[3-1] Rocky Linux 버전 확인
[root@k8s-master ~]# cat /etc/*-release
Rocky Linux release 8.8 (Green Obsidian)[3-2] Hostname 확인
[root@k8s-master ~]# hostname
k8s-master
[3-3], [3-4] Network 확인
[root@k8s-master ~]# ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:fc:e9:96 brd ff:ff:ff:ff:ff:ff
altname enp0s3
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute eth0
valid_lft 29472sec preferred_lft 29472sec
inet6 fd00::a00:27ff:fefc:e996/64 scope global dynamic mngtmpaddr
valid_lft 85890sec preferred_lft 13890sec
inet6 fe80::a00:27ff:fefc:e996/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:7b:05:20 brd ff:ff:ff:ff:ff:ff
altname enp0s8
inet 192.168.56.30/24 brd 192.168.56.255 scope global noprefixroute eth1
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe7b:520/64 scope link
valid_lft forever preferred_lft forever[3-5] 자원(cpu, memory) 확인
[root@k8s-master ~]# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 4
[root@k8s-master ~]# free -h
total used free shared buff/cache available
Mem: 5.8Gi 3.5Gi 186Mi 37Mi 2.1Gi 2.0Gi
Swap: 0B 0B 0B[4] Rocky Linux 기본 설정
[root@k8s-master ~]# timedatectl
Local time: Sun 2025-06-01 17:02:52 KST
Universal time: Sun 2025-06-01 08:02:52 UTC
RTC time: Sun 2025-06-01 08:02:54
Time zone: Asia/Seoul (KST, +0900)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no[5] kubeadm 설치 전 사전작업
방화벽 해제 확인
[root@k8s-master ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
스왑(swap) 비활성화 확인
>[root@k8s-master ~]# free
total used free shared buff/cache available
Mem: 6061208 3714604 170328 38732 2176276 2012624
Swap: 0 0 0
[root@k8s-master ~]# cat /etc/fstab | grep swap
#/swapfile none swap defaults 0 0[6] 컨테이너 런타임 설치
[6-1] 컨테이너 런타임 설치 전 사전작업
[root@k8s-master ~]# cat /etc/modules-load.d/k8s.conf
overlay
br_netfilter
[root@k8s-master ~]# cat /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
[root@k8s-master ~]# lsmod | grep overlay
overlay 139264 64
[root@k8s-master ~]# lsmod | grep br_netfilter
br_netfilter 24576 0
bridge 290816 1 br_netfilter[6-2] 컨테이너 런타임 (containerd 설치)
[6-2-1] containerd 패키지 설치 (option2)
[6-2-1-1] docker engine (containerd.io)만 설치
[root@k8s-master ~]# yum repolist enabled
repo id repo name
appstream Rocky Linux 8 - AppStream
baseos Rocky Linux 8 - BaseOS
docker-ce-stable Docker CE Stable - x86_64
extras Rocky Linux 8 - Extras
kubernetes Kubernetes
[root@k8s-master ~]# systemctl status containerd
● containerd.service - containerd container runtime
Loaded: loaded (/usr/lib/systemd/system/containerd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2025-05-29 20:23:13 KST; 2 days ago[6-3] 컨테이너 런타임 (CRI활성화)
[root@k8s-master ~]# cat /etc/containerd/config.toml
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
BinaryName = ""
CriuImagePath = ""
CriuPath = ""
CriuWorkPath = ""
IoGid = 0
IoUid = 0
NoNewKeyring = false
NoPivotRoot = false
Root = ""
ShimCgroup = ""
SystemdCgroup = true
[root@k8s-master ~]# kubectl get -n kube-system cm kubelet-config -o yaml
apiVersion: v1
data:
kubelet: |
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cgroupDriver: systemd
[root@k8s-master ~]# cat /var/lib/kubelet/config.yaml
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
enabled: true
x509:
clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cgroupDriver: systemd[7] kubeadm 설치
[root@k8s-master ~]# cat /etc/selinux/config
SELINUX=permissive
[root@k8s-master ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
[root@k8s-master ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"27", GitVersion:"v1.27.2", GitCommit:"7f6f68fdabc4df88cfea2dcf9a19b2b830f1e647", GitTreeState:"clean", BuildDate:"2023-05-17T14:18:49Z", GoVersion:"go1.20.4", Compiler:"gc", Platform:"linux/amd64"}
[root@k8s-master ~]# kubectl version
WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short. Use --output=yaml|json to get the full version.
Client Version: version.Info{Major:"1", Minor:"27", GitVersion:"v1.27.2", GitCommit:"7f6f68fdabc4df88cfea2dcf9a19b2b830f1e647", GitTreeState:"clean", BuildDate:"2023-05-17T14:20:07Z", GoVersion:"go1.20.4", Compiler:"gc", Platform:"linux/amd64"}
Kustomize Version: v5.0.1
Server Version: version.Info{Major:"1", Minor:"27", GitVersion:"v1.27.16", GitCommit:"cbb86e0d7f4a049666fac0551e8b02ef3d6c3d9a", GitTreeState:"clean", BuildDate:"2024-07-17T01:44:26Z", GoVersion:"go1.22.5", Compiler:"gc", Platform:"linux/amd64"}
[root@k8s-master ~]# systemctl status kubelet
● kubelet.service - kubelet: The Kubernetes Node Agent
Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/kubelet.service.d
└─10-kubeadm.conf
Active: active (running) since Thu 2025-05-29 20:26:19 KST; 2 days ago[8] kubeadm으로 클러스터 생성
[8-1] 클러스터 초기화 (Pod Network 세팅)
[root@k8s-master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane 2d21h v1.27.2
[root@k8s-master ~]# kubectl cluster-info dump | grep -m 1 cluster-cidr
"--cluster-cidr=20.96.0.0/16",
[root@k8s-master ~]# kubectl cluster-info
Kubernetes control plane is running at https://192.168.56.30:6443
CoreDNS is running at https://192.168.56.30:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
[root@k8s-master ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-5d78c9869d-gsqwl 1/1 Running 0 2d21h
coredns-5d78c9869d-zpvlh 1/1 Running 0 2d21h
etcd-k8s-master 1/1 Running 0 2d21h
kube-apiserver-k8s-master 1/1 Running 0 2d21h
kube-controller-manager-k8s-master 1/1 Running 2 (3h49m ago) 2d21h
kube-proxy-w5qsc 1/1 Running 0 2d21h
kube-scheduler-k8s-master 1/1 Running 2 (3h49m ago) 2d21h
metrics-server-7db4fb59f9-k6dhh 1/1 Running 0 2d21h[8-2] kubectl 사용 설정
[root@k8s-master ~]# cat ~/.kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvakNDQWVhZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERX dwcmRXSmwKY201bGRHVnpNQjRYRFRJMU1EVXlPVEV4TWpVME1sb1hEVE0xTURVeU56RXhNalUwTWxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05B UUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBT1I3Ckt5L2RDbHdFRWRRTUNoSzFCbUYxWk96eEkySVBaZ25tOCtTZnAxUU9YYks1eFNHZkh0YVpEejRJcFhVNEtEVlMKV2FXZVA0bS9rejAxNWFqVm xGbkpqTkJqaUxKUTFkQ0FOYXVCbmtRR1NoS3FnK1NBdk9heUlpeE9NbWthYjZJNwpxYTk2SHZlc1ZtRDB2SUpva3d6S2VZa01pcW9LYVhRaUI4Q09hVUp6Nk5Edmlaa2ZZN0dzS29Md3pveTFG TXRSClA4bmNQR0tYQS96bnRxRi90ZUY0VEFyRGRkeFNXdGozR01Ra2JQZFdzN29DZlFySFNManBTZWtvd3loRVZSZGwKOGdNTTlzZ1FRY2JVTUtGUXQ5V1FmQVp3YWd4ZklJUHN6YXdsZjAvdX FmdzlTUy9UeXFESXhub3JuQ2NabGdLVQpxTTJFVXNBR09sa09BMk1FY3BFQ0F3RUFBYU5aTUZjd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBP QkJZRUZBdUFXS044eis3ekpjUUQyeWNTTkhlcG1FUnlNQlVHQTFVZEVRUU8KTUF5Q0NtdDFZbVZ5Ym1WMFpYTXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBR3VxVjhuUmE3N0V2ZDBxOGJmWA pQTit5SWFzMTQ4ejcxOGE2VFhuR1FPb0Y3bjV2K3BiaGFtNjluWHhIc05lblZqMnZyUUxZV3RGRno5MGhmUVFQCjgyUmd4UDdaaEpqaDdsNjN6bWdLWHpJTUNQL1gxWWhZYnNqVElTbWN3K0hw U2oreEgwQ3RDRVoyMFZvMGlqTjEKMU9vbGtsMWo1YjZ0ZjFJeWtEMGRQdGZLaDI3TTl6L3dxT0wreGM2dnZWVlZnWnVheHJ5VzJTckx5MTh4M2t0OApHaWNyaXd4SnAyUGt2TXpWWHNlSnZ4V2 wra00vU0toSVErYVJrMVpkSmZPVCswRWRvam9mSTI1ZjV4dXVLN1pOCm52SEtZbS9pSGhkMXdUNllIbWFQMEI5R1JyQ0Z4SjhJSEpyRjJ3OUJzaklGQXZ0R28vcHd0cnl0azd5UHQyOWYKQkFv PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.56.30:6443[8-3] CNI Plugin 설치 (calico)
[root@k8s-master ~]# kubectl get -n calico-system pod
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-7dd9f6cf54-bb4s9 1/1 Running 0 6h7m
calico-node-n2znw 1/1 Running 0 6h7m
calico-typha-76dc5478dc-jg42m 1/1 Running 0 2d21h
csi-node-driver-tw549 2/2 Running 0 2d21h
[root@k8s-master ~]# kubectl get -n calico-apiserver pod
NAME READY STATUS RESTARTS AGE
calico-apiserver-587465b696-bdgzr 1/1 Running 0 2d21h
calico-apiserver-587465b696-qj7jd 1/1 Running 0 2d21h
[root@k8s-master ~]# kubectl get installations.operator.tigera.io default -o yaml | grep cidr
cidr: 20.96.0.0/16
cidr: 20.96.0.0/16
[8-4] Master에 pod를 생성 할 수 있도록 설정
[root@k8s-master ~]# kubectl describe nodes | grep Taints
Taints: <none>
[9] 쿠버네티스 편의 기능 설치
[9-1] kubectl 자동완성 기능
[root@k8s-master ~]# cat ~/.bashrc
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
source <(kubectl completion bash)
alias k=kubectl
complete -o default -F __start_kubectl k
[9-2] Dashboard 설치
[root@k8s-master ~]# kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-5cb4f4bb9c-p7bvd 1/1 Running 0 2d21h
kubernetes-dashboard-6bc7c98694-bxfjq 1/1 Running 1 (3h56m ago) 2d21h
[9-3] Metrics Server 설치
[root@k8s-master ~]# kubectl get pod -n kube-system | grep metrics
metrics-server-7db4fb59f9-k6dhh 1/1 Running 0 2d21h
[root@k8s-master ~]# kubectl top pod -A
NAMESPACE NAME CPU(cores) MEMORY(bytes)
anotherclass-123 api-tester-1231-755676484f-d7xtp 7m 122Mi
anotherclass-123 api-tester-1231-755676484f-tbk6w 5m 119Mi
calico-apiserver calico-apiserver-587465b696-bdgzr 13m 34Mi
calico-apiserver calico-apiserver-587465b696-qj7jd 29m 47Mi
calico-system calico-kube-controllers-7dd9f6cf54-bb4s9 37m 23Mi
calico-system calico-node-n2znw 152m 134Mi
calico-system calico-typha-76dc5478dc-jg42m 11m 36Mi
calico-system csi-node-driver-tw549 0m 24Mi
default app-1-2-2-1-d65fb94cb-sgmkm 4m 120Mi
default app-1-2-2-1-d65fb94cb-xgh6q 2m 118Mi
kube-system coredns-5d78c9869d-gsqwl 4m 32Mi
kube-system coredns-5d78c9869d-zpvlh 9m 35Mi
kube-system etcd-k8s-master 188m 103Mi
kube-system kube-apiserver-k8s-master 328m 800Mi
kube-system kube-controller-manager-k8s-master 118m 90Mi
kube-system kube-proxy-w5qsc 2m 22Mi
kube-system kube-scheduler-k8s-master 17m 25Mi
kube-system metrics-server-7db4fb59f9-k6dhh 13m 38Mi
kubernetes-dashboard dashboard-metrics-scraper-5cb4f4bb9c-p7bvd 1m 31Mi
kubernetes-dashboard kubernetes-dashboard-6bc7c98694-bxfjq 1m 24Mi
loki-stack loki-stack-0 12m 63Mi
loki-stack loki-stack-promtail-2rds4 99m 75Mi
monitoring grafana-646b5d5dd8-xth85 27m 101Mi
monitoring kube-state-metrics-86c66b4fcd-j4msz 4m 76Mi
monitoring node-exporter-tn7db 8m 39Mi
monitoring prometheus-adapter-648959cd84-hxxzf 25m 39Mi
monitoring prometheus-k8s-0 35m 434Mi
monitoring prometheus-operator-7ff88bdb95-vg9r7 3m 71Mi
tigera-operator tigera-operator-84cf9b6dbb-zscwr 18m 47Mi
