0715[kubernetes]

망지·2022년 7월 15일
1

📌 Kubernetes

📙 minikube- replicaset

minikube start --driver=none

[root@control-plane ~]# mkdir replicaset && cd $_
[root@control-plane replicaset]#

# vi replicaset.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata: ##name과 labels
  name: nginx-replicaset
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx-replicaset ##아래 labels app이랑 똑같아야함. 아래 것 참조해서 생성함.

  template:
    metadata:
      name: nginx-replicaset
      labels:
        app: nginx-replicaset
    spec:
      containers:
      - name: nginx-replicaset-container
        image: nginx
        ports:
        - containerPort: 8080
        
# kubectl apply -f replicaset.yaml
# kubectl get replicasets.apps -o wide
# kubectl describe replicasets.apps nginx-replicaset

# vi clusterip-replicaset.yaml # 클러스터아이피 야믈
apiVersion: v1
kind: Service
metadata:
  name: clusterip-service-replicaset
spec:
  type: ClusterIP
  selector:
    app: nginx-replicaset
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

# kubectl apply -f clusterip-replicaset.yaml
# kubectl get svc -o wide
# kubectl describe svc clusterip-service-replicaset

# vi nodeport-replicaset.yaml # 노드포트 야믈
apiVersion: v1
kind: Service
metadata:
  name: nodeport-service-replicaset
spec:
  type: NodePort
  selector:
    app: nginx-replicaset
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
    nodePort: 30080

# kubectl apply -f nodeport-replicaset.yaml
# kubectl get svc -o wide
# kubectl describe svc nodeport-service-replicaset

# vi loadbalancer-replicaset.yaml # 로드밸런서 야믈
apiVersion: v1
kind: Service
metadata:
  name: loadbalancer-service-replicaset
spec:
  type: LoadBalancer
  externalIPs:
    - 172.25.0.137
  selector:
    app: nginx-replicaset
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

# kubectl apply -f loadbalancer-replicaset.yaml
# kubectl get svc -o wide
# kubectl describe svc loadbalancer-service-replicaset

📙 multinode

미니큐브 삭제 후 진행
✔️ 설치 - virtual box에서 ova가져오기, centos7-DVD해제, 맥주소 어드레스 새로고침 하고 실행
spec: CPU2, RAM4GB
IP : 192.168.1.190


# curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
# sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/docker-ce.repo
# yum --enablerepo=docker-ce-stable -y install docker-ce-19.03.15-3.el7
# mkdir /etc/docker
# cat <<EOF | sudo tee /etc/docker/daemon.json
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}
EOF
# systemctl enable --now docker
# systemctl daemon-reload
# systemctl restart docker
# systemctl disable --now firewalld
# setenforce 0
# sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config

[root@localhost ~]# free -h
              total        used        free      shared  buff/cache   available
Mem:           3.7G        206M        2.7G        8.5M        783M        3.3G
Swap:          3.9G          0B        3.9G
[root@localhost ~]# swapoff -a
[root@localhost ~]# free -h
              total        used        free      shared  buff/cache   available
Mem:           3.7G        203M        2.7G        8.5M        783M        3.3G
Swap:            0B          0B          0B

# sed -i '/ swap / s/^/#/' /etc/fstab -> swap영구적으로 사용하지않기.

# cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

# sysctl --system
# reboot

# cat <<'EOF' > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-$basearch
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

# yum -y install kubeadm-1.19.16-0 kubelet-1.19.16-0 kubectl-1.19.16-0 --disableexcludes=kubernetes
# systemctl enable kubelet

다 하고 종료 후 복제 2개 연결된 복제.
worker1,2 cpu1개, 메모리 1기가.

kubernetes cluster - 그룹이름

일괄적으로 시작해서

# cat <<EOF >> /etc/hosts
192.168.1.190 master
192.168.1.234 worker1
192.168.1.235 worker2
EOF

# hostnamectl set-hostname master

마스터에서 진행

--- Master ---
# kubeadm init --apiserver-advertise-address=192.168.1.190 --pod-network-cidr=10.244.0.0/16 ##토큰정보
# mkdir -p $HOME/.kube
# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# chown $(id -u):$(id -g) $HOME/.kube/config
# kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml

kubeadm의 아래 join 복사해서 worker 1,2에 넣기.

kubeadm join 192.168.1.190:6443 --token sulgu0.phaw7eyp3rcuvhpg --discovery-token-ca-cert-hash sha256:4f63be1589229199826d47e58875ae4324b21d580f827e2484db744fe69d03a6
# kubectl get node
# kubectl get pods --all-namespaces
# source <(kubectl completion bash) ##자동완성
# echo "source <(kubectl completion bash)" >> ~/.bashrc ## 껐다켜도 자동완성 되도록.
# exit

# kubectl get namespaces
  • poweroff하고 브이엠 전부 스냅샷 찍기

📙Pod

✔️master에서 진행

# mkdir workspace && cd $_
# kubectl get node

✔️ master에서 pod생성(2개) worker1,2에 각각할당됨을 확인

# kubectl run nginx-pod --image=nginx ## pending > container creating > running

[root@master1 workspace]# kubectl run nginx-pod --image=nginx
pod/nginx-pod created
[root@master1 workspace]#
[root@master1 workspace]# kubectl get pod
NAME        READY   STATUS              RESTARTS   AGE
nginx-pod   0/1     ContainerCreating   0          10s
[root@master1 workspace]# kubectl get pod -o wide
NAME        READY   STATUS    RESTARTS   AGE   IP           NODE      NOMINATED NODE   READINESS GATES
nginx-pod   1/1     Running   0          95s   10.244.2.2   worker2   <none>           <none>
[root@master1 workspace]#  kubectl run nginx-pod --image=nginx
Error from server (AlreadyExists): pods "nginx-pod" already exists
[root@master1 workspace]#  kubectl run nginx-pod1 --image=nginx
pod/nginx-pod1 created
[root@master1 workspace]# kubectl get pod -o wide
NAME         READY   STATUS              RESTARTS   AGE     IP           NODE      NOMINATED NODE   READINESS GATES
nginx-pod    1/1     Running             0          2m58s   10.244.2.2   worker2   <none>           <none>
nginx-pod1   0/1     ContainerCreating   0          2s      <none>       worker1   <none>           <none>
[root@master1 workspace]#

📙 서비스

✔️cluster IP

# kubectl expose pod nginx-pod --name clusterip --type=ClusterIP --port 80

[root@master1 workspace]# kubectl get svc
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
clusterip    ClusterIP   10.107.99.89   <none>        80/TCP    6s
kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP   53m

[root@master1 workspace]# curl  10.107.99.89
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>

[root@worker2 ~]# curl 10.107.99.89 ## 같은 클러스터 안에 있는 worker1,2에서도 접속 가능. (같은 클러스터안에 있는 모든 노드들)
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

✔️nodeport

# kubectl expose pod nginx-pod --name nodeport --type=NodePort --port 80

[root@master1 workspace]# kubectl get svc
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
clusterip    ClusterIP   10.107.99.89    <none>        80/TCP         5m20s
kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP        59m
nodeport     NodePort    10.111.65.137   <none>        80:30362/TCP   17s

-> master의 IP뿐만 아니라 worker IP통해서도 접속 가능한 모습(nodeport 사용)


# kubectl expose pod nginx-pod --name loadbalancer --type=LoadBalancer --external-ip 192.168.1.235 --port 80 ##IP 한번 worker2로 해보자! 굳이 master아니어도 됨.

[root@master1 workspace]# kubectl get svc
NAME           TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)        AGE
clusterip      ClusterIP      10.107.99.89    <none>          80/TCP         46m
kubernetes     ClusterIP      10.96.0.1       <none>          443/TCP        99m
loadbalanser   LoadBalancer   10.96.131.62    192.168.1.235   80:31254/TCP   9s
nodeport       NodePort       10.111.65.137   <none>          80:30362/TCP   41m

worker 2 ip로 접속 -> 다른 IP로는 안됨요.

# kubectl get pod
# kubectl get service
# kubectl exec -it nginx-pod -- bash
# kubectl get all
[root@master1 workspace]# kubectl delete pod,svc --all
# kubectl delete svc --all
# kubectl delete pod nginx-pod


📙 yaml로 진행하기(service)

✔️pod생성

# vi nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
  labels:
    app: nginx-pod
spec:
  containers:
  - name: nginx-pod-container
    image: nginx
    ports:
    - containerPort: 8080 ##정보성. 이거 한다고 container포트가 진짜 바뀌지는 않음.


# kubectl apply -f nginx-pod.yaml
# kubectl get pod -o wide
# kubectl describe pod nginx-pod

✔️clusterip생성

# vi clusterip-pod.yaml
apiVersion: v1
kind: Service
metadata:
  name: clusterip-service-pod
spec:
  type: ClusterIP
  selector:
    app: nginx-pod
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

# kubectl apply -f clusterip-pod.yaml
# kubectl get svc -o wide
# kubectl describe svc clusterip-service-pod
# kubectl edit svc clusterip-service-pod

->어느 노드에서든 클러스터IP로 접속 가능.

✔️nodeport생성



# vi nodeport-pod.yaml
apiVersion: v1
kind: Service
metadata:
  name: nodeport-service-pod
spec:
  type: NodePort
  selector:
    app: nginx-pod
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80 # 컨테이너 포트가 맞다.
    nodePort: 30080
    
# kubectl apply -f nodeport-pod.yaml
# kubectl get svc -o wide
# kubectl describe svc nodeport-service-pod
# kubectl edit svc nodeport-service-pod
[root@master1 workspace]#  kubectl get svc -o wide
NAME                    TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE    SELECTOR
clusterip-service-pod   ClusterIP   10.103.75.0      <none>        80/TCP         15m    app=nginx-pod
kubernetes              ClusterIP   10.96.0.1        <none>        443/TCP        105m   <none>
nodeport-service-pod    NodePort    10.103.154.243   <none>        80:30080/TCP   4s     app=nginx-pod

[root@master1 workspace]# curl 192.168.1.190:30080 
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>

다른 노드에서도 cluster IP, nodeport 다 가능.
노드포트로 진입시 다른 노드의 IP입력해도 됨. 포트번호만 유지 잘하기.


[root@worker2 ~]# curl 192.168.1.234:30080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>

[root@worker1 ~]# curl 192.168.1.190:30080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>



# vi loadbalancer-pod.yaml
apiVersion: v1
kind: Service
metadata:
  name: loadbalancer-service-pod
spec:
  type: LoadBalancer
  externalIPs: # IP범위로도 할당 가능. 
  - 192.168.1.190
  - 192.168.1.234
  - 192.168.1.235
  selector:
    app: nginx-pod
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
# kubectl apply -f loadbalancer-pod.yaml

[root@master1 workspace]#  kubectl get svc -o wide
NAME                       TYPE           CLUSTER-IP       EXTERNAL-IP                                 PORT(S)        AGE     SELECTOR
clusterip-service-pod      ClusterIP      10.103.75.0      <none>                                      80/TCP         23m     app=nginx-pod
kubernetes                 ClusterIP      10.96.0.1        <none>                                      443/TCP        113m    <none>
loadbalancer-service-pod   LoadBalancer   10.100.172.137   192.168.1.190,192.168.1.234,192.168.1.235   80:30588/TCP   7s      app=nginx-pod
nodeport-service-pod       NodePort       10.103.154.243   <none> 

# kubectl describe svc loadbalancer-service-pod

external ip(웹브라우저에서 각 서버의 IP로 진입 확인)

📙 replicaset(yaml)

위에서 생성한 pod와 svc모두 삭제하고 진행
✔️ replica 생성.

# vi replicaset.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: nginx-replicaset
spec:
  replicas: 3 # desired state (kube-controller-manager)
  selector:
    matchLabels:
      app: nginx-replicaset

  template:
    metadata:
      name: nginx-replicaset
      labels:
        app: nginx-replicaset
    spec:
      containers:
      - name: nginx-replicaset-container
        image: nginx
        ports:
        - containerPort: 80

# kubectl apply -f replicaset.yaml

✔️ replicaset을 갯수 3에서 4개로 바꿔보기


[root@master1 replicaset]# kubectl get pod -o wide
NAME                     READY   STATUS    RESTARTS   AGE   IP           NODE      NOMINATED NODE   READINESS GATES
nginx-replicaset-ccxsw   1/1     Running   0          59s   10.244.2.4   worker2   <none>           <none>
nginx-replicaset-dkw48   1/1     Running   0          59s   10.244.2.3   worker2   <none>           <none>
nginx-replicaset-xkdpx   1/1     Running   0          59s   10.244.1.4   worker1   <none>           <none>

[root@master1 replicaset]# kubectl edit replicasets.apps nginx-replicaset

[root@master1 replicaset]# kubectl get pod -o wide
NAME                     READY   STATUS    RESTARTS   AGE    IP           NODE      NOMINATED NODE   READINESS GATES
nginx-replicaset-bvtxc   1/1     Running   0          12s    10.244.1.5   worker1   <none>           <none>
nginx-replicaset-ccxsw   1/1     Running   0          9m7s   10.244.2.4   worker2   <none>           <none>
nginx-replicaset-dkw48   1/1     Running   0          9m7s   10.244.2.3   worker2   <none>           <none>
nginx-replicaset-xkdpx   1/1     Running   0          9m7s   10.244.1.4   worker1   <none>           <none>

# kubectl describe replicasets.apps nginx-replicaset

-> 완료!

✔️ 그런데 위에서 하나 삭제하면 이미지 오류가 나서 사설 레지스트리 이용해서 이미지 받아서 해보자.


# docker run -d -p 5000:5000 --restart=always --name private-docker-registry registry # 저장소 서버(master)

# vi /etc/docker/daemon.json # 클라이언트 master,worker
{ "insecure-registries":["192.168.1.190:5000"] } -> 맨 하단에 넣기

# systemctl restart docker  #(master, worker)

[root@master1 replicaset]# docker pull nginx # (master)

# docker tag nginx:latest 192.168.1.190:5000/nginx:latest # (master)
# docker push 192.168.1.190:5000/nginx:latest # (master)
# kubectl delete replicasets.apps nginx-replicaset # (master)
# vi replicaset.yaml # (master)
[root@master1 replicaset]# kubectl apply -f replicaset.yaml
[root@master1 replicaset]# kubectl get pod
NAME                     READY   STATUS    RESTARTS   AGE
nginx-replicaset-69vn4   1/1     Running   0          4s
nginx-replicaset-6txr4   1/1     Running   0          4s
nginx-replicaset-fd77g   1/1     Running   0          4s

[root@master1 replicaset]# kubectl edit replicasets.apps nginx-replicaset

[root@master1 replicaset]# kubectl get pod -o wide
NAME                     READY   STATUS    RESTARTS   AGE     IP            NODE      NOMINATED NODE   READINESS GATES
nginx-replicaset-48lgl   1/1     Running   0          2m47s   10.244.1.23   worker1   <none>           <none>
nginx-replicaset-fq27w   1/1     Running   0          2m47s   10.244.2.23   worker2   <none>           <none>
nginx-replicaset-pkxnc   1/1     Running   0          22s     10.244.1.24   worker1   <none>           <none>
nginx-replicaset-s7bkn   1/1     Running   0          2m47s   10.244.2.22   worker2   <none>           <none>

[root@master1 replicaset]# kubectl delete pod nginx-replicaset-s7bkn


[root@master1 replicaset]# kubectl get pod -o wide
NAME                     READY   STATUS    RESTARTS   AGE     IP            NODE      NOMINATED NODE   READINESS GATES
nginx-replicaset-48lgl   1/1     Running   0          3m35s   10.244.1.23   worker1   <none>           <none>
nginx-replicaset-fq27w   1/1     Running   0          3m35s   10.244.2.23   worker2   <none>           <none>
nginx-replicaset-phh8p   1/1     Running   0          13s     10.244.2.24   worker2   <none>           <none>
nginx-replicaset-pkxnc   1/1     Running   0          70s     10.244.1.24   worker1   <none>           <none>

-> 지웠는데 냅다 바로 생겨버리는 것 확인!

✔️ 서비스 이용해서 접속해보기

# vi clusterip-replicaset.yaml # 클러스터아이피 야믈
apiVersion: v1
kind: Service
metadata:
  name: clusterip-service-replicaset
spec:
  type: ClusterIP
  selector:
    app: nginx-replicaset
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

# kubectl apply -f clusterip-replicaset.yaml
# kubectl get svc -o wide

(확인)
[root@master1 replicaset]# curl 10.106.187.51
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>

어떤 pod로 할당해주는지 알아보기 위해 웹프론트엔드 수정해주기 .

[root@master1 replicaset]# kubectl exec nginx-replicaset-48lgl -- sh -c "echo "web01" > /usr/share/nginx/html/index.html"

-> 각 pod마다 해주기 (web02,3,4)
아래는 확인.

[root@master1 replicaset]# curl 10.106.187.51
web04
[root@master1 replicaset]# curl 10.106.187.51
web03
# kubectl describe svc clusterip-service-replicaset

# vi nodeport-replicaset.yaml # 노드포트 야믈
apiVersion: v1
kind: Service
metadata:
  name: nodeport-service-replicaset
spec:
  type: NodePort
  selector:
    app: nginx-replicaset
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
    nodePort: 30080

# kubectl apply -f nodeport-replicaset.yaml
[root@master1 replicaset]# kubectl get svc -o wide
NAME                           TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE    SELECTOR
clusterip-service-replicaset   ClusterIP   10.106.187.51   <none>        80/TCP         19m    app=nginx-replicaset
kubernetes                     ClusterIP   10.96.0.1       <none>        443/TCP        152m   <none>
nodeport-service-replicaset    NodePort    10.111.251.19   <none>        80:30080/TCP   4s     app=nginx-replicaset

[root@master1 replicaset]# curl 192.168.1.190:30080
web03
[root@master1 replicaset]# curl 192.168.1.190:30080
web02

worker2 ip로 접속해도 됨 확인( 포트번호는 써줘야함)


# kubectl describe svc nodeport-service-replicaset

# vi loadbalancer-replicaset.yaml # 로드밸런서 야믈
apiVersion: v1
kind: Service
metadata:
  name: loadbalancer-service-replicaset
spec:
  type: LoadBalancer
  externalIPs:
    - 192.168.1.190 (master)
    - 192.168.1.234 (worker)
    - 192.168.1.235 (worker)
  selector:
    app: nginx-replicaset
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

# kubectl apply -f loadbalancer-replicaset.yaml
# kubectl get svc -o wide
# kubectl describe svc loadbalancer-service-replicaset

접속 확인

deployment와 replicaset 비슷하지만
deployment가 더 많은 기능 가지고 있음(rollback, 업데이트 등)

📙✔️✏️📢⭐️📌

📌 기타

⭐️k8s

kubernetes

⭐️pod안의 container 보기


[root@master1 workspace]# kubectl describe pod nginx-pod

Containers:
  nginx-pod-container:
    Container ID:   docker://7fcd8543e10cb3df2b094a2e2b896f5096ec46e8cfe78e3f579a5609848dea8d
    Image:          nginx
    Image ID:       docker-pullable://192.168.1.190:5000/nginx@sha256:33cef86aae4e8487ff23a6ca16012fac28ff9e7a5e9759d291a7da06e36ac958
    Port:           8080/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Fri, 15 Jul 2022 17:39:17 +0900


profile
꾸준히, 차근차근

1개의 댓글