0720[kubernetes]

๋ง์ง€ยท2022๋…„ 7์›” 20์ผ
0

๐Ÿ“Œ configmap

vi deployment-config01.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: configapp
  labels:
    app: configapp
spec:
  replicas: 1
  selector:
    matchLabels:
      app: configapp
  template:
    metadata:
      labels:
        app: configapp
    spec:
      containers:
      - name: testapp
        image: nginx
        ports:
        - containerPort: 8080
        env:
        - name: DEBUG_LEVEL # ์ปจํ…Œ์ด๋„ˆ ์•ˆ์—์„œ์˜ ๋ณ€์ˆ˜๋ช…
          valueFrom:
            configMapKeyRef:
              name: config-dev
              key: DEBUG_INFO
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: configapp
  name: configapp-svc
  namespace: default
spec:
  type: NodePort
  ports:
  - nodePort: 30800
    port: 8080
    protocol: TCP
    targetPort: 80
  selector:
    app: configapp
    
 
[root@master1 configmap]# kubectl apply -f deployment-config01.yaml

[root@master1 configmap]# kubectl describe pod configapp-c9bb7b748-2ft9p

[root@master1 configmap]# kubectl exec -it configapp-c9bb7b748-2ft9p -- bash
 
 

 

๐Ÿ“™ wordpress config(pod)

# vi configmap-wordpress.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: config-wordpress
  namespace: default
data:
  MYSQL_ROOT_HOST: '%'
  MYSQL_ROOT_PASSWORD: mode1752
  MYSQL_DATABASE: wordpress
  MYSQL_USER: wpuser
  MYSQL_PASSWORD: wppass
  
# kubectl apply -f configmap-wordpress.yaml
# kubectl describe configmaps config-wordpress
 
vi mysql-pod-svc.yaml
apiVersion: v1
kind: Pod
metadata:
  name: mysql-pod
  labels:
    app: mysql-pod
spec:
  containers:
  - name: mysql-container
    image: mysql:5.7
    envFrom: ## ์ปจํ”ผ๊ทธ๋งต ์„ค์ • ์ „์ฒด๋ฅผ ํ•œ๊บผ๋ฒˆ์— ๋ถˆ๋Ÿฌ์™€์„œ ์‚ฌ์šฉํ•˜๊ธฐ 
    - configMapRef:
        name: config-wordpress
    ports:
    - containerPort: 3306
---
apiVersion: v1
kind: Service
metadata:
  name: mysql-svc
spec:
  type: ClusterIP
  selector:
    app: mysql-pod
  ports:
  - protocol: TCP
    port: 3306
    targetPort: 3306
    
[root@master1 configmap]# kubectl apply -f mysql-pod-svc.yaml
[root@master1 configmap]# kubectl get all


vi wordpress-pod-svc.yaml
apiVersion: v1
kind: Pod
metadata:
  name: wordpress-pod
  labels:
    app: wordpress-pod
spec:
  containers:
  - name: wordpress-container
    image: wordpress
    env:
    - name: WORDPRESS_DB_HOST
      value: mysql-svc:3306
    - name: WORDPRESS_DB_USER
      valueFrom:
        configMapKeyRef:
          name: config-wordpress
          key: MYSQL_USER
    - name: WORDPRESS_DB_PASSWORD
      valueFrom:
        configMapKeyRef:
          name: config-wordpress
          key: MYSQL_PASSWORD
    - name: WORDPRESS_DB_NAME
      valueFrom:
        configMapKeyRef:
          name: config-wordpress
          key: MYSQL_DATABASE
    ports:
    - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: wordpress-svc
spec:
  type: LoadBalancer
#  externalIPs:
#  - 192.168.2.0
  selector:
    app: wordpress-pod
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
    
  

๐Ÿ“™ wordpress config(deploy)

# vi mysql-deploy-svc.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mysql-deploy
  labels:
    app: mysql-deploy
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mysql-deploy
  template:
    metadata:
      labels:
        app: mysql-deploy
    spec:
      containers:
      - name: mysql-container
        image: mysql:5.7
        envFrom:
        - configMapRef:
            name: config-wordpress
        ports:
        - containerPort: 3306
---
apiVersion: v1
kind: Service
metadata:
  name: mysql-svc
spec:
  type: ClusterIP
  selector:
    app: mysql-deploy
  ports:
  - protocol: TCP
    port: 3306
    targetPort: 3306
    
[root@master1 configmap]# kubectl apply -f mysql-deploy-svc.yaml

[root@master1 configmap]# kubectl delete pod mysql-pod
pod "mysql-pod" deleted
[root@master1 configmap]# kubectl delete pod wordpress-pod
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wordpress-deploy
  labels:
    app: wordpress-deploy
spec:
  replicas: 3
  selector:
    matchLabels:
      app: wordpress-deploy
  template:
    metadata:
      labels:
        app: wordpress-deploy
    spec:
      containers:
      - name: wordpress-container
        image: wordpress
        env:
        - name: WORDPRESS_DB_HOST
          value: mysql-svc:3306
        - name: WORDPRESS_DB_USER
          valueFrom:
            configMapKeyRef:
              name: config-wordpress
              key: MYSQL_USER
        - name: WORDPRESS_DB_PASSWORD
          valueFrom:
            configMapKeyRef:
              name: config-wordpress
              key: MYSQL_PASSWORD
        - name: WORDPRESS_DB_NAME
          valueFrom:
            configMapKeyRef:
              name: config-wordpress
              key: MYSQL_DATABASE
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: wordpress-svc
spec:
  type: LoadBalancer
#  externalIPs:
#  - 192.168.2.0
  selector:
    app: wordpress-deploy
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
    
# kubectl apply -f wordpress-deploy-svc.yaml
# kubectl get all -o wide
    

[root@master1 configmap]# kubectl exec -it wordpress-deploy-57787cfd48-btk9r  -- bash
root@wordpress-deploy-57787cfd48-btk9r:/var/www/html#
root@wordpress-deploy-57787cfd48-btk9r:/var/www/html#
root@wordpress-deploy-57787cfd48-btk9r:/var/www/html# ls -al

๐Ÿ“Œ namespace

AZURE resource group๊ฐ™์€ ๋Š๋‚Œ

# kubectl get namespaces
# kubectl config get-contexts kubernetes-admin@kubernetes
# kubectl create namespace test-namespace
# kubectl run nginx-pod1 --image=nginx -n test-namespace
# kubectl get pod -n test-namespace
# kubectl config set-context kubernetes-admin@kubernetes --namespace=test-namespace ##default namespace๋กœ ์„ค์ •

[root@master1 ~]# kubectl config get-contexts kubernetes-admin@kubernetes
CURRENT   NAME                          CLUSTER      AUTHINFO           NAMESPACE
*         kubernetes-admin@kubernetes   kubernetes   kubernetes-admin   test-namespace

[root@master1 ~]# kubectl get pod
NAME         READY   STATUS    RESTARTS   AGE
nginx-pod1   1/1     Running   0          4m


# kubectl expose pod nginx-pod1 --type=LoadBalancer --name loadbalancer --port=80 ##metallb๋•๋ถ„์— external ipํ•˜์ง€ ์•Š์•„๋„ ๋จ.

[root@master1 ~]# kubectl get all
NAME             READY   STATUS    RESTARTS   AGE
pod/nginx-pod1   1/1     Running   0          7m40s

NAME                   TYPE           CLUSTER-IP      EXTERNAL-IP      PORT(S)        AGE
service/loadbalancer   LoadBalancer   10.102.29.192   192.168.56.103   80:31344/TCP   10s

[root@master1 ~]# kubectl delete namespace test-namespace

[root@master1 ~]# kubectl get all
No resources found in test-namespace namespace.

[root@master1 ~]# kubectl config set-context kubernetes-admin@kubernetes --namespace= ## default๋กœ ๋Œ์•„๊ฐ€๊ธฐ.

[root@master1 ~]# kubectl config get-contexts kubernetes-admin@kubernetes
CURRENT   NAME                          CLUSTER      AUTHINFO           NAMESPACE
*         kubernetes-admin@kubernetes   kubernetes   kubernetes-admin

๐Ÿ“ŒResourceQuota

์–ด๋Š๋ถ€์„œ(nameserver)๊ฐ€ ์ „์ฒด ํด๋Ÿฌ์Šคํ„ฐ ์šฉ๋Ÿ‰์„ ์ ์œ ํ•  ์ˆ˜ ์žˆ์œผ๋‹ˆ๊นŒ ์šฉ๋Ÿ‰์„ ์ •ํ•ด๋†“์ž. =>resource Quota

๐Ÿ“™ nameserver ์ƒ์„ฑ

[root@master1 ~]# kubectl create ns my-ns
namespace/my-ns created
[root@master1 ~]# kubectl get ns
NAME              STATUS   AGE
default           Active   26h
kube-flannel      Active   26h
kube-node-lease   Active   26h
kube-public       Active   26h
kube-system       Active   26h
metallb-system    Active   21h
my-ns             Active   13s

๐Ÿ“™ resourcequota์ƒ์„ฑ (pod์ œํ•œ)

# vi sample-resourcequota.yaml
apiVersion: v1
kind: ResourceQuota
metadata:
  name: sample-resourcequota
  namespace: my-ns
spec:
  hard:
    count/pods: 5 ## pod 5๊ฐœ ์ด์ƒ ๋ชป๋งŒ๋“ค๊ฒŒ

kubectl describe resourcequotas sample-resourcequota -n my-ns
kubectl run new-nginx --image=nginx -n my-ns
kubectl get po -n my-ns

๐Ÿ“™ pod 5๊ฐœ ์ด์ƒ ์ƒ์„ฑ ์ œํ•œ ํ™•์ธ


[root@master1 resourcequota]# kubectl get resourcequotas -n my-ns
NAME                   AGE   REQUEST           LIMIT
sample-resourcequota   96s   count/pods: 0/5

[root@master1 resourcequota]# kubectl run new-nginx --image=nginx -n my-ns
pod/new-nginx created

[root@master1 resourcequota]# kubectl run new-nginx1 --image=nginx -n my-ns
pod/new-nginx1 created


[root@master1 resourcequota]# kubectl run new-nginx12 --image=nginx -n my-ns
pod/new-nginx12 created

[root@master1 resourcequota]# kubectl run new-nginx3 --image=nginx -n my-ns
pod/new-nginx3 created

[root@master1 resourcequota]# kubectl run new-nginx4 --image=nginx -n my-ns
pod/new-nginx4 created

[root@master1 resourcequota]# kubectl run new-nginx5 --image=nginx -n my-ns
Error from server (Forbidden): pods "new-nginx5" is forbidden: exceeded quota: sample-resourcequota, requested: count/pods=1, used: count/pods=5, limited: count/pods=5

[root@master1 resourcequota]# kubectl get po -n my-ns
NAME          READY   STATUS    RESTARTS   AGE
new-nginx     1/1     Running   0          34s
new-nginx1    1/1     Running   0          30s
new-nginx12   1/1     Running   0          26s
new-nginx3    1/1     Running   0          21s
new-nginx4    1/1     Running   0          17s

5๊ฐœ ์ดˆ๊ณผ๋กœ ์ƒ์„ฑ ์•ˆ๋จ.

๐Ÿ“™ pod ์ œํ•œ ์ˆ˜์ •ํ•˜๊ธฐ (8๊ฐœ)

[root@master1 resourcequota]# vi sample-resourcequota.yaml
->์—ฌ๊ธฐ์„œ ์ˆ˜์ •

[root@master1 resourcequota]# kubectl edit resourcequotas sample-resourcequota -n my-ns
-> spec ๋ถ€๋ถ„ ์ˆ˜์ •

๋Š˜๋ฆฐ๋‹ค์Œ์— ์ค„์ธ๋‹ค๊ณ  Pod๊ฐ€ ์‚ญ์ œ๋˜์ง€๋Š” ์•Š์ง€๋งŒ ๋‹ค์‹œ ๋” ์ƒ์„ฑ์€ ์•ˆ๋จ.

๐Ÿ“™ namespace default๋กœ ๋ฐ”๊พธ๊ธฐ

[root@master1 resourcequota]#  kubectl config set-context kubernetes-admin@kubernetes --namespace=my-ns
Context "kubernetes-admin@kubernetes" modified.

[root@master1 resourcequota]# kubectl config get-contexts kubernetes-admin@kubernetes
CURRENT   NAME                          CLUSTER      AUTHINFO           NAMESPACE
*         kubernetes-admin@kubernetes   kubernetes   kubernetes-admin   my-ns

๐Ÿ“™ CPU ๋“ฑ ์šฉ๋Ÿ‰ ์ œํ•œ resourcequota


vi sample-resourcequota-usable.yaml
apiVersion: v1
kind: ResourceQuota
metadata:
  name: sample-resourcequota-usable
spec:
  hard:
    requests.memory: 2Gi
    requests.storage: 5Gi
    sample-storageclass.storageclass.storage.k8s.io/requests.storage: 5Gi
    requests.ephemeral-storage: 5Gi
    requests.nvidia.com/gpu: 2
    limits.cpu: 4
    limits.ephemeral-storage: 10Gi
    limits.nvidia.com/gpu: 4
    
 [root@master1 resourcequota]# kubectl get resourcequotas
NAME                          AGE   REQUEST                                                                                                                                                                                     LIMIT
sample-resourcequota          15m   count/pods: 8/8                                                                                                                     
sample-resourcequota-usable   50s   requests.ephemeral-storage: 0/5Gi, requests.memory: 0/2Gi, requests.nvidia.com/gpu: 0/2, requests.storage: 0/5Gi, sample-storageclass.storageclass.storage.k8s.io/requests.storage: 0/5Gi   limits.cpu: 0/4, limits.ephemeral-storage: 0/10Gi, limits.nvidia.com/gpu: 0/4

๐Ÿ“™ pod ์ƒ์„ฑ

โœ”๏ธ ์ž์› ํ• ๋‹น์„ ๋„ฃ์ง€ ์•Š์€ ๊ฒฝ์šฐ -> error


vi sample-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    
[root@master1 resourcequota]# kubectl apply -f sample-pod.yaml
Error from server (Forbidden): error when creating "sample-pod.yaml": pods "sample-pod" is forbidden: failed quota: sample-resourcequota-usable: must specify limits.cpu,requests.memory

โœ”๏ธ ์ž์› ํ• ๋‹น์„ ๋„ฃ์€ ๊ฒฝ์šฐ

vi sample-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        memory: "64Mi"
        cpu: "50m"
      limits:
        memory: "128Mi"
        cpu: "100m" #1000milicore ; 1core

1์ฝ”์–ด๋ฅผ 5%~10% ์‚ฌ์šฉํ•˜๊ฒ ๋‹ค. 50m;5%
๋ฉ”๋ชจ๋ฆฌ๋ฅผ 64~128m ์‚ฌ์šฉํ•˜๊ฒ ๋‹ค.

[root@master1 resourcequota]# kubectl apply -f sample-pod.yaml
Error from server (Forbidden): error when creating "sample-pod.yaml": pods "sample-pod" is forbidden: exceeded quota: sample-resourcequota, requested: count/pods=1, used: count/pods=5, limited: count/pods=5


[root@master1 resourcequota]# kubectl edit resourcequotas sample-resourcequota
resourcequota/sample-resourcequota edited
-> spec "10"์œผ๋กœ.

[root@master1 resourcequota]# kubectl apply -f sample-pod.yaml
pod/sample-pod created
->์ƒ์„ฑ ์„ฑ๊ณต.

->์ž์›ํ• ๋‹น์—์„œ ์ œํ•œ์€ ์—†์ง€๋งŒ pod์ œํ•œ์—์„œ ๊ฑธ๋ฆผ. Pod ์ œํ•œ ์ˆ˜์ •ํ•˜๊ณ  pod ์ƒ์„ฑ ์™„๋ฃŒ.

๐Ÿ“™ memory requests ์ดˆ๊ณผํ•ด์„œ ์ƒ์„ฑํ•ด๋ณด๊ธฐ(pod)

[root@master1 resourcequota]# kubectl delete pod sample-pod

[root@master1 resourcequota]# vi sample-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        memory: "3Gi"
        cpu: "50m"
      limits:
        memory: "6Gi"
        cpu: "100m"
        
[root@master1 resourcequota]# kubectl apply -f sample-pod.yaml
Error from server (Forbidden): error when creating "sample-pod.yaml": pods "sample-pod" is forbidden: exceeded quota: sample-resourcequota-usable, requested: requests.memory=3Gi, used: requests.memory=0, limited: requests.memory=2Gi

->memory์ œํ•œ์œผ๋กœ ์ธํ•ด ์ƒ์„ฑ ์•ˆ๋จ.

[root@master1 resourcequota]# vi sample-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        memory: "2Gi"
        cpu: "50m"
      limits:
        memory: "6Gi"
        cpu: "100m"
[root@master1 resourcequota]# kubectl apply -f sample-pod.yaml
pod/sample-pod created

->2g๋กœ ํ•˜๋ฉด ๋ฌด๋‚œํžˆ ์ƒ์„ฑ

[root@master1 resourcequota]# vi sample-pod.yaml
[root@master1 resourcequota]# kubectl apply -f sample-pod.yaml
The Pod "sample-pod" is invalid: spec: Forbidden: pod updates may not change fields other than `spec.containers[*].image`, `spec.initContainers[*].image`, `spec.activeDeadlineSeconds` or `spec.tolerations` (only additions to existing tolerations)

->์ค‘๊ฐ„์— ๋ฉ”๋ชจ๋ฆฌ ๋ฐ”๊พผ๊ฒŒ ์ ์šฉ๋˜์ง€๋Š” ์•Š์Œ (์ˆ˜์ • ๋ถˆ๊ฐ€), ์ง€์šฐ๊ณ  ๋‹ค์‹œ ์ƒ์„ฑ๋งŒ ๊ฐ€๋Šฅ.

๐Ÿ“™ CPU์ดˆ๊ณผ

[root@master1 resourcequota]# kubectl delete pod sample-pod
pod "sample-pod" deleted

[root@master1 resourcequota]# vi sample-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        memory: "1Gi"
        cpu: "4050m"
      limits:
        memory: "6Gi"
        cpu: "4100m"
        
[root@master1 resourcequota]# kubectl apply -f sample-pod.yaml
Error from server (Forbidden): error when creating "sample-pod.yaml": pods "sample-pod" is forbidden: exceeded quota: sample-resourcequota-usable, requested: limits.cpu=4100m, used: limits.cpu=0, limited: limits.cpu=4

[root@master1 resourcequota]# vi sample-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        memory: "64Mi"
        cpu: "3950m"
      limits:
        memory: "128Mi"
        cpu: "4000m"
        
[root@master1 resourcequota]# kubectl apply -f sample-pod.yaml
pod/sample-pod created

[root@master1 resourcequota]# kubectl get pod
NAME         READY   STATUS    RESTARTS   AGE
sample-pod   0/1     Pending   0          6s

๐Ÿ“™ ์‹œ์Šคํ…œ ์ž์›๊ณผ ๋ฆฌ์†Œ์Šค ์ฟผํ„ฐ

root@master1 resourcequota]# kubectl describe node worker2

node๋ฆฌ์†Œ์Šค ๊ฐ์•ˆํ•ด์„œ ์ƒ์„ฑํ•ด์•ผํ•จ.(๋ฆฌ์†Œ์Šค ์ฟผํ„ฐ๋ณด๋‹ค ์‹œ์Šคํ…œ ์ž์›์ด ์šฐ์„ .)
์‹œ์Šคํ…œ ์ž์›๋ณด๋‹คํฌ๊ณ  ๋ฆฌ์†Œ์Šค์ฟผํ„ฐ๋ณด๋‹ค ์ž‘์€ ๊ฒฝ์šฐ pod ์ƒ์„ฑ์ด ๋˜๊ธด ํ•˜์ง€๋งŒ Pending์ƒํƒœ์—์„œ ๋„˜์–ด๊ฐ€์ง€ ์•Š์Œ.

[root@master1 resourcequota]# vi sample-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        memory: "64Mi"
        cpu: "500m"
      limits:
        memory: "128Mi"
        cpu: "1000m"


[root@master1 resourcequota]# kubectl get pod
NAME         READY   STATUS    RESTARTS   AGE
sample-pod   1/1     Running   0          3m26s

๐Ÿ“™ deploy

apiVersion: apps/v1
kind: Deployment
metadata:
  name: sample-resource
spec:
  replicas: 3
  selector:
    matchLabels:
      app: sample-app
  template:
    metadata:
      labels:
        app: sample-app
    spec:
      containers:
      - name: nginx-container
        image: nginx:1.16
        resources:
          requests:
            memory: "64Mi"
            cpu: "50m"
          limits:
            memory: "128Mi"
            cpu: "100m"
            
[root@master1 resourcequota]# kubectl apply -f sample-resource.yaml


๐Ÿ“Œ limitrange

[root@master1 ~]# mkdir limitrange && cd $_


# vi sample-limitrange-container.yaml
apiVersion: v1
kind: LimitRange
metadata:
  name: sample-limitrange-container
  namespace: my-ns
spec:
  limits: # ์ตœ๋Œ€ 2๊ฐœ ํŒŒ๋“œ ์ƒ์„ฑ, 1๊ฐœ ๋”ํ•˜๋ฉด ์ƒ์„ฑ ์•ˆ๋จ.
  - type: Container # ์ปจํ…Œ์ด๋„ˆ์— ๋Œ€ํ•œ
    default: # ๊ธฐ๋ณธ ์ตœ๋Œ€  Limits, ์ •ํ•œ ๋ฆฌ์†Œ์Šค๊ฐ€ ๋ถ€์กฑํ•˜๋ฉด ์ปจํ…Œ์ด๋„ˆ๊ฐ€ ์ƒ์„ฑ๋˜์ง€ ์•Š๋Š”๋‹ค.
      memory: 512Mi
      cpu: 500m
    defaultRequest: # ์ง€๊ธˆ ์ปจํ…Œ์ด๋„ˆ์— ์…‹ํŒ…ํ•  ๊ฐ’. ์ง์ ‘ ์ •ํ•˜์ง€ ์•Š์€ ๊ฒฝ์šฐ ์ตœ์†Œ ์šฉ๋Ÿ‰, ์ตœ์†Œ ํ™•๋ณด ์šฉ๋Ÿ‰.
      memory: 256Mi
      cpu: 250m
    max: # ์ง์ ‘ ์„ค์ •ํ•  ๊ฒฝ์šฐ ๊ฐ’
      memory: 1024Mi
      cpu: 1000m
    min:
      memory: 128Mi
      cpu: 125m
    maxLimitRequestRatio: # Requests์™€ Limit์˜ ์ฐจ์ด ํ—ˆ์šฉ ๋น„์œจ 2๋ฐฐ, ์˜ค๋ฒ„ ์ปค๋ฐ‹์„ ํ”ผํ•  ์ˆ˜ ์žˆ๋‹ค.
      memory: 2
      cpu: 2
      
      
[root@master1 limitrange]# kubectl apply -f sample-limitrange-container.yaml
limitrange/sample-limitrange-container created

[root@master1 limitrange]# kubectl describe limitranges sample-limitrange-container

 
[root@master1 limitrange]# vi sample-pod-limit.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod-limitrange
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    
[root@master1 limitrange]# kubectl apply -f sample-pod-limit.yaml
pod/sample-pod-limitrange created
[root@master1 limitrange]# kubectl get pod -o wide

-> ๋ฆฌ์†Œ์Šค์ฟผํ„ฐ์™€ ๋ฆฌ๋ฐ‹๋ ˆ์ธ์ง€ ๊ฐ™์ด ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ๋‹ค. => ์ปจํ…Œ์ด๋„ˆ ๋ถ€๋ถ„์— ๊ตณ์ด ์ž์› ํ• ๋‹นํ•˜์ง€ ์•Š์•„๋„ ๋ฆฌ๋ฐ‹๋ ˆ์ธ์ง€์— ์ž˜ ์…‹ํŒ… ํ•ด๋†“์œผ๋ฉด ๋งค๋ฒˆ ๋งŒ๋“ค๋•Œ๋งˆ๋‹ค ์ปจํ…Œ์ด๋„ˆ ์ชฝ์— ์ž์› ์ ์–ด์ค„ ํ•„์š” ์—†๋‹ค.

[root@master1 limitrange]# kubectl describe pod sample-pod-limitrange

๐Ÿ“™๋ฆฌ๋ฐ‹๋ ˆ์ธ์ง€(์ตœ์†Œ)๋ณด๋‹ค ์ž‘์€ ์šฉ๋Ÿ‰์˜ pod ์ƒ์„ฑ

[root@master1 limitrange]# vi sample-pod-overrequest.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod-overrequest
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        cpu: 100m
      limits:
        cpu: 100m

[root@master1 limitrange]# kubectl apply -f sample-pod-overrequest.yaml
Error from server (BadRequest): error when creating "sample-pod-overrequest.yaml": Pod in version "v1" cannot be handled as a Pod: v1.Pod.Spec: v1.
        

-> ์ƒ์„ฑ ์•ˆ๋จ.

[root@master1 limitrange]# vi sample-pod-overrequest.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod-overrequest
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        cpu: 125m
      limits:
        cpu: 125m
        
[root@master1 limitrange]# kubectl apply -f sample-pod-overrequest.yaml
pod/sample-pod-overrequest created

-> ๋ฆฌ๋ฐ‹๋ ˆ์ธ์ง€์— ๋งž๊ฒŒ ํ•ด์ฃผ๋‹ˆ ์ƒ์„ฑ ์™„๋ฃŒ.

๐Ÿ“™ limitrange์˜ overatio ์ดˆ๊ณผํ•ด๋ณด๊ธฐ

CPU ๋ฆฌํ€˜์ŠคํŠธ์™€ ๋ฆฌ๋ฐ‹ ์ฐจ์ด 2๋ฐฐ ์ด์ƒ

[root@master1 limitrange]# vi sample-pod-overratio.yaml
apiVersion: v1
kind: Pod
metadata:
 name: sample-pod-overratio
spec:
 containers:
 - name: nginx-container
   image: nginx:1.16
   resources:
     requests:
       cpu: 125m
     limits:
       cpu: 500m
       
[root@master1 limitrange]# kubectl apply -f sample-pod-overratio.yaml
Error from server (Forbidden): error when creating "sample-pod-overratio.yaml": pods "sample-pod-overratio" is forbidden: cpu max limit to request ratio per Container is 2, but provided ratio is 4.000000

-> ์ƒ์„ฑ ์•ˆ๋จ .

[root@master1 limitrange]# vi sample-pod-overratio.yaml
apiVersion: v1
kind: Pod
metadata:
  name: sample-pod-overratio
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        cpu: 250m
      limits:
        cpu: 500m
        
[root@master1 limitrange]# kubectl apply -f sample-pod-overratio.yaml
pod/sample-pod-overratio created

[root@master1 limitrange]# kubectl get po -o wide
NAME                               READY   STATUS    RESTARTS   AGE    IP            NODE      NOMINATED NODE   READINESS GATES
new-pod                            1/1     Running   0          45m    10.244.1.22   worker1   <none>           <none>
sample-pod                         1/1     Running   0          55m    10.244.2.20   worker2   <none>           <none>
sample-pod-limitrange              1/1     Running   0          15m    10.244.1.23   worker1   <none>           <none>
sample-pod-overratio               0/1     Pending   0          71s    <none>        <none>    <none>           <none>

-> ๋ฆฌ๋ฐ‹๋ ˆ์ธ์ง€์— ๋งž๊ฒŒ ํ•ด์ฃผ๋‹ˆ ์ƒ์„ฑ ์™„๋ฃŒ. ํ•˜์ง€๋งŒ ํŽœ๋”ฉ๊ฑธ๋ฆผ.

apiVersion: v1
kind: Pod
metadata:
  name: sample-pod-overratio
spec:
  containers:
  - name: nginx-container
    image: nginx:1.16
    resources:
      requests:
        cpu: 125m
      limits:
        cpu: 250m


[root@master1 limitrange]# kubectl apply -f sample-pod-overratio.yaml
pod/sample-pod-overratio created
[root@master1 limitrange]# kubectl get po -o wide
NAME                               READY   STATUS    RESTARTS   AGE     IP            NODE      NOMINATED NODE   READINESS GATES
new-pod                            1/1     Running   0          47m     10.244.1.22   worker1   <none>           <none>
sample-pod                         1/1     Running   0          57m     10.244.2.20   worker2   <none>           <none>
sample-pod-limitrange              1/1     Running   0          17m     10.244.1.23   worker1   <none>           <none>
sample-pod-overratio               1/1     Running   0          4s      10.244.2.23   worker2   <none>           <none>

-> cpu์ค„์—ฌ์„œ ์™„๋ฃŒ!

๐Ÿ“Œ schedule

[root@master1 limitrange]# kubectl delete pod,deploy --all

[root@master1 ~]# mkdir schedule && cd $_

๐Ÿ“™ํŒŒ๋“œ ์Šค์ผ€์ค„(์ž๋™ ๋ฐฐ์น˜)

# vi pod-schedule.yaml
apiVersion: v1
kind: Pod
metadata:
  name: pod-schedule-metadata
  labels:
    app: pod-schedule-labels
spec:
  containers:
  - name: pod-schedule-containers
    image: nginx
    ports:
    - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: pod-schedule-service
spec:
  type: NodePort
  selector:
    app: pod-schedule-labels
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

[root@master1 schedule]# kubectl apply -f pod-schedule.yaml
pod/pod-schedule-metadata created
service/pod-schedule-service create


[root@master1 schedule]# kubectl get all
NAME                        READY   STATUS    RESTARTS   AGE
pod/pod-schedule-metadata   1/1     Running   0          29s

NAME                           TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
service/pod-schedule-service   NodePort   10.108.76.214   <none>        80:30953


[root@master1 schedule]# curl 10.108.76.214
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>

๐Ÿ“™ ํŒŒ๋“œ ๋…ธ๋“œ๋„ค์ž„(์ˆ˜๋™ ๋ฐฐ์น˜- ๋…ธ๋“œ ์ง€์ •ํ•ด์„œ ๋ฐฐ์น˜)

# vi pod-nodename.yaml
apiVersion: v1
kind: Pod
metadata:
  name: pod-nodename-metadata
  labels:
    app: pod-nodename-labels
spec:
  containers:
  - name: pod-nodename-containers
    image: nginx
    ports:
    - containerPort: 80
  nodeName: worker2
---
apiVersion: v1
kind: Service
metadata:
  name: pod-nodename-service
spec:
  type: NodePort
  selector:
    app: pod-nodename-labels
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80

[root@master1 schedule]# kubectl get pod -o wide
NAME                    READY   STATUS    RESTARTS   AGE   IP            NODE      NOMINATED NODE   READINESS GATES
ad-hoc1                 1/1     Running   0          13m   10.244.1.25   worker1   <none>           <none>
pod-nodename-metadata   1/1     Running   0          32s   10.244.2.25   worker2   <none>           <none>
pod-schedule-metadata   1/1     Running   0          17m   10.244.2.24   worker2   <none>           <none>

๐Ÿ“™ ๋…ธ๋“œ ์…€๋ ‰ํ„ฐ(์ˆ˜๋™ ๋ฐฐ์น˜)

# kubectl label nodes worker1 tier=dev
# kubectl get nodes --show-labels

# vi pod-nodeselector.yaml
apiVersion: v1
kind: Pod
metadata:
  name: pod-nodeselector-metadata
  labels:
    app: pod-nodeselector-labels
spec:
  containers:
  - name: pod-nodeselector-containers
    image: nginx
    ports:
    - containerPort: 80
  nodeSelector:
    tier: dev
---
apiVersion: v1
kind: Service
metadata:
  name: pod-nodeselector-service
spec:
  type: NodePort
  selector:
    app: pod-nodeselector-labels
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
    
# kubectl label nodes worker1 tier-
# kubectl get nodes --show-labels

[root@master1 schedule]# kubectl label node worker1 tier-
-> ๋ผ๋ฒจ์ง€์šฐ๊ธฐ

[root@master1 schedule]# kubectl get nodes --show-labels

๐Ÿ“™ taint - ํ•ด๋‹น ๋…ธ๋“œ์— ์Šค์ผ€์ฅด๋ง ๋ฐฉ์ง€

# kubectl taint node worker1 tier=dev:NoSchedule
# kubectl describe nodes worker1

->ํ•˜๋‹ค๊ฐ€ ์ˆ˜์—… ๋!

๐Ÿ“™โœ”๏ธโœ๏ธ๐Ÿ“ขโญ๏ธ๐Ÿ“Œ

๐Ÿ“Œ ๊ธฐํƒ€

โญ๏ธ kubernetes ์ด๋ฏธ์ง€ pull์˜ค๋ฅ˜ ํ•ด๊ฒฐ

# kubectl create secret generic mj030kk --from-file=.dockerconfigjson=/root/.docker/config.json --type=kubernetes.io/dockerconfigjson

# kubectl patch -n default serviceaccount/default -p '{"imagePullSecrets":[{"name": "mj030kk"}]}'

# kubectl describe serviceaccount default -n default

docker๋กœ๊ทธ์ธ์— ์ด์–ด์„œ ์ฟ ๋ฒ„๋„คํ‹ฐ์Šค์—์„œ๋„ ํ•ด์ฃผ์–ด์•ผ ํ•จ.

namespace๋”ฐ๋ผ๊ฐ€๋ฏ€๋กœ namespace ๋ฐ”๋€Œ๋ฉด ๋ฐ”๋€ namespace ๋„ฃ์–ด์„œ๋„ ์ง„ํ–‰ํ•ด์ฃผ์–ด์•ผ ํ•จ.

# kubectl patch -n my-ns serviceaccount/default -p '{"imagePullSecrets":[{"name": "mj030kk"}]}'

โญ๏ธ ๋ช…๋ น์–ด watch

[root@master1 configmap]# watch kubectl get all

์ƒํƒœํ™•์ธ ์—…๋ฐ์ดํŠธ ํ•˜๋ฉด์„œ ๋ณผ ์ˆ˜ ์žˆ๊ฒŒ ํ•ด์คŒ.

profile
๊พธ์ค€ํžˆ, ์ฐจ๊ทผ์ฐจ๊ทผ

0๊ฐœ์˜ ๋Œ“๊ธ€