ubuntu에 쿠버네티스 설치 & 마스터, 워커 노드 설정

유현민·2022년 10월 8일

ec2 ubuntu

인턴 과제

목록 보기

4/15

1. docker 설치

저장소 설정

sudo apt-get update

sudo apt-get install ca-certificates curl gnupg lsb-release

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

docker 엔진 설치

sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io

docker를 서비스 등록 및 실행
sudo systemctl enable docker
sudo systemctl start docker

Kubernetes 설치

여기에 적힌 포트들을 열어준다.

설치 전 확인(master, node)

swap off
sudo swapoff -a && sudo sed -i '/swap/s/^/#/' /etc/fstab
iptable

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system

kubelet, kubeadm, kubectl 설치(master, node)

sudo apt-get update

sudo apt-get install -y apt-transport-https ca-certificates curl

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt-get update

sudo apt-get install -y kubelet kubeadm kubectl

sudo apt-mark hold kubelet kubeadm kubectl

sudo systemctl daemon-reload

sudo systemctl restart kubelet

Control-plane 구성(master)

sudo kubeadm init
만약 이런 오류가 나면

$ sudo kubeadm init
[init] Using Kubernetes version: v1.24.1
[preflight] Running pre-flight checks
        [WARNING SystemVerification]: missing optional cgroups: blkio
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR CRI]: container runtime is not running: output: E0605 10:35:34.973561   12491 remote_runtime.go:925] "Status from runtime service failed" err="rpc error: code = Unimplemented desc = unknown service runtime.v1alpha2.RuntimeService"
time="2022-06-05T10:35:34+09:00" level=fatal msg="getting status of runtime: rpc error: code = Unimplemented desc = unknown service runtime.v1alpha2.RuntimeService"
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

밑에 명령을 실행.

sudo rm /etc/containerd/config.toml
sudo systemctl restart containerd
sudo kubeadm init

init를 실행하면 토큰이 발생하는데 해당 토큰을 저장해놓는다.

ex)kubeadm join 172.32.172.16:6443 --token ib8ehc.r6swqvagqxb0e7u3 --discovery-token-ca-cert-hash sha256:8d19b4c1a2b0a48bc150f9b4159c163490c73cf47e2bf5d6214ea396aa50300d

모든 사용자가 kube 명령을 사용할 수 있게 하기 위해
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Pod network 애드온 설치(master)

kubectl apply -f https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml

worker node 구성(node)

위에서 저장했던 토큰을 입력

sudo kubeadm join 172.32.76.254:6443 --token 7dry5o.jf95fs3tiivswig1 --discovery-token-ca-cert-hash sha256:00535311ee403fb7362b0037b74e4cede7adbd2fb7a4a958c21eb02fa5d2f1b7