📌 Kubernetes
📙 minikube- replicaset
minikube start --driver=none
[root@control-plane ~]# mkdir replicaset && cd $_
[root@control-plane replicaset]#
# vi replicaset.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata: ##name과 labels
name: nginx-replicaset
spec:
replicas: 3
selector:
matchLabels:
app: nginx-replicaset ##아래 labels app이랑 똑같아야함. 아래 것 참조해서 생성함.
template:
metadata:
name: nginx-replicaset
labels:
app: nginx-replicaset
spec:
containers:
- name: nginx-replicaset-container
image: nginx
ports:
- containerPort: 8080
# kubectl apply -f replicaset.yaml
# kubectl get replicasets.apps -o wide
# kubectl describe replicasets.apps nginx-replicaset
# vi clusterip-replicaset.yaml # 클러스터아이피 야믈
apiVersion: v1
kind: Service
metadata:
name: clusterip-service-replicaset
spec:
type: ClusterIP
selector:
app: nginx-replicaset
ports:
- protocol: TCP
port: 80
targetPort: 80
# kubectl apply -f clusterip-replicaset.yaml
# kubectl get svc -o wide
# kubectl describe svc clusterip-service-replicaset
# vi nodeport-replicaset.yaml # 노드포트 야믈
apiVersion: v1
kind: Service
metadata:
name: nodeport-service-replicaset
spec:
type: NodePort
selector:
app: nginx-replicaset
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30080
# kubectl apply -f nodeport-replicaset.yaml
# kubectl get svc -o wide
# kubectl describe svc nodeport-service-replicaset
# vi loadbalancer-replicaset.yaml # 로드밸런서 야믈
apiVersion: v1
kind: Service
metadata:
name: loadbalancer-service-replicaset
spec:
type: LoadBalancer
externalIPs:
- 172.25.0.137
selector:
app: nginx-replicaset
ports:
- protocol: TCP
port: 80
targetPort: 80
# kubectl apply -f loadbalancer-replicaset.yaml
# kubectl get svc -o wide
# kubectl describe svc loadbalancer-service-replicaset
📙 multinode
미니큐브 삭제 후 진행
✔️ 설치 - virtual box에서 ova가져오기, centos7-DVD해제, 맥주소 어드레스 새로고침 하고 실행
spec: CPU2, RAM4GB
IP : 192.168.1.190
# curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
# sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/docker-ce.repo
# yum --enablerepo=docker-ce-stable -y install docker-ce-19.03.15-3.el7
# mkdir /etc/docker
# cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
# systemctl enable --now docker
# systemctl daemon-reload
# systemctl restart docker
# systemctl disable --now firewalld
# setenforce 0
# sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
[root@localhost ~]# free -h
total used free shared buff/cache available
Mem: 3.7G 206M 2.7G 8.5M 783M 3.3G
Swap: 3.9G 0B 3.9G
[root@localhost ~]# swapoff -a
[root@localhost ~]# free -h
total used free shared buff/cache available
Mem: 3.7G 203M 2.7G 8.5M 783M 3.3G
Swap: 0B 0B 0B
# sed -i '/ swap / s/^/#/' /etc/fstab -> swap영구적으로 사용하지않기.
# cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
# sysctl --system
# reboot
# cat <<'EOF' > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-$basearch
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
# yum -y install kubeadm-1.19.16-0 kubelet-1.19.16-0 kubectl-1.19.16-0 --disableexcludes=kubernetes
# systemctl enable kubelet다 하고 종료 후 복제 2개 연결된 복제.
worker1,2 cpu1개, 메모리 1기가.
kubernetes cluster - 그룹이름
일괄적으로 시작해서
# cat <<EOF >> /etc/hosts
192.168.1.190 master
192.168.1.234 worker1
192.168.1.235 worker2
EOF
# hostnamectl set-hostname master마스터에서 진행
--- Master ---
# kubeadm init --apiserver-advertise-address=192.168.1.190 --pod-network-cidr=10.244.0.0/16 ##토큰정보
# mkdir -p $HOME/.kube
# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# chown $(id -u):$(id -g) $HOME/.kube/config
# kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.ymlkubeadm의 아래 join 복사해서 worker 1,2에 넣기.
kubeadm join 192.168.1.190:6443 --token sulgu0.phaw7eyp3rcuvhpg --discovery-token-ca-cert-hash sha256:4f63be1589229199826d47e58875ae4324b21d580f827e2484db744fe69d03a6# kubectl get node
# kubectl get pods --all-namespaces
# source <(kubectl completion bash) ##자동완성
# echo "source <(kubectl completion bash)" >> ~/.bashrc ## 껐다켜도 자동완성 되도록.
# exit
# kubectl get namespaces
- poweroff하고 브이엠 전부 스냅샷 찍기
📙Pod
✔️master에서 진행
# mkdir workspace && cd $_
# kubectl get node✔️ master에서 pod생성(2개) worker1,2에 각각할당됨을 확인
# kubectl run nginx-pod --image=nginx ## pending > container creating > running
[root@master1 workspace]# kubectl run nginx-pod --image=nginx
pod/nginx-pod created
[root@master1 workspace]#
[root@master1 workspace]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-pod 0/1 ContainerCreating 0 10s
[root@master1 workspace]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-pod 1/1 Running 0 95s 10.244.2.2 worker2 <none> <none>
[root@master1 workspace]# kubectl run nginx-pod --image=nginx
Error from server (AlreadyExists): pods "nginx-pod" already exists
[root@master1 workspace]# kubectl run nginx-pod1 --image=nginx
pod/nginx-pod1 created
[root@master1 workspace]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-pod 1/1 Running 0 2m58s 10.244.2.2 worker2 <none> <none>
nginx-pod1 0/1 ContainerCreating 0 2s <none> worker1 <none> <none>
[root@master1 workspace]#📙 서비스
✔️cluster IP
# kubectl expose pod nginx-pod --name clusterip --type=ClusterIP --port 80
[root@master1 workspace]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
clusterip ClusterIP 10.107.99.89 <none> 80/TCP 6s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 53m
[root@master1 workspace]# curl 10.107.99.89
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
[root@worker2 ~]# curl 10.107.99.89 ## 같은 클러스터 안에 있는 worker1,2에서도 접속 가능. (같은 클러스터안에 있는 모든 노드들)
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
✔️nodeport
# kubectl expose pod nginx-pod --name nodeport --type=NodePort --port 80
[root@master1 workspace]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
clusterip ClusterIP 10.107.99.89 <none> 80/TCP 5m20s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 59m
nodeport NodePort 10.111.65.137 <none> 80:30362/TCP 17s
-> master의 IP뿐만 아니라 worker IP통해서도 접속 가능한 모습(nodeport 사용)
# kubectl expose pod nginx-pod --name loadbalancer --type=LoadBalancer --external-ip 192.168.1.235 --port 80 ##IP 한번 worker2로 해보자! 굳이 master아니어도 됨.
[root@master1 workspace]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
clusterip ClusterIP 10.107.99.89 <none> 80/TCP 46m
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 99m
loadbalanser LoadBalancer 10.96.131.62 192.168.1.235 80:31254/TCP 9s
nodeport NodePort 10.111.65.137 <none> 80:30362/TCP 41m
worker 2 ip로 접속 -> 다른 IP로는 안됨요.
# kubectl get pod
# kubectl get service
# kubectl exec -it nginx-pod -- bash
# kubectl get all
[root@master1 workspace]# kubectl delete pod,svc --all
# kubectl delete svc --all
# kubectl delete pod nginx-pod
📙 yaml로 진행하기(service)
✔️pod생성
# vi nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx-pod
spec:
containers:
- name: nginx-pod-container
image: nginx
ports:
- containerPort: 8080 ##정보성. 이거 한다고 container포트가 진짜 바뀌지는 않음.
# kubectl apply -f nginx-pod.yaml
# kubectl get pod -o wide
# kubectl describe pod nginx-pod✔️clusterip생성
# vi clusterip-pod.yaml
apiVersion: v1
kind: Service
metadata:
name: clusterip-service-pod
spec:
type: ClusterIP
selector:
app: nginx-pod
ports:
- protocol: TCP
port: 80
targetPort: 80
# kubectl apply -f clusterip-pod.yaml
# kubectl get svc -o wide
# kubectl describe svc clusterip-service-pod
# kubectl edit svc clusterip-service-pod->어느 노드에서든 클러스터IP로 접속 가능.
✔️nodeport생성
# vi nodeport-pod.yaml
apiVersion: v1
kind: Service
metadata:
name: nodeport-service-pod
spec:
type: NodePort
selector:
app: nginx-pod
ports:
- protocol: TCP
port: 80
targetPort: 80 # 컨테이너 포트가 맞다.
nodePort: 30080
# kubectl apply -f nodeport-pod.yaml
# kubectl get svc -o wide
# kubectl describe svc nodeport-service-pod
# kubectl edit svc nodeport-service-pod
[root@master1 workspace]# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
clusterip-service-pod ClusterIP 10.103.75.0 <none> 80/TCP 15m app=nginx-pod
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 105m <none>
nodeport-service-pod NodePort 10.103.154.243 <none> 80:30080/TCP 4s app=nginx-pod
[root@master1 workspace]# curl 192.168.1.190:30080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>다른 노드에서도 cluster IP, nodeport 다 가능.
노드포트로 진입시 다른 노드의 IP입력해도 됨. 포트번호만 유지 잘하기.
[root@worker2 ~]# curl 192.168.1.234:30080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
[root@worker1 ~]# curl 192.168.1.190:30080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
# vi loadbalancer-pod.yaml
apiVersion: v1
kind: Service
metadata:
name: loadbalancer-service-pod
spec:
type: LoadBalancer
externalIPs: # IP범위로도 할당 가능.
- 192.168.1.190
- 192.168.1.234
- 192.168.1.235
selector:
app: nginx-pod
ports:
- protocol: TCP
port: 80
targetPort: 80
# kubectl apply -f loadbalancer-pod.yaml
[root@master1 workspace]# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
clusterip-service-pod ClusterIP 10.103.75.0 <none> 80/TCP 23m app=nginx-pod
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 113m <none>
loadbalancer-service-pod LoadBalancer 10.100.172.137 192.168.1.190,192.168.1.234,192.168.1.235 80:30588/TCP 7s app=nginx-pod
nodeport-service-pod NodePort 10.103.154.243 <none>
# kubectl describe svc loadbalancer-service-podexternal ip(웹브라우저에서 각 서버의 IP로 진입 확인)
📙 replicaset(yaml)
위에서 생성한 pod와 svc모두 삭제하고 진행
✔️ replica 생성.
# vi replicaset.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: nginx-replicaset
spec:
replicas: 3 # desired state (kube-controller-manager)
selector:
matchLabels:
app: nginx-replicaset
template:
metadata:
name: nginx-replicaset
labels:
app: nginx-replicaset
spec:
containers:
- name: nginx-replicaset-container
image: nginx
ports:
- containerPort: 80
# kubectl apply -f replicaset.yaml✔️ replicaset을 갯수 3에서 4개로 바꿔보기
[root@master1 replicaset]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-replicaset-ccxsw 1/1 Running 0 59s 10.244.2.4 worker2 <none> <none>
nginx-replicaset-dkw48 1/1 Running 0 59s 10.244.2.3 worker2 <none> <none>
nginx-replicaset-xkdpx 1/1 Running 0 59s 10.244.1.4 worker1 <none> <none>
[root@master1 replicaset]# kubectl edit replicasets.apps nginx-replicaset
[root@master1 replicaset]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-replicaset-bvtxc 1/1 Running 0 12s 10.244.1.5 worker1 <none> <none>
nginx-replicaset-ccxsw 1/1 Running 0 9m7s 10.244.2.4 worker2 <none> <none>
nginx-replicaset-dkw48 1/1 Running 0 9m7s 10.244.2.3 worker2 <none> <none>
nginx-replicaset-xkdpx 1/1 Running 0 9m7s 10.244.1.4 worker1 <none> <none>
# kubectl describe replicasets.apps nginx-replicaset-> 완료!
✔️ 그런데 위에서 하나 삭제하면 이미지 오류가 나서 사설 레지스트리 이용해서 이미지 받아서 해보자.
# docker run -d -p 5000:5000 --restart=always --name private-docker-registry registry # 저장소 서버(master)
# vi /etc/docker/daemon.json # 클라이언트 master,worker
{ "insecure-registries":["192.168.1.190:5000"] } -> 맨 하단에 넣기
# systemctl restart docker #(master, worker)
[root@master1 replicaset]# docker pull nginx # (master)
# docker tag nginx:latest 192.168.1.190:5000/nginx:latest # (master)
# docker push 192.168.1.190:5000/nginx:latest # (master)
# kubectl delete replicasets.apps nginx-replicaset # (master)
# vi replicaset.yaml # (master)
[root@master1 replicaset]# kubectl apply -f replicaset.yaml
[root@master1 replicaset]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-replicaset-69vn4 1/1 Running 0 4s
nginx-replicaset-6txr4 1/1 Running 0 4s
nginx-replicaset-fd77g 1/1 Running 0 4s
[root@master1 replicaset]# kubectl edit replicasets.apps nginx-replicaset
[root@master1 replicaset]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-replicaset-48lgl 1/1 Running 0 2m47s 10.244.1.23 worker1 <none> <none>
nginx-replicaset-fq27w 1/1 Running 0 2m47s 10.244.2.23 worker2 <none> <none>
nginx-replicaset-pkxnc 1/1 Running 0 22s 10.244.1.24 worker1 <none> <none>
nginx-replicaset-s7bkn 1/1 Running 0 2m47s 10.244.2.22 worker2 <none> <none>
[root@master1 replicaset]# kubectl delete pod nginx-replicaset-s7bkn
[root@master1 replicaset]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-replicaset-48lgl 1/1 Running 0 3m35s 10.244.1.23 worker1 <none> <none>
nginx-replicaset-fq27w 1/1 Running 0 3m35s 10.244.2.23 worker2 <none> <none>
nginx-replicaset-phh8p 1/1 Running 0 13s 10.244.2.24 worker2 <none> <none>
nginx-replicaset-pkxnc 1/1 Running 0 70s 10.244.1.24 worker1 <none> <none>
-> 지웠는데 냅다 바로 생겨버리는 것 확인!
✔️ 서비스 이용해서 접속해보기
# vi clusterip-replicaset.yaml # 클러스터아이피 야믈
apiVersion: v1
kind: Service
metadata:
name: clusterip-service-replicaset
spec:
type: ClusterIP
selector:
app: nginx-replicaset
ports:
- protocol: TCP
port: 80
targetPort: 80
# kubectl apply -f clusterip-replicaset.yaml
# kubectl get svc -o wide
(확인)
[root@master1 replicaset]# curl 10.106.187.51
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
어떤 pod로 할당해주는지 알아보기 위해 웹프론트엔드 수정해주기 .
[root@master1 replicaset]# kubectl exec nginx-replicaset-48lgl -- sh -c "echo "web01" > /usr/share/nginx/html/index.html"-> 각 pod마다 해주기 (web02,3,4)
아래는 확인.
[root@master1 replicaset]# curl 10.106.187.51
web04
[root@master1 replicaset]# curl 10.106.187.51
web03
# kubectl describe svc clusterip-service-replicaset
# vi nodeport-replicaset.yaml # 노드포트 야믈
apiVersion: v1
kind: Service
metadata:
name: nodeport-service-replicaset
spec:
type: NodePort
selector:
app: nginx-replicaset
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30080
# kubectl apply -f nodeport-replicaset.yaml
[root@master1 replicaset]# kubectl get svc -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
clusterip-service-replicaset ClusterIP 10.106.187.51 <none> 80/TCP 19m app=nginx-replicaset
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 152m <none>
nodeport-service-replicaset NodePort 10.111.251.19 <none> 80:30080/TCP 4s app=nginx-replicaset
[root@master1 replicaset]# curl 192.168.1.190:30080
web03
[root@master1 replicaset]# curl 192.168.1.190:30080
web02
worker2 ip로 접속해도 됨 확인( 포트번호는 써줘야함)
# kubectl describe svc nodeport-service-replicaset
# vi loadbalancer-replicaset.yaml # 로드밸런서 야믈
apiVersion: v1
kind: Service
metadata:
name: loadbalancer-service-replicaset
spec:
type: LoadBalancer
externalIPs:
- 192.168.1.190 (master)
- 192.168.1.234 (worker)
- 192.168.1.235 (worker)
selector:
app: nginx-replicaset
ports:
- protocol: TCP
port: 80
targetPort: 80
# kubectl apply -f loadbalancer-replicaset.yaml
# kubectl get svc -o wide
# kubectl describe svc loadbalancer-service-replicaset
접속 확인
deployment와 replicaset 비슷하지만
deployment가 더 많은 기능 가지고 있음(rollback, 업데이트 등)
📙✔️✏️📢⭐️📌
📌 기타
⭐️k8s
kubernetes
⭐️pod안의 container 보기
[root@master1 workspace]# kubectl describe pod nginx-pod
Containers:
nginx-pod-container:
Container ID: docker://7fcd8543e10cb3df2b094a2e2b896f5096ec46e8cfe78e3f579a5609848dea8d
Image: nginx
Image ID: docker-pullable://192.168.1.190:5000/nginx@sha256:33cef86aae4e8487ff23a6ca16012fac28ff9e7a5e9759d291a7da06e36ac958
Port: 8080/TCP
Host Port: 0/TCP
State: Running
Started: Fri, 15 Jul 2022 17:39:17 +0900
꾸준히, 차근차근