sudo apt-get update -y
sudo apt-get install curl wget apt-transport-https virtualbox virtualbox-ext-pack -y도커설치
sudo apt-get install docker.io -ysudo systemctl start docker
sudo systemctl enable docker$ sudo docker --version
Docker version 20.10.21, build 20.10.21-0ubuntu1~20.04.2Minikube 설치
기본적으로 Minikube는 Ubuntu 기본 리포지토리에서 사용할 수 없기에, 공식 웹사이트에서 minikube를 다운로드 받아야 한다.
wget https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64sudo cp minikube-linux-amd64 /usr/local/bin/minikubesudo chmod 755 /usr/local/bin/minikube설치된 minikube 버전 확인
$ minikube version
minikube version: v1.31.1
commit: fd3f3801765d093a485d255043149f92ec0a695fkubectl 설치
root 권한으로 변경하고 수행 가능
sudo sucurl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.listapt-get update -y
apt-get install kubectl kubeadm kubectl -yroot 권한을 빠져나온다.
exitminikube 시작
$ minikube start
* minikube v1.31.1 on Ubuntu 20.04 (kvm/amd64)
* Automatically selected the virtualbox driver. Other choices: none, ssh
* Downloading VM boot image ...
> minikube-v1.31.0-amd64.iso....: 65 B / 65 B [---------] 100.00% ? p/s 0s
> minikube-v1.31.0-amd64.iso: 289.20 MiB / 289.20 MiB 100.00% 15.39 MiB p
* Starting control plane node minikube in cluster minikube
* Downloading Kubernetes v1.27.3 preload ...
> preloaded-images-k8s-v18-v1...: 393.19 MiB / 393.19 MiB 100.00% 16.65 M
* Creating virtualbox VM (CPUs=2, Memory=2200MB, Disk=20000MB) ...
* Preparing Kubernetes v1.27.3 on Docker 24.0.4 ...
- Generating certificates and keys ...
- Booting up control plane ...
- Configuring RBAC rules ...
* Configuring bridge CNI (Container Networking Interface) ...
- Using image gcr.io/k8s-minikube/storage-provisioner:v5
* Verifying Kubernetes components...
* Enabled addons: default-storageclass, storage-provisioner
* Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
kubectl로 minikube node가 정상적으로 running상태인지 확인한다.
$ kubectl get node -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
minikube Ready control-plane 72s v1.27.3 192.168.59.100 <none> Buildroot 2021.02.12 5.10.57 docker://24.0.4minikube의 상태정보를 확인한다.
$ minikube status
minikube
type: Control Plane
host: Running
kubelet: Running
apiserver: Running
kubeconfig: Configuredminikube의 addon을 확인한다.
$ minikube addons list
|-----------------------------|----------|--------------|--------------------------------|
| ADDON NAME | PROFILE | STATUS | MAINTAINER |
|-----------------------------|----------|--------------|--------------------------------|
| ambassador | minikube | disabled | 3rd party (Ambassador) |
| auto-pause | minikube | disabled | minikube |
| cloud-spanner | minikube | disabled | Google |
| csi-hostpath-driver | minikube | disabled | Kubernetes |
| dashboard | minikube | disabled | Kubernetes |
| default-storageclass | minikube | enabled ✅ | Kubernetes |
| efk | minikube | disabled | 3rd party (Elastic) |
| freshpod | minikube | disabled | Google |
| gcp-auth | minikube | disabled | Google |
| gvisor | minikube | disabled | minikube |
| headlamp | minikube | disabled | 3rd party (kinvolk.io) |
| helm-tiller | minikube | disabled | 3rd party (Helm) |
| inaccel | minikube | disabled | 3rd party (InAccel |
| | | | [info@inaccel.com]) |
| ingress | minikube | disabled | Kubernetes |
| ingress-dns | minikube | disabled | minikube |
| inspektor-gadget | minikube | disabled | 3rd party |
| | | | (inspektor-gadget.io) |
| istio | minikube | disabled | 3rd party (Istio) |
| istio-provisioner | minikube | disabled | 3rd party (Istio) |
| kong | minikube | disabled | 3rd party (Kong HQ) |
| kubevirt | minikube | disabled | 3rd party (KubeVirt) |
| logviewer | minikube | disabled | 3rd party (unknown) |
| metallb | minikube | disabled | 3rd party (MetalLB) |
| metrics-server | minikube | disabled | Kubernetes |
| nvidia-driver-installer | minikube | disabled | 3rd party (Nvidia) |
| nvidia-gpu-device-plugin | minikube | disabled | 3rd party (Nvidia) |
| olm | minikube | disabled | 3rd party (Operator Framework) |
| pod-security-policy | minikube | disabled | 3rd party (unknown) |
| portainer | minikube | disabled | 3rd party (Portainer.io) |
| registry | minikube | disabled | minikube |
| registry-aliases | minikube | disabled | 3rd party (unknown) |
| registry-creds | minikube | disabled | 3rd party (UPMC Enterprises) |
| storage-provisioner | minikube | enabled ✅ | minikube |
| storage-provisioner-gluster | minikube | disabled | 3rd party (Gluster) |
| volumesnapshots | minikube | disabled | Kubernetes |
|-----------------------------|----------|--------------|--------------------------------|minikube dashboard가 enable되어 있지 않다. 먼저 아래 명령어로 dashboard를 활성화 시킨다.
$ minikube dashboard
* Enabling dashboard ...
- Using image docker.io/kubernetesui/metrics-scraper:v1.0.8
- Using image docker.io/kubernetesui/dashboard:v2.7.0
* Some dashboard features require the metrics-server addon. To enable all features please run:
minikube addons enable metrics-server
* Verifying dashboard health ...
* Launching proxy ...
* Verifying proxy health ...
* Opening http://127.0.0.1:40113/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/ in your default browser...
http://127.0.0.1:40113/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
Proxy를 통해 접속할 수 있는 상태(제시된 URL)에 있지만 실제 접속이 되지는 않는다. 로컬환경이 Ubuntu라면 접속이 되겠지만, 지금 실습하는 환경은 OpenStack에 VM을 생성하여 설치 하고 있다.
CTL+C 로 빠저나와 addon list를 다시 확인해 보면 dashboard는 enable 된 상태이다.
아래와 같이 Proxy 설정을 통해서만 외부접속이 가능하다.
$ kubectl proxy --address='0.0.0.0' --disable-filter=true백그라운드 실행 방법
$ kubectl proxy --address='0.0.0.0' --disable-filter=true >/dev/null 2>&1 &
[1] 76973
Ingress 설정
ingress addon 설정
$ minikube addons enable ingress
* ingress is an addon maintained by Kubernetes. For any concerns contact minikube on GitHub.
You can view the list of minikube maintainers at: https://github.com/kubernetes/minikube/blob/master/OWNERS
- Using image registry.k8s.io/ingress-nginx/controller:v1.8.1
- Using image registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20230407
- Using image registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20230407
* Verifying ingress addon...
* The 'ingress' addon is enabled
Ingress Controller 설치 확인
$ kubectl get pod -n ingress-nginx
NAME READY STATUS RESTARTS AGE
ingress-nginx-admission-create-tsjhz 0/1 Completed 0 4m42s
ingress-nginx-admission-patch-6stn7 0/1 Completed 1 4m41s
ingress-nginx-controller-7799c6795f-k242s 1/1 Running 0 4m42singress 리소스 매니페스트를 작성한다.
ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: helloworld
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: helloworld-nodeport
port:
number: 8080Ingress Resource 배포
$ kubectl apply -f ingress.yaml
$ kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
helloworld nginx * 192.168.59.100 80 5spod,svc 배포
$ kubectl run --port 8080 --image gcr.io/google-samples/hello-app:1.0 --restart Never helloworld
$ kubectl expose pod helloworld --type NodePort --port 8080 --name helloworld-nodeport정상배포되었는지 확인한다.
$ kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/helloworld 1/1 Running 0 3m50s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/helloworld-nodeport NodePort 10.106.60.152 <none> 8080:30018/TCP 2m27s
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3h33mIngress 컨트롤러의 IP주소를 확인한다.
Minikube IP와 동일하다.
$ kubectl get ingress | awk '{ print $4 }'|tail -1
192.168.59.100
$ minikube ip
192.168.59.100
curl 이미지 컨테이너를 생성하고 해당 컨테이너 안에서 minikube host 주소(ingress 접근주소)로 curl명령어로 접속되는지 확인한다.
$ kubectl run --image curlimages/curl:7.68.0 -it --restart Never --rm curl sh
If you don't see a command prompt, try pressing enter.
/ $ curl 192.168.59.100
Hello, world!
Version: 1.0.0
Hostname: helloworld
/ $$ curl --resolve www.ny.xyz:80:192.168.59.100 http://www.ny.xyz
Hello, world!
Version: 1.0.0
Hostname: helloworldwww.ny.xyz:80:192.168.59.100은 www.ny.xyz의 80 포트는 192.168.59.100으로 바꾸라는 의미이다.
그리고 그 뒤의 주소는 우리가 요청하는 도메인 주소이다.
-v옵션을 주고 실행해 본다.
$ curl --resolve www.ny.xyz:80:192.168.59.100 http://www.ny.xyz -v
* Added www.ny.xyz:80:192.168.59.100 to DNS cache
* Hostname www.ny.xyz was found in DNS cache
* Trying 192.168.59.100:80...
* TCP_NODELAY set
* Connected to www.ny.xyz (192.168.59.100) port 80 (#0)
> GET / HTTP/1.1
> Host: www.ny.xyz
> User-Agent: curl/7.68.0-DEV
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Thu, 27 Jul 2023 08:43:10 GMT
< Content-Type: text/plain; charset=utf-8
< Content-Length: 50
< Connection: keep-alive
<
Hello, world!
Version: 1.0.0
Hostname: helloworld
* Connection #0 to host www.ny.xyz left intact접속을 요청한 것은 192.168.59.100이기 때문에 Host에 설정된 것을 확인 할 수 있다.
위와 같이 실제 도메인이 없는 경우에 --resolve옵션을 이용하여 테스트 해 볼수 있다.
/etc/hosts 파일을 아래와 같이 수정하여 도메인으로 요청해도 된다.
다만 curl 컨테이너내에서는 권한문제로 hosts파일을 수정할 수 없다.
