space will be freed.
Do you want to continue? [Y/n] Y\
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubeadm 1.29.0-1.1 [10.1 MB]
Fetched 10.1 MB in 0s (35.3 MB/s)
debconf: delaying package configuration, since apt-utils is not installed
dpkg: warning: downgrading kubeadm from 1.29.5-1.1 to 1.29.0-1.1
(Reading database ... 20477 files and directories currently installed.)
Preparing to unpack .../kubeadm_1.29.0-1.1_amd64.deb ...
Unpacking kubeadm (1.29.0-1.1) over (1.29.5-1.1) ...
Setting up kubeadm (1.29.0-1.1) ...
controlplane ~ ➜ kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"29", GitVersion:"v1.29.0", GitCommit:"3f7a50f38688eb332e2a1b013678c6435d539ae6", GitTreeState:"clean", BuildDate:"2023-12-13T08:50:10Z", GoVersion:"go1.21.5", Compiler:"gc", Platform:"linux/amd64"}
controlplane ~ ➜ sudo kubeadm upgrade plan
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[preflight] Running pre-flight checks.
[upgrade] Running cluster health checks
sudo kubeadm upgrade apply v1.29.[upgrade] Fetching available versions to upgrade to
[upgrade/versions] Cluster version: v1.28.0
[upgrade/versions] kubeadm version: v1.29.0
I0601 11:47:16.896083 16035 version.go:256] remote version is much newer: v1.30.1; falling back to: stable-1.29
[upgrade/versions] Target version: v1.29.5
[upgrade/versions] Latest version in the v1.28 series: v1.28.10
Components that must be upgraded manually after you have upgraded the control plane with 'kubeadm upgrade apply':
COMPONENT CURRENT TARGET
kubelet 2 x v1.28.0 v1.28.10
Upgrade to the latest version in the v1.28 series:
COMPONENT CURRENT TARGET
kube-apiserver v1.28.0 v1.28.10
kube-controller-manager v1.28.0 v1.28.10
kube-scheduler v1.28.0 v1.28.10
kube-proxy v1.28.0 v1.28.10
CoreDNS v1.10.1 v1.11.1
etcd 3.5.9-0 3.5.10-0
You can now apply the upgrade by executing the following command:
kubeadm upgrade apply v1.28.10
_____________________________________________________________________
Components that must be upgraded manually after you have upgraded the control plane with 'kubeadm upgrade apply':
COMPONENT CURRENT TARGET
kubelet 2 x v1.28.0 v1.29.5
Upgrade to the latest stable version:
COMPONENT CURRENT TARGET
kube-apiserver v1.28.0 v1.29.5
kube-controller-manager v1.28.0 v1.29.5
kube-scheduler v1.28.0 v1.29.5
kube-proxy v1.28.0 v1.29.5
CoreDNS v1.10.1 v1.11.1
etcd 3.5.9-0 3.5.10-0
You can now apply the upgrade by executing the following command:
kubeadm upgrade apply v1.29.5
Note: Before you can perform this upgrade, you have to update kubeadm to v1.29.5.
_____________________________________________________________________
The table below shows the current state of component configs as understood by this version of kubeadm.
Configs that have a "yes" mark in the "MANUAL UPGRADE REQUIRED" column require manual config upgrade or
resetting to kubeadm defaults before a successful upgrade can be performed. The version to manually
upgrade to is denoted in the "PREFERRED VERSION" column.
API GROUP CURRENT VERSION PREFERRED VERSION MANUAL UPGRADE REQUIRED
kubeproxy.config.k8s.io v1alpha1 v1alpha1 no
kubelet.config.k8s.io v1beta1 v1beta1 no
_____________________________________________________________________
controlplane ~ ➜ sudo kubeadm upgrade apply v1.29.0
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[preflight] Running pre-flight checks.
[upgrade] Running cluster health checks
[upgrade/version] You have chosen to change the cluster version to "v1.29.0"
[upgrade/versions] Cluster version: v1.28.0
[upgrade/versions] kubeadm version: v1.29.0
[upgrade] Are you sure you want to proceed? [y/N]: y
[upgrade/prepull] Pulling images required for setting up a Kubernetes cluster
[upgrade/prepull] This might take a minute or two, depending on the speed of your internet connection
[upgrade/prepull] You can also perform this action in beforehand using 'kubeadm config images pull'
W0601 11:47:50.032028 16109 checks.go:835] detected that the sandbox image "k8s.gcr.io/pause:3.6" of the container runtime is inconsistent with that used by kubeadm. It is recommended that using "registry.k8s.io/pause:3.9" as the CRI sandbox image.
[upgrade/apply] Upgrading your Static Pod-hosted control plane to version "v1.29.0" (timeout: 5m0s)...
[upgrade/etcd] Upgrading to TLS for etcd
[upgrade/staticpods] Preparing for "etcd" upgrade
[upgrade/staticpods] Renewing etcd-server certificate
[upgrade/staticpods] Renewing etcd-peer certificate
[upgrade/staticpods] Renewing etcd-healthcheck-client certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/etcd.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2024-06-01-11-47-53/etcd.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
[apiclient] Found 1 Pods for label selector component=etcd
[upgrade/staticpods] Component "etcd" upgraded successfully!
[upgrade/etcd] Waiting for etcd to become available
[upgrade/staticpods] Writing new Static Pod manifests to "/etc/kubernetes/tmp/kubeadm-upgraded-manifests3191775749"
[upgrade/staticpods] Preparing for "kube-apiserver" upgrade
[upgrade/staticpods] Renewing apiserver certificate
[upgrade/staticpods] Renewing apiserver-kubelet-client certificate
[upgrade/staticpods] Renewing front-proxy-client certificate
[upgrade/staticpods] Renewing apiserver-etcd-client certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/kube-apiserver.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2024-06-01-11-47-53/kube-apiserver.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
[apiclient] Found 1 Pods for label selector component=kube-apiserver
[upgrade/staticpods] Component "kube-apiserver" upgraded successfully!
[upgrade/staticpods] Preparing for "kube-controller-manager" upgrade
[upgrade/staticpods] Renewing controller-manager.conf certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/kube-controller-manager.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2024-06-01-11-47-53/kube-controller-manager.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
[apiclient] Found 1 Pods for label selector component=kube-controller-manager
[upgrade/staticpods] Component "kube-controller-manager" upgraded successfully!
[upgrade/staticpods] Preparing for "kube-scheduler" upgrade
[upgrade/staticpods] Renewing scheduler.conf certificate
[upgrade/staticpods] Moved new manifest to "/etc/kubernetes/manifests/kube-scheduler.yaml" and backed up old manifest to "/etc/kubernetes/tmp/kubeadm-backup-manifests-2024-06-01-11-47-53/kube-scheduler.yaml"
[upgrade/staticpods] Waiting for the kubelet to restart the component
[upgrade/staticpods] This might take a minute or longer depending on the component/version gap (timeout 5m0s)
[apiclient] Found 1 Pods for label selector component=kube-scheduler
[upgrade/staticpods] Component "kube-scheduler" upgraded successfully!
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster
[upgrade] Backing up kubelet config file to /etc/kubernetes/tmp/kubeadm-kubelet-config1775858817/config.yaml
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "super-admin.conf" kubeconfig file
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
[upgrade/successful] SUCCESS! Your cluster was upgraded to "v1.29.0". Enjoy!
[upgrade/kubelet] Now that your control plane is upgraded, please proceed with upgrading your kubelets if you haven't already done so.
controlplane ~ ➜
controlplane ~ ➜ kubectl drain controlplane --ignore-daemonsets
node/controlplane cordoned
Warning: ignoring DaemonSet-managed Pods: kube-system/kube-proxy-r4975, kube-system/weave-net-lb2bs
node/controlplane drained
controlplane ~ ➜ sudo apt-mark unhold kubelet kubectl
Canceled hold on kubelet.
Canceled hold on kubectl.- docs1에서 이부분에는 -y이 포함되어 있는데 -y 옵션을 빼고 설치해주고 설치하는 과정에서 Y를 직접 입력해야 업데이트가 잘 된다(? -> 이유는 잘 모르겠음 ㅠㅠ)
controlplane ~ ➜ sudo apt-get update && sudo apt-get install -y kubelet='1.29.0-*' kubectl='1.29.0-*'
Hit:2 https://download.docker.com/linux/ubuntu focal InRelease
Hit:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb InRelease
Hit:3 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:4 http://archive.ubuntu.com/ubuntu focal InRelease
Hit:5 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Selected version '1.29.0-1.1' (isv:kubernetes:core:stable:v1.29:pkgs.k8s.io [amd64]) for 'kubelet'
Selected version '1.29.0-1.1' (isv:kubernetes:core:stable:v1.29:pkgs.k8s.io [amd64]) for 'kubectl'
The following packages will be DOWNGRADED:
kubectl kubelet
0 upgraded, 0 newly installed, 2 downgraded, 0 to remove and 81 not upgraded.
E: Packages were downgraded and -y was used without --allow-downgrades.
controlplane ~ ✖ sudo apt-get install kubelet='1.29.0-*' kubectl='1.29.0-*'
Reading package lists... Done
Building dependency tree
Reading state information... Done
Selected version '1.29.0-1.1' (isv:kubernetes:core:stable:v1.29:pkgs.k8s.io [amd64]) for 'kubelet'
Selected version '1.29.0-1.1' (isv:kubernetes:core:stable:v1.29:pkgs.k8s.io [amd64]) for 'kubectl'
The following packages will be DOWNGRADED:
kubectl kubelet
0 upgraded, 0 newly installed, 2 downgraded, 0 to remove and 81 not upgraded.
Need to get 30.3 MB of archives.
After this operation, 246 kB disk space will be freed.
Do you want to continue? [Y/n] Y
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubectl 1.29.0-1.1 [10.5 MB]
Get:2 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubelet 1.29.0-1.1 [19.8 MB]
Fetched 30.3 MB in 0s (62.3 MB/s)
debconf: delaying package configuration, since apt-utils is not installed
dpkg: warning: downgrading kubectl from 1.29.5-1.1 to 1.29.0-1.1
(Reading database ... 20477 files and directories currently installed.)
Preparing to unpack .../kubectl_1.29.0-1.1_amd64.deb ...
Unpacking kubectl (1.29.0-1.1) over (1.29.5-1.1) ...
dpkg: warning: downgrading kubelet from 1.29.5-1.1 to 1.29.0-1.1
Preparing to unpack .../kubelet_1.29.0-1.1_amd64.deb ...
Unpacking kubelet (1.29.0-1.1) over (1.29.5-1.1) ...
Setting up kubectl (1.29.0-1.1) ...
Setting up kubelet (1.29.0-1.1) ...
controlplane ~ ➜ sudo systemctl daemon-reload
controlplane ~ ➜ sudo systemctl restart kubelet
controlplane ~ ➜ kubectl uncordon controlplane
node/controlplane uncordoned- 여기까지가 docs1을 보고 진행힌 내용
- 문제에서 node01은 업데이트하기전에 drain하라고 했으니 controlplane에서 node01을 drain해준다
controlplane ~ ➜ kubectl drain node01 --ignore-daemonsets
node/node01 cordoned
Warning: ignoring DaemonSet-managed Pods: kube-system/kube-proxy-rpcp7, kube-system/weave-net-w95db
evicting pod kube-system/coredns-76f75df574-q2x6v
evicting pod admin2406/deploy4-c669bb985-644b5
evicting pod admin2406/deploy2-5d4697f587-jczxz
evicting pod default/gold-nginx-5d9489d9cc-6zmrw
evicting pod admin2406/deploy3-59985b7bb9-55nwf
evicting pod admin2406/deploy5-7d5f6f769b-g4sjf
evicting pod kube-system/coredns-76f75df574-mh69q
evicting pod admin2406/deploy1-67b55d4f9f-dw6sg
pod/deploy2-5d4697f587-jczxz evicted
pod/deploy5-7d5f6f769b-g4sjf evicted
pod/deploy1-67b55d4f9f-dw6sg evicted
pod/deploy4-c669bb985-644b5 evicted
pod/deploy3-59985b7bb9-55nwf evicted
pod/gold-nginx-5d9489d9cc-6zmrw evicted
I0601 11:53:24.217906 21647 request.go:697] Waited for 1.003005211s due to client-side throttling, not priority and fairness, request: GET:https://controlplane:6443/api/v1/namespaces/kube-system/pods/coredns-76f75df574-mh69q
pod/coredns-76f75df574-mh69q evicted
pod/coredns-76f75df574-q2x6v evicted
node/node01 drained- node01을 업데이트하기 위해
ssh node01로 접속해준다 - 여기서부터 docs2보고 진행
controlplane ~ ➜ ssh node01
root@node01 ~ ➜ sudo apt-mark unhold kubeadm && \
> sudo apt-get update && sudo apt-get install -y kubeadm='1.29.0-*'
Canceled hold on kubeadm.
Get:2 https://download.docker.com/linux/ubuntu focal InRelease [57.7 kB]
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb InRelease [1189 B]
Get:3 https://download.docker.com/linux/ubuntu focal/stable amd64 Packages [52.2 kB]
Get:4 http://security.ubuntu.com/ubuntu focal-security InRelease [128 kB]
Get:5 http://archive.ubuntu.com/ubuntu focal InRelease [265 kB]
Get:6 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb Packages [15.1 kB]
Get:7 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages [3675 kB]
Get:8 http://archive.ubuntu.com/ubuntu focal-updates InRelease [128 kB]
Get:9 http://archive.ubuntu.com/ubuntu focal-backports InRelease [128 kB]
Get:10 http://archive.ubuntu.com/ubuntu focal/multiverse amd64 Packages [177 kB]
Get:11 http://archive.ubuntu.com/ubuntu focal/universe amd64 Packages [11.3 MB]
Get:12 http://security.ubuntu.com/ubuntu focal-security/multiverse amd64 Packages [29.8 kB]
Get:13 http://security.ubuntu.com/ubuntu focal-security/restricted amd64 Packages [3616 kB]
Get:14 http://security.ubuntu.com/ubuntu focal-security/universe amd64 Packages [1208 kB]
Get:15 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages [1275 kB]
Get:16 http://archive.ubuntu.com/ubuntu focal/restricted amd64 Packages [33.4 kB]
Get:17 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages [4149 kB]
Get:18 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 Packages [1504 kB]
Get:19 http://archive.ubuntu.com/ubuntu focal-updates/restricted amd64 Packages [3766 kB]
Get:20 http://archive.ubuntu.com/ubuntu focal-updates/multiverse amd64 Packages [32.5 kB]
Get:21 http://archive.ubuntu.com/ubuntu focal-backports/universe amd64 Packages [28.6 kB]
Get:22 http://archive.ubuntu.com/ubuntu focal-backports/main amd64 Packages [55.2 kB]
Fetched 31.7 MB in 3s (9727 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Version '1.29.0-*' for 'kubeadm' was not found- 마찬가지로 1.29.0 버전이 없다고 나오니까 docs1을 보고 따라해준다
root@node01 ~ ✖ sudo apt-get install -y apt-transport-https ca-certificates curl gpg
Reading package lists... Done
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20230311ubuntu0.20.04.1).
gpg is already the newest version (2.2.19-3ubuntu2.2).
gpg set to manually installed.
The following additional packages will be installed:
libcurl4
The following packages will be upgraded:
apt-transport-https curl libcurl4
3 upgraded, 0 newly installed, 0 to remove and 73 not upgraded.
Need to get 398 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 apt-transport-https all 2.0.10 [1704 B]
Get:2 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 curl amd64 7.68.0-1ubuntu2.22 [161 kB]
Get:3 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 libcurl4 amd64 7.68.0-1ubuntu2.22 [235 kB]
Fetched 398 kB in 0s (1252 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 14854 files and directories currently installed.)
Preparing to unpack .../apt-transport-https_2.0.10_all.deb ...
Unpacking apt-transport-https (2.0.10) over (2.0.9) ...
Preparing to unpack .../curl_7.68.0-1ubuntu2.22_amd64.deb ...
Unpacking curl (7.68.0-1ubuntu2.22) over (7.68.0-1ubuntu2.19) ...
Preparing to unpack .../libcurl4_7.68.0-1ubuntu2.22_amd64.deb ...
Unpacking libcurl4:amd64 (7.68.0-1ubuntu2.22) over (7.68.0-1ubuntu2.19) ...
Setting up apt-transport-https (2.0.10) ...
Setting up libcurl4:amd64 (7.68.0-1ubuntu2.22) ...
Setting up curl (7.68.0-1ubuntu2.22) ...
Processing triggers for libc-bin (2.31-0ubuntu9.9) ...
root@node01 ~ ➜
root@node01 ~ ➜ curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
File '/etc/apt/keyrings/kubernetes-apt-keyring.gpg' exists. Overwrite? (y/N) y
root@node01 ~ ➜ echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /
root@node01 ~ ➜ sudo apt-get update
Hit:2 https://download.docker.com/linux/ubuntu focal InRelease
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb InRelease [1186 B]
Hit:3 http://archive.ubuntu.com/ubuntu focal InRelease
Get:4 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb Packages [9029 B]
Hit:5 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:6 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:7 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Fetched 10.2 kB in 1s (16.2 kB/s)
Reading package lists... Done
root@node01 ~ ➜ sudo apt-get install -y kubelet kubeadm kubectl
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following held packages will be changed:
kubectl kubelet
The following packages will be upgraded:
kubeadm kubectl kubelet
3 upgraded, 0 newly installed, 0 to remove and 72 not upgraded.
E: Held packages were changed and -y was used without --allow-change-held-packages.- 이 때도 docs 커맨드에는 -y가 있어서 그대로 진행하면 업데이트가 제대로 안되서 -y옵션을 커맨드에서 지운 후 설치하는 과정에서 직접 Y를 입력해준다
root@node01 ~ ✖ sudo apt-get install kubelet kubeadm kubectl
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following held packages will be changed:
kubectl kubelet
The following packages will be upgraded:
kubeadm kubectl kubelet
3 upgraded, 0 newly installed, 0 to remove and 72 not upgraded.
Need to get 40.5 MB of archives.
After this operation, 1257 kB disk space will be freed.
Do you want to continue? [Y/n] Y
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubelet 1.29.5-1.1 [19.8 MB]
Get:2 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubectl 1.29.5-1.1 [10.5 MB]
Get:3 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubeadm 1.29.5-1.1 [10.1 MB]
Fetched 40.5 MB in 1s (78.4 MB/s)
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 14854 files and directories currently installed.)
Preparing to unpack .../kubelet_1.29.5-1.1_amd64.deb ...
Unpacking kubelet (1.29.5-1.1) over (1.28.0-1.1) ...
Preparing to unpack .../kubectl_1.29.5-1.1_amd64.deb ...
Unpacking kubectl (1.29.5-1.1) over (1.28.0-1.1) ...
Preparing to unpack .../kubeadm_1.29.5-1.1_amd64.deb ...
Unpacking kubeadm (1.29.5-1.1) over (1.28.0-1.1) ...
Setting up kubectl (1.29.5-1.1) ...
Setting up kubelet (1.29.5-1.1) ...
Setting up kubeadm (1.29.5-1.1) ...
root@node01 ~ ➜ sudo apt-mark hold kubelet kubeadm kubectl
kubelet set on hold.
kubeadm set on hold.
kubectl set on hold.- 여기서부터 다시 docs 3을 보고 진행해준다
root@node01 ~ ➜ sudo apt-mark unhold kubeadm && \
> sudo apt-get update && sudo apt-get install kubeadm='1.29.0-*'
Canceled hold on kubeadm.
Hit:2 https://download.docker.com/linux/ubuntu focal InRelease
Hit:3 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb InRelease
Hit:4 http://archive.ubuntu.com/ubuntu focal InRelease
Hit:5 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Selected version '1.29.0-1.1' (isv:kubernetes:core:stable:v1.29:pkgs.k8s.io [amd64]) for 'kubeadm'
The following packages will be DOWNGRADED:
kubeadm
0 upgraded, 0 newly installed, 1 downgraded, 0 to remove and 72 not upgraded.
Need to get 10.1 MB of archives.
After this operation, 123 kB disk space will be freed.
Do you want to continue? [Y/n] Y
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubeadm 1.29.0-1.1 [10.1 MB]
Fetched 10.1 MB in 0s (41.8 MB/s)
debconf: delaying package configuration, since apt-utils is not installed
dpkg: warning: downgrading kubeadm from 1.29.5-1.1 to 1.29.0-1.1
(Reading database ... 14854 files and directories currently installed.)
Preparing to unpack .../kubeadm_1.29.0-1.1_amd64.deb ...
Unpacking kubeadm (1.29.0-1.1) over (1.29.5-1.1) ...
Setting up kubeadm (1.29.0-1.1) ...
root@node01 ~ ➜ sudo kubeadm upgrade node
[upgrade] Reading configuration from the cluster...
[upgrade] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[preflight] Running pre-flight checks
[preflight] Skipping prepull. Not a control plane node.
[upgrade] Skipping phase. Not a control plane node.
[upgrade] Backing up kubelet config file to /etc/kubernetes/tmp/kubeadm-kubelet-config2212668044/config.yaml
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[upgrade] The configuration for this node was successfully updated!
[upgrade] Now you should go ahead and upgrade the kubelet package using your package manager.
root@node01 ~ ➜ sudo apt-mark unhold kubelet kubectl && \
> sudo apt-get update && sudo apt-get install kubelet='1.29.0-*' kubectl='1.29.0-*'
Canceled hold on kubelet.
Canceled hold on kubectl.
Hit:2 https://download.docker.com/linux/ubuntu focal InRelease
Hit:3 http://archive.ubuntu.com/ubuntu focal InRelease
Hit:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb InRelease
Hit:4 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:5 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Hit:6 http://security.ubuntu.com/ubuntu focal-security InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Selected version '1.29.0-1.1' (isv:kubernetes:core:stable:v1.29:pkgs.k8s.io [amd64]) for 'kubelet'
Selected version '1.29.0-1.1' (isv:kubernetes:core:stable:v1.29:pkgs.k8s.io [amd64]) for 'kubectl'
The following packages will be DOWNGRADED:
kubectl kubelet
0 upgraded, 0 newly installed, 2 downgraded, 0 to remove and 73 not upgraded.
Need to get 30.3 MB of archives.
After this operation, 246 kB disk space will be freed.
Do you want to continue? [Y/n] Y
Get:1 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubectl 1.29.0-1.1 [10.5 MB]
Get:2 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.29/deb kubelet 1.29.0-1.1 [19.8 MB]
Fetched 30.3 MB in 0s (73.4 MB/s)
debconf: delaying package configuration, since apt-utils is not installed
dpkg: warning: downgrading kubectl from 1.29.5-1.1 to 1.29.0-1.1
(Reading database ... 14854 files and directories currently installed.)
Preparing to unpack .../kubectl_1.29.0-1.1_amd64.deb ...
Unpacking kubectl (1.29.0-1.1) over (1.29.5-1.1) ...
dpkg: warning: downgrading kubelet from 1.29.5-1.1 to 1.29.0-1.1
Preparing to unpack .../kubelet_1.29.0-1.1_amd64.deb ...
Unpacking kubelet (1.29.0-1.1) over (1.29.5-1.1) ...
Setting up kubectl (1.29.0-1.1) ...
Setting up kubelet (1.29.0-1.1) ...
root@node01 ~ ➜ sudo apt-mark hold kubelet kubectl
kubelet set on hold.
kubectl set on hold.
root@node01 ~ ➜ sudo systemctl daemon-reload
root@node01 ~ ➜ sudo systemctl restart kubelet- 업데이트가 끝났으면 node01을 undordon해주는데 node01안에서가 아니라 밖에서 진행해준다
root@node01 ~ ➜ kubectl uncordon node01
E0601 11:57:03.446254 19319 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
E0601 11:57:03.446804 19319 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
E0601 11:57:03.448388 19319 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
E0601 11:57:03.448763 19319 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused
The connection to the server localhost:8080 was refused - did you specify the right host or port?
root@node01 ~ ✖ exit
logout
Connection to node01 closed.- exit해서 node01을 나오고 다시 controlplane에서 node01을 uncordon해준다
controlplane ~ ✖ kubectl uncordon node01
node/node01 uncordoned문제 2
Weight: 15
Print the names of all deployments in the admin2406 namespace in the following format:
DEPLOYMENT CONTAINER_IMAGE READY_REPLICAS NAMESPACE
<deployment name> <container image used> <ready replica count> <Namespace>
. The data should be sorted by the increasing order of the deployment name.
Example:
DEPLOYMENT CONTAINER_IMAGE READY_REPLICAS NAMESPACE
deploy0 nginx:alpine 1 admin2406
Write the result to the file /opt/admin2406_data.
docs
- custom columns 만들기
- sorted by the increasing order of the deployment name
정답
- 먼저 admin2406 namespace의 deployment 확인
controlplane ~ ➜ kubectl get deployments.apps -n=admin2406
NAME READY UP-TO-DATE AVAILABLE AGE
deploy1 1/1 1 1 46s
deploy2 1/1 1 1 46s
deploy3 1/1 1 1 46s
deploy4 1/1 1 1 46s
deploy5 1/1 1 1 46s
- custom columns 만들기위해 json으로 형식 확인
- dosc1을 보고 형식 및 indent에 맞춰서 작성해준다
controlplane ~ ✖ kubectl get deployments.apps deploy1 -n admin2406 -o json{
"apiVersion": "apps/v1",
"kind": "Deployment",
"metadata": {
"annotations": {
"deployment.kubernetes.io/revision": "1"
},
"creationTimestamp": "2024-06-02T06:55:00Z",
"generation": 1,
"labels": {
"app": "deploy1"
},
"name": "deploy1",
"namespace": "admin2406",
"resourceVersion": "4493",
"uid": "8639b2c3-7ebb-4ceb-8cd1-9d23ebb74e12"
},
"spec": {
"progressDeadlineSeconds": 600,
"replicas": 1,
"revisionHistoryLimit": 10,
"selector": {
"matchLabels": {
"app": "deploy1"
}
},
"strategy": {
"rollingUpdate": {
"maxSurge": "25%",
"maxUnavailable": "25%"
},
"type": "RollingUpdate"
},
"template": {
"metadata": {
"creationTimestamp": null,
"labels": {
"app": "deploy1"
}
},
"spec": {
"containers": [
{
"image": "nginx",
"imagePullPolicy": "Always",
"name": "nginx",
"resources": {},
"terminationMessagePath": "/dev/termination-log",
"terminationMessagePolicy": "File"
}
],
"dnsPolicy": "ClusterFirst",
"restartPolicy": "Always",
"schedulerName": "default-scheduler",
"securityContext": {},
"terminationGracePeriodSeconds": 30
}
}
},
"status": {
"availableReplicas": 1,
"conditions": [
{
"lastTransitionTime": "2024-06-02T06:55:03Z",
"lastUpdateTime": "2024-06-02T06:55:03Z",
"message": "Deployment has minimum availability.",
"reason": "MinimumReplicasAvailable",
"status": "True",
"type": "Available"
},
{
"lastTransitionTime": "2024-06-02T06:55:00Z",
"lastUpdateTime": "2024-06-02T06:55:03Z",
"message": "ReplicaSet \"deploy1-67b55d4f9f\" has successfully progressed.",
"reason": "NewReplicaSetAvailable",
"status": "True",
"type": "Progressing"
}
],
"observedGeneration": 1,
"readyReplicas": 1,
"replicas": 1,
"updatedReplicas": 1
}
}- 이때 -n admin2406을 꼭 넣어준다! 안그러면 결과 파일 내용이 달라짐
- sortby는 docs2 확인
controlplane ~ ➜ kubectl get deployments.apps -n admin2406 -o custom-columns=DEPLOYMENT:.metadata.name,CONTAINER_IMAGE:.spec.template.spec.containers[].image,READY_R
EPLICAS:.status.readyReplicas,NAMESPACE:.metadata.namespace --sort-by=.metadata.name > /opt/admin2406_data- 결과 확인
controlplane ~ ➜ cat /opt/admin2406_data
DEPLOYMENT CONTAINER_IMAGE READY_REPLICAS NAMESPACE
deploy1 nginx 1 admin2406
deploy2 nginx:alpine 1 admin2406
deploy3 nginx:1.16 1 admin2406
deploy4 nginx:1.17 1 admin2406
deploy5 nginx:latest 1 admin2406
문제 3
Weight: 8
A kubeconfig file called admin.kubeconfig has been created in /root/CKA. There is something wrong with the configuration. Troubleshoot and fix it.
Fix /root/CKA/admin.kubeconfig
docs
- Controlplane 기본 포트 참고
정답
- 에러메세지 확인
controlplane ~ ➜ kubectl cluster-info --kubeconfig /root/CKA/admin.kubeconfig
E0602 04:12:16.261030 12134 memcache.go:265] couldn't get current server API group list: Get "https://controlplane:4380/api?timeout=32s": dial tcp 192.9.112.11:4380: connect: connection refused
E0602 04:12:16.261381 12134 memcache.go:265] couldn't get current server API group list: Get "https://controlplane:4380/api?timeout=32s": dial tcp 192.9.112.11:4380: connect: connection refused
E0602 04:12:16.262717 12134 memcache.go:265] couldn't get current server API group list: Get "https://controlplane:4380/api?timeout=32s": dial tcp 192.9.112.11:4380: connect: connection refused
E0602 04:12:16.264146 12134 memcache.go:265] couldn't get current server API group list: Get "https://controlplane:4380/api?timeout=32s": dial tcp 192.9.112.11:4380: connect: connection refused
E0602 04:12:16.265462 12134 memcache.go:265] couldn't get current server API group list: Get "https://controlplane:4380/api?timeout=32s": dial tcp 192.9.112.11:4380: connect: connection refused
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
The connection to the server controlplane:4380 was refused - did you specify the right host or port?controlplane ~ ➜ cat /root/CKA/admin.kubeconfig
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJSkpQNi90ZkcyYTR3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TkRBMk1ESXdOakk1TkRCYUZ3MHpOREExTXpFd05qTTBOREJhTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUURSUGFGUGRKY2JBM3k0TVZvellSTnpiQThGQzR4eHMzRW1CMnlkcWhMUk40OUFNejBYa09iekc3UzAKSFgrREJJUEZueWlPSGdnQXFtVWNnOWU4T2wwaVNYdE9YWmZZa09ybEt5WHE1R2JjakpIcHZCWXI0L09UZzZKRQpTUW1lRU1IeDZBOTRIWmZRamFGYUN4Tm1aZG1XditteHk3STVjZFhHaVR6N3JNOXFHdWtjSyt6MTVFcnc3YTRBCm9zT2pMZGh4SVJHK3hvcEpESGdVV2ZFeWpxYTBhOGh3ck01UGJldGpPRmpRYUZaL2pYRDFEcTVnV3k5bWxsb2YKYjVhYnQ3dE5VK2o2b3psRVRoTzd5emMzL2psNy9ZTUFvZ1VHUUxOQlh5Tk5tQXEvSjROYzNIODcydWxTUHlQVAozZXRUeGRUMk1RWTZ0ZlY0Y0xmZGJ4TzM2ZXpOQWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJUa0lXUmFBMXdRU1ZjZjRBeUwzVjNOODdtSUxUQVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRRE9hcEhSb1Q0MwpWazIrbkpmc3liM0VpS1BxVnlzNzk5NmJkcXlWekp5cWUzcDJoSlBNSmdJN043TEhjOEc2S1RseTI4MVZpWlJyCkpGREdqOUJ1TnFnVjQwa0plM3V0WlkzN1FLWkxmTEdZaFpxQWNiRDFCeTNrWCtlYzNaTEV1bWNlU2xLMW5NdFoKbGovcU1qamh4RGJubEJIczdwTThJMFp2VThQVi9uNFBSeDMxRU9QZmNVdFFlU0psd3dpT3Zrd2t5bE1XSWtHUQpTTmZpVm1aSTVKNUt3MUZqa1VPN05ieENpWE5GcTB0MmZHWisxQmtkbGhLZlhGVXZaSmRHK05vVFg5WS9jSHFjCm9GZWN3SXpGbk1HMlRVcEdRcndhUnpHVVBDUEY2WEtDcW9paG5OeUdyRW1IV251ZmxJOWtrbU1CYVJEeXlNOHEKNzRmNEIyb0lIeUlkCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://controlplane:4380
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURJVENDQWdtZ0F3SUJBZ0lJYjM3alVlRDhGREF3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TkRBMk1ESXdOakk1TkRCYUZ3MHlOVEEyTURJd05qTTBORE5hTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXIrSm5YdHdmQmJndzIzYXAKcjJQZGNJbGl6QlBRZXBNb1ZsaXcza2NmUmdYWWRibEZERXJNOHpPYWJxa3BEQ2UrdVozVTNvWXVqaW1DdWVlZgp0ZkNjaU1EdVZCaHRTcTNqYTFBREVTb3pkb3hEbTlTSWRLd1BPOVMwMThydUQrMW16RDJ0V3Z1WDYxV1NQNEFHClE4WFFMb2dZQ2NmTnZyZG9MaG90eFpYOUZaTVJrOTNpdW1oNXViRGpvRG1tLytRVkFMYWpvNU5wY3JqdjkxVFkKNVBWV0E4aXVVLzRTNVZCUDcwVHE2Qk9qTXIvbFpybERiK1grYnRXM1pSVFBBOEE3YmkvUUh3Wk83cUl1eW4vRQoway9VRkppWHVMazlvampRVEwwbHdsQ1Q3cnNlaGJlMHRwS256cVRqdG15OTVBWUdnKzM3OVBXanRRRiszUW1yCjJ3dVYyd0lEQVFBQm8xWXdWREFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JUa0lXUmFBMXdRU1ZjZjRBeUwzVjNOODdtSQpMVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBTGt5dytMTW5jOWRjd2k4bTlya1NILzV3NE1vc3FtQjFkRFFvCmk5NmVrck9JMm5NNCsxWDVaVDFUck90MWF6dEs5RUdzc3RRSFFBYWwyTXVtU1I4ZHZuc3o5bHNXNkJibkgvTlMKTGFBNnloNFU3MlpnQUp5L0JiN2Z5K3VKMXkrRk10WFpQVWNqQm8xVWFkVHVWa2FZMHVkSGplTTZHN1I4RDhGUApzbDNBVzVWVklJemVGTm5rRjhlRnpoZnJ1NTUxU3VtR1pmNGszOENqSUN5YndRNzhDSjNqTEFUMjVCNUhwdjBBCnVxdnQ1TFJRZUZseUpXOElOWXNlVkN5YktHSGUrMXdrQUI2WURHU1FGczJjRk5DZzVuUmVXMEhDZElDUi9aN0kKV1ZBbXRPd0l4NTVZWGliSzZYeTBmcUJReEcxMWNPNmxhWUM1SUdnMTZCak5WL2JCalE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBcitKblh0d2ZCYmd3MjNhcHIyUGRjSWxpekJQUWVwTW9WbGl3M2tjZlJnWFlkYmxGCkRFck04ek9hYnFrcERDZSt1WjNVM29ZdWppbUN1ZWVmdGZDY2lNRHVWQmh0U3EzamExQURFU296ZG94RG05U0kKZEt3UE85UzAxOHJ1RCsxbXpEMnRXdnVYNjFXU1A0QUdROFhRTG9nWUNjZk52cmRvTGhvdHhaWDlGWk1SazkzaQp1bWg1dWJEam9EbW0vK1FWQUxham81TnBjcmp2OTFUWTVQVldBOGl1VS80UzVWQlA3MFRxNkJPak1yL2xacmxECmIrWCtidFczWlJUUEE4QTdiaS9RSHdaTzdxSXV5bi9FMGsvVUZKaVh1TGs5b2pqUVRMMGx3bENUN3JzZWhiZTAKdHBLbnpxVGp0bXk5NUFZR2crMzc5UFdqdFFGKzNRbXIyd3VWMndJREFRQUJBb0lCQUJKZ0pncWNGc1dqTTcrSwpDenBleGFEZlNhb21tODVpbDRGRjdOeWNNNkUrTlJvL2kvNDN4bWZXU1Zrc1pUUjI1bzgvOVNCMmhtQ2w1NW1DCm9JWUNxR2dGT0NFakdEQUlNTTFpWTUra2VCSDNuNHlsVE1oYnZZK3pybDBwUDJ2OGtwUGVFY0dDcmFHUnBDRHMKUUR0T2JHeWdIVnJRUENlanc4ZWxSb2p4SGFybU1VWW1JazNTVk0xN2E4c3JNQzJxWkR4amtFRmFMMXFNbUFmagorYllCRmJrZU5TQ1JmK2d4cFhYcnFUN3d6V2dsTkltYUZMWG92VFdLL3VKTmZEbzg1RVRJb3lQWXhFSjU5RzJwCmJGWVNud2gvQUdOT0dHUGRkTkpkN2VFQWRNQk1Wckc2U0tuQlgvOFNsWDlNWXFBQXhOSFpzUFNndGtBdkszMnUKbEF0U29Wa0NnWUVBMU53dEFpWW9qa0w5UEI4dDRNN1F1dlpmWVoyVGhGanc0aEZtYlVRS3FWem9jY0IvYVQ1SQpKaXFIc3FJdUkxVUptR2l6V3ZoQWE2UktyN3c2ODB1QWlmaFp0aFhSekl0aDlYcmZaNnNWM1dxWGhJRnlhWUZQClRuSjVjOVo1SXg0ZWJXL0ZJK2xzUVdVTDVwUGhWcGowVkYxOUY1OVpZdXJxM3dWS3FnOHFVWGNDZ1lFQTA0ZlIKZHBWL1JTcCswRmtLYzk0Tkw2L3hUL2o0elZUYmd4ZnJjYmxEcTJrVE9iNDA0SXpwOTA5ZkpNNzJIOXFmbEkrMApGdzNSOHdUY21KRVliVkpKR0tDdjdrWHRnUnQrZXNGbjFSUFN4RlduZFhZNG1FN242VWF6Wnk4WFdOdWpiQWJFCnYvdi9IU2JETGVUbEk1cjBNL0M3Vndma1RqYy9XazR3MUFsU1Y3MENnWUVBaGdOYy91WmhVRGZTMFlCYjFSYkEKaVlWRnhlSjhscTJjY3VnN2tYMXVMUFVHajE5L21CWVRQSnc0TlBvd2pDUWsxMlRMenZGUE5iWUpJNTBoakQyegozcW1TYWJaUkVUT0w2QTZGQ3ZMRzRGRVV0ZUw5MG5rTUlqcW1Sb3o0VldqSUJXU0NQTHJnWWtlbzkzR1JSSUVtCkN0dVZQME1lOXMwcU5HRlRnYi9zaDc4Q2dZQnhDc0VPblQvaFo1OVRtbkh5ajdUK1Nna3Nrc0hyZ1RDNTh2dDQKeitmdzMzdE52VzhtblVlZlNZUnYrRVlocWNUa01KT3VTazFya0txT3dlT0s4SkZ0bnRuRi9RcTZsMFhWTml4VgorMzBFUFQzN2tNMFgzL3NoZUE0QjAzR25vK0RHcHl0WDZjUmhBTWtIYXE1bGc3YURWMS9XVjdwVGJrVGw3cWs3CmR5dlJCUUtCZ1FDN3hGTUZWOEx1VzlCb01vSzBwcElpVWFHUG0rMVFBU0JUZVp3Rk9CeXlDY1hhVHhqUXpzS2MKU0RhY3VIemFxbnZxRnhWSEVPa1d5ZUVzcUZYTUtrSnhMaklNWGd3cmxpYlM3eGdGQ2czL1JoUXY1QTR1b2RWTAp0dXRFVnkxOWJ6NGVTd3lZSlhWd29oWTdneUJ5YnN1VVBLSVY2R0VHQ0Z1TWZoeE1maTFjZWc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=- 파일을 편집해서 kubernetes api server 프로세스의 기본 포트를 4380 -> 6443으로 고쳐준다(docs1 참고)
controlplane ~ ➜ vi /root/CKA/admin.kubeconfig문제 4
Weight: 12
Create a new deployment called nginx-deploy, with image nginx:1.16 and 1 replica. Next upgrade the deployment to version 1.17 using rolling update.
Image: nginx:1.16
Task: Upgrade the version of the deployment to 1:17
docs
- create deployment
- rolling update
정답
- docs1을 보고 deployment를 조건에 맞게 만들어준다
kubectl create deployment nginx-deploy --image=nginx:1.16 --replicas=1 --dry-run=client -o yaml > test.yaml이렇게 만드는 것도 가능
controlplane ~ ✖ cat > 4.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deploy
labels:
app: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.16
controlplane ~ ➜ kubectl create -f 4.yaml
deployment.apps/nginx-deploy created- docs2를 보고 rolling update를 해준다
controlplane ~ ➜ kubectl set image deployment/nginx-deploy nginx=nginx:1.17
deployment.apps/nginx-deploy image updated문제 5
Weight: 20
A new deployment called alpha-mysql has been deployed in the alpha namespace. However, the pods are not running. Troubleshoot and fix the issue. The deployment should make use of the persistent volume alpha-pv to be mounted at /var/lib/mysql and should use the environment variable MYSQL_ALLOW_EMPTY_PASSWORD=1 to make use of an empty root password.
Important: Do not alter the persistent volume.
Troubleshoot and fix the issues
docs
- create a PersistentVolumeClaim
정답
- running되지 않은 pod 상태 확인
controlplane ~ ➜ kubectl describe -n alpha pods
Name: alpha-mysql-5b944d484-h9v84
Namespace: alpha
Priority: 0
Service Account: default
Node: <none>
Labels: app=alpha-mysql
pod-template-hash=5b944d484
Annotations: <none>
Status: Pending
IP:
IPs: <none>
Controlled By: ReplicaSet/alpha-mysql-5b944d484
Containers:
mysql:
Image: mysql:5.6
Port: 3306/TCP
Host Port: 0/TCP
Environment:
MYSQL_ALLOW_EMPTY_PASSWORD: 1
Mounts:
/var/lib/mysql from mysql-data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-z47c8 (ro)
Conditions:
Type Status
PodScheduled False
Volumes:
mysql-data:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: mysql-alpha-pvc
ReadOnly: false
kube-api-access-z47c8:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 2m35s default-scheduler 0/2 nodes are available: persistentvolumeclaim "mysql-alpha-pvc" not found. preemption: 0/2 nodes are available: 2 No preemption victims found for incoming pod..
controlplane ~ ➜ kubectl get pvc -n alpha
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
alpha-claim Pending slow-storage 3m
- mysql-alpha-pvc가 없기 때문이므로 만들어준다
- pvc를 만들기 전에 pv가 어떤 storageclass를 사용하는지 확인
controlplane ~ ➜ kubectl get pv -n alpha
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
alpha-pv 1Gi RWO Retain Available slow 6m37s- pv의 storage class가 slow이고, capacity가 1Gi이므로 pvc도 맞춰서 생성해준다
- pvc를 만들때는 docs1를 참고해서 만든다 -> 이때 namespace도 까먹지말고 넣어준다!
controlplane ~ ➜ cat > 5.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-alpha-pvc
namespace: alpha
spec:
storageClassName: slow
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
controlplane ~ ➜ kubectl apply -f 5.yaml
persistentvolumeclaim/mysql-alpha-pvc created- pvc를 생성한 후 pod가 running되는지 확인
controlplane ~ ➜ kubectl get pods -n alpha
NAME READY STATUS RESTARTS AGE
alpha-mysql-5b944d484-rqmf8 0/1 ContainerCreating 0 6m13s문제 6
Weight: 10
Take the backup of ETCD at the location /opt/etcd-backup.db on the controlplane node.
Troubleshoot and fix the issues
docs
- Snapshot using etcdctl options
정답
- etcd pod 이름 확인
- kube-system는 쿠버네티스 시스템에 의해 생성되는 API 오브젝트들을 관리하기 위한 Namespace
controlplane ~ ➜ kubectl get all -n kube-system
NAME READY STATUS RESTARTS AGE
pod/coredns-5dd5756b68-bg4ng 1/1 Running 0 65m
pod/coredns-5dd5756b68-ztnnp 1/1 Running 0 65m
pod/etcd-controlplane 1/1 Running 0 65m
pod/kube-apiserver-controlplane 1/1 Running 0 65m
pod/kube-controller-manager-controlplane 1/1 Running 0 65m
pod/kube-proxy-82bjc 1/1 Running 0 65m
pod/kube-proxy-sg5gz 1/1 Running 0 65m
pod/kube-scheduler-controlplane 1/1 Running 0 65m
pod/weave-net-42mvq 2/2 Running 1 (65m ago) 65m
pod/weave-net-nccp6 2/2 Running 0 65m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 65m
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/kube-proxy 2 2 2 2 2 kubernetes.io/os=linux 65m
daemonset.apps/weave-net 2 2 2 2 2 <none> 65m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/coredns 2/2 2 2 65m
NAME DESIRED CURRENT READY AGE
replicaset.apps/coredns-5dd5756b68 2 2 2 65m- etcd-controlplane 확인
controlplane ~ ➜ kubectl describe pod/etcd-controlplane -n kube-system
Name: etcd-controlplane
Namespace: kube-system
Priority: 2000001000
Priority Class Name: system-node-critical
Node: controlplane/192.11.219.3
Start Time: Sun, 02 Jun 2024 04:30:48 -0400
Labels: component=etcd
tier=control-plane
Annotations: kubeadm.kubernetes.io/etcd.advertise-client-urls: https://192.11.219.3:2379
kubernetes.io/config.hash: f8800009b1d504636f7981155e525d0b
kubernetes.io/config.mirror: f8800009b1d504636f7981155e525d0b
kubernetes.io/config.seen: 2024-06-02T04:30:34.454925215-04:00
kubernetes.io/config.source: file
Status: Running
SeccompProfile: RuntimeDefault
IP: 192.11.219.3
IPs:
IP: 192.11.219.3
Controlled By: Node/controlplane
Containers:
etcd:
Container ID: containerd://cfc82536d97d58ca54d9d31569c9972d243c45f68b1f8ceb4e256962d86fffde
Image: registry.k8s.io/etcd:3.5.9-0
Image ID: registry.k8s.io/etcd@sha256:e013d0d5e4e25d00c61a7ff839927a1f36479678f11e49502b53a5e0b14f10c3
Port: <none>
Host Port: <none>
Command:
etcd
--advertise-client-urls=https://192.11.219.3:2379
--cert-file=/etc/kubernetes/pki/etcd/server.crt
--client-cert-auth=true
--data-dir=/var/lib/etcd
--experimental-initial-corrupt-check=true
--experimental-watch-progress-notify-interval=5s
--initial-advertise-peer-urls=https://192.11.219.3:2380
--initial-cluster=controlplane=https://192.11.219.3:2380
--key-file=/etc/kubernetes/pki/etcd/server.key
--listen-client-urls=https://127.0.0.1:2379,https://192.11.219.3:2379
--listen-metrics-urls=http://127.0.0.1:2381
--listen-peer-urls=https://192.11.219.3:2380
--name=controlplane
--peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
--peer-client-cert-auth=true
--peer-key-file=/etc/kubernetes/pki/etcd/peer.key
--peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
--snapshot-count=10000
--trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
State: Running
Started: Sun, 02 Jun 2024 04:30:38 -0400
Ready: True
Restart Count: 0
Requests:
cpu: 100m
memory: 100Mi
Liveness: http-get http://127.0.0.1:2381/health%3Fexclude=NOSPACE&serializable=true delay=10s timeout=15s period=10s #success=1 #failure=8
Startup: http-get http://127.0.0.1:2381/health%3Fserializable=false delay=10s timeout=15s period=10s #success=1 #failure=24
Environment: <none>
Mounts:
/etc/kubernetes/pki/etcd from etcd-certs (rw)
/var/lib/etcd from etcd-data (rw)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
etcd-certs:
Type: HostPath (bare host directory volume)
Path: /etc/kubernetes/pki/etcd
HostPathType: DirectoryOrCreate
etcd-data:
Type: HostPath (bare host directory volume)
Path: /var/lib/etcd
HostPathType: DirectoryOrCreate
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: :NoExecute op=Exists
Events: <none>- docs1을 보고 cacert, cert, key에 맞는 값들을 위에서 찾고, 문제에 나온 경로를 지정해준다
controlplane ~ ✖ ETCDCTL_API=3 etcdctl --endpoints=https://127.0.0.1:2379 \
> --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key \
> snapshot save /opt/etcd-backup.db
Snapshot saved at /opt/etcd-backup.db문제 7
Weight: 20
Create a pod called secret-1401 in the admin1401 namespace using the busybox image. The container within the pod should be called secret-admin and should sleep for 4800 seconds.
The container should mount a read-only secret volume called secret-volume at the path /etc/secret-volume. The secret being mounted has already been created for you and is called dotfile-secret.
Pod created correctly?
docs
- secret
정답
- docs1을 보고 조건에 맞게 수정해준다
- pod name: secret-1401
- pod namespace: admin1401
- pod image: busybox
- container name: secret-admin
- container command: sleep 4800
- volume name: secret-volume
- secret name: dotfile-secret
- volume mount path: /etc/secret-volume
controlplane ~ ✖ cat > 7.yaml
apiVersion: v1
kind: Pod
metadata:
name: secret-1401
namespace: admin1401
spec:
volumes:
- name: secret-volume
secret:
secretName: dotfile-secret
containers:
- name: secret-admin
image: busybox
command:
- sleep
- "4800"
volumeMounts:
- name: secret-volume
readOnly: true
mountPath: "/etc/secret-volume"
controlplane ~ ➜ k apply -f 7.yaml
pod/secret-1401 configured
