[kubernetes] 환경 구성

사용 os : centos8 stream

환경 : host 3 개 (각각 Master01 , Worker01, Worker02)

마스터 노드가 관리노드이고, 워커노드가 실행노드

워커노드를 마스터노드에 참여시키는 방식으로 늘리고 줄이고하며, 마스터노드도 이중화 구성이 가능

 

[sudo 설정] - 공통

echo "k8s ALL=(root) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/k8s

sudo chmod 0440 /etc/sudoers.d/k8s

 

[방화벽 해제 & selinux 해제 ] - 공통

sudo systemctl stop firewalld && sudo systemctl disable firewalld

sudo setenforce 0

sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

 

[swap 해제] - 공통

sudo swapoff -a

sudo sed -i -e '/swap/d' /etc/fstab

 

[dns 설정] - 공통

echo "172.12.2.100 master" >> /etc/hosts

echo "172.12.2.101 worker1" >> /etc/hosts

echo "172.12.2.102 worker2" >> /etc/hosts

 

 

[cri-o 설치] - 공통

https://github.com/cri-o/cri-o/blob/main/install.md#other-yum-based-operating-systems

 

export OS=CentOS_8_Stream

export VERSION=1.28

 

curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/devel:kubic:libcontainers:stable.repo

curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$VERSION/$OS/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo

yum install cri-o

 

[kubernetes 패키지 저장소]

cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo

[kubernetes]

name=Kubernetes

baseurl=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/

enabled=1

gpgcheck=1

gpgkey=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/repodata/repomd.xml.key

exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni

EOF

 

sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

sudo systemctl enable --now kubelet

 

[cri-o 설치]

systemctl daemon-reload

systemctl enable crio --now

 

modprobe overlay

modprobe br_netfilter

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf

overlay

br_netfilter

EOF

 

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-iptables = 1

net.bridge.bridge-nf-call-ip6tables = 1

net.ipv4.ip_forward = 1

EOF

 

sysctl --system

 

cat <<EOF | sudo tee /etc/crio/crio.conf.d/02-cgroup-manager.conf

[crio.runtime]

conmon_cgroup = "pod"

cgroup_manager = "cgroupfs"

EOF

 

 

[마스터 노드]

kubeam init --pod-network-cidr=172.16.0.0/24

 

mkdir -p $HOME/.kube

sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config

 

[워커 노드]

kubeadm join 172.12.2.100:6443 --token e3l7f0.t8pftu2jxab61wnn \

        --discovery-token-ca-cert-hash sha256:d2ac4d62c0a39157b763b46707c93a9ad7d05b29c3bf562790348cf7                              deda304f