[과제 1]
파드간 통신 시 tcpdump 내용을 확인하고 관련 스샷을 올려주세요
파드1 Shell 에서 파드2로 ping 테스트
(repush:default) [root@kops-ec2 ~]# kubectl exec -it pod-1 -- ping -c 2 $POD2
PING 172.30.66.95 (172.30.66.95) 56(84) bytes of data.
64 bytes from 172.30.66.95: icmp_seq=1 ttl=62 time=1.20 ms
64 bytes from 172.30.66.95: icmp_seq=2 ttl=62 time=1.05 ms
--- 172.30.66.95 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.053/1.127/1.202/0.074 msubuntu@i-059bc7fbed7d21d55:~$ sudo tcpdump -i ens5 -nn icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens5, link-type EN10MB (Ethernet), capture size 262144 bytes
15:25:47.624961 IP 172.30.59.216 > 172.30.66.95: ICMP echo request, id 40255, seq 1, length 64
15:25:47.626032 IP 172.30.66.95 > 172.30.59.216: ICMP echo reply, id 40255, seq 1, length 64
15:25:48.626263 IP 172.30.59.216 > 172.30.66.95: ICMP echo request, id 40255, seq 2, length 64
15:25:48.627257 IP 172.30.66.95 > 172.30.59.216: ICMP echo reply, id 40255, seq 2, length 64ubuntu@i-0e1560047506b700f:~$ sudo tcpdump -i ens5 -nn icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens5, link-type EN10MB (Ethernet), capture size 262144 bytes
15:25:47.614893 IP 172.30.59.216 > 172.30.66.95: ICMP echo request, id 40255, seq 1, length 64
15:25:47.615012 IP 172.30.66.95 > 172.30.59.216: ICMP echo reply, id 40255, seq 1, length 64
15:25:48.616192 IP 172.30.59.216 > 172.30.66.95: ICMP echo request, id 40255, seq 2, length 64
15:25:48.616255 IP 172.30.66.95 > 172.30.59.216: ICMP echo reply, id 40255, seq 2, length 64ubuntu@i-059bc7fbed7d21d55:~$ sudo tcpdump -i ens6 -nn icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens6, link-type EN10MB (Ethernet), capture size 262144 bytesubuntu@i-0e1560047506b700f:~$ sudo tcpdump -i ens6 -nn icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens6, link-type EN10MB (Ethernet), capture size 262144 bytes[과제 2]
워커 노드 1대에 100대이상의 파드가 배포되게 설정하고 관련 스샷을 올려주세요
kubectl get deployment nginx-deployment
watch -n1 kubectl get deployment nginx-deployment
Every 1.0s: kubectl get deployment nginx-deployment Wed Jan 25 21:24:48 2023
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 100/100 100 100 4m5sworker node로 접속해서..
ip -c link
100: enic0e98c16985@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc noqueue state UP mode DEFAULT group default
link/ether a2:54:ec:98:8a:35 brd ff:ff:ff:ff:ff:ff link-netns cni-04437d30-05ff-9ca6-0051-c1cc8cf828ea
101: eni91acadcddde@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc noqueue state UP mode DEFAULT group default
link/ether 56:23:b6:f8:32:5e brd ff:ff:ff:ff:ff:ff link-netns cni-4e4e9eb8-4a95-8b6e-377e-67085ab392a9
102: eni9344f924be6@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc noqueue state UP mode DEFAULT group default
link/ether 0e:8e:4c:7d:7b:0a brd ff:ff:ff:ff:ff:ff link-netns cni-088ea501-c14a-d6a4-56b2-521507110094
103: eni8d16c087ba4@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc noqueue state UP mode DEFAULT group default
link/ether 9a:84:94:2f:a3:32 brd ff:ff:ff:ff:ff:ff link-netns cni-e8257a1c-cff0-5591-1104-7c1d5cd12a66
104: eni4bf25e75d3e@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc noqueue state UP mode DEFAULT group default
link/ether e6:22:37:ad:74:2d brd ff:ff:ff:ff:ff:ff link-netns cni-a14f4b4e-cd2e-75c8-92b3-dc9f83d3e158
105: enib69689b1779@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc noqueue state UP mode DEFAULT group default
link/ether ba:6c:98:e1:13:b9 brd ff:ff:ff:ff:ff:ff link-netns cni-b45b376b-6847-ffdc-4866-f6c11f0d463f
106: enia2d1f57e3b9@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc noqueue state UP mode DEFAULT group default
link/ether c2:00:04:7f:41:5c brd ff:ff:ff:ff:ff:ff link-netns cni-a23c608b-9e4d-64e0-d3ef-544c1459ce1d
ubuntu@i-0a116e88a16a30f56:~$[과제 3]
서비스(NLB)/파드 배포 시 ExternalDNS 설정해서, 각자 자신의 도메인으로 NLB를 통해 애플리케이션(파드)로 접속해보고 관련 스샷을 올려주세요
[과제 4]
아래 활용 기능 중 1개를 선택해서 실습 후 결과 내용을 올려주세요
NLB 에 TLS 적용하기
(repush:N/A) [root@kops-ec2 ~]# curl -s http://websrv.repush.click | grep Hostname
Hostname: deploy-echo-5c4856dfd6-jpfh7
(repush:N/A) [root@kops-ec2 ~]# curl -s -k https://websrv.repush.click | grep Hostname
Hostname: deploy-echo-5c4856dfd6-9245r