| Table of Contents |
|---|
A. root 패스워드 설정
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[sooabia@k8s-master ~]$ sudo passwd
Changing password for user root.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[sooabia@k8s-master ~]$ su -
passwd :
[root@k8s-master ~]# |
B. 방화벽 해제
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# systemctl stop firewalld
[root@k8s-master ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@k8s-master ~]# |
C. OS 업데이트
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# yum -y update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 12 kB 00:00:00
* base: mirror.hostduplex.com
* epel: mirror.steadfastnet.com
* extras: mirror.fileplanet.com
* updates: mirror.fileplanet.com
base | 3.6 kB 00:00:00
epel | 3.2 kB 00:00:00
extras | 3.4 kB 00:00:00
google-cloud-compute/signature | 454 B 00:00:00
google-cloud-compute/signature | 1.8 kB 00:00:00 !!!
google-cloud-sdk/signature | 454 B 00:00:00
google-cloud-sdk/signature | 1.4 kB 00:00:00 !!!
updates | 3.4 kB 00:00:00
(1/10): epel/x86_64/group_gz | 88 kB 00:00:00
(2/10): epel/x86_64/updateinfo | 951 kB 00:00:00
(3/10): base/7/x86_64/group_gz | 166 kB 00:00:00
(4/10): epel/x86_64/primary | 3.6 MB 00:00:00
(5/10): extras/7/x86_64/primary_db | 204 kB 00:00:00
(6/10): google-cloud-compute/updateinfo | 1.2 kB 00:00:00
(7/10): google-cloud-sdk/primary | 54 kB 00:00:00
(8/10): google-cloud-compute/primary | 3.8 kB 00:00:00
(9/10): base/7/x86_64/primary_db | 5.9 MB 00:00:01
(10/10): updates/7/x86_64/primary_db | 6.0 MB 00:00:00
epel 12733/12733
google-cloud-compute 11/11
google-cloud-sdk 341/341
No packages marked for update
[root@k8s-master ~]# |
D. hosts 설정
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# vi /etc/hosts
[root@k8s-master ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.128.0.2 k8s-master.us-central1-c.c.myk8s-219201.internal k8s-master # Added by Google
10.128.0.3 k8s-node-1
10.128.0.4 k8s-node-2
169.254.169.254 metadata.google.internal # Added by Google
[root@k8s-master ~]# |
E. Docker 17.03 설치
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# curl https://releases.rancher.com/install-docker/17.03.sh | sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 15249 100 15249 0 0 32628 0 --:--:-- --:--:-- --:--:-- 32723
+ '[' centos = redhat ']'
+ sh -c 'yum install -y -q yum-utils'
+ sh -c 'yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo'
Loaded plugins: fastestmirror
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
+ '[' stable '!=' stable ']'
+ sh -c 'yum makecache fast'
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 18 kB 00:00:00
* base: mirror.fileplanet.com
* epel: d2lzkl7pfhq30w.cloudfront.net
* extras: mirror.fileplanet.com
* updates: mirrors.sonic.net
base | 3.6 kB 00:00:00
docker-ce-stable | 2.9 kB 00:00:00
epel | 3.2 kB 00:00:00
extras | 3.4 kB 00:00:00
google-cloud-compute/signature | 454 B 00:00:00
google-cloud-compute/signature | 1.8 kB 00:00:00 !!!
google-cloud-sdk/signature | 454 B 00:00:00
google-cloud-sdk/signature | 1.4 kB 00:00:00 !!!
updates | 3.4 kB 00:00:00
docker-ce-stable/x86_64/primary_db | 17 kB 00:00:00
Metadata Cache Created
+ sh -c 'yum install -y -q --setopt=obsoletes=0 docker-ce-17.03.2.ce'
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/docker-ce-selinux-17.03.3.ce-1.el7.noarch.rpm: Header V4
RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Public key for docker-ce-selinux-17.03.3.ce-1.el7.noarch.rpm is not installed
Importing GPG key 0x621E9F35:
Userid : "Docker Release (CE rpm) <docker@docker.com>"
Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
From : https://download.docker.com/linux/centos/gpg
Re-declaration of type docker_t
Failed to create node
Bad type declaration at /etc/selinux/targeted/tmp/modules/400/docker/cil:1
/usr/sbin/semodule: Failed!
restorecon: lstat(/var/lib/docker) failed: No such file or directory
warning: %post(docker-ce-selinux-17.03.3.ce-1.el7.noarch) scriptlet failed, exit status 255
Non-fatal POSTIN scriptlet failure in rpm package docker-ce-selinux-17.03.3.ce-1.el7.noarch
+ '[' -d /run/systemd/system ']'
+ sh -c 'service docker start'
Redirecting to /bin/systemctl start docker.service
+ sh -c 'docker version'
Client:
Version: 17.03.2-ce
API version: 1.27
Go version: go1.7.5
Git commit: f5ec1e2
Built: Tue Jun 27 02:21:36 2017
OS/Arch: linux/amd64
Server:
Version: 17.03.2-ce
API version: 1.27 (minimum version 1.12)
Go version: go1.7.5
Git commit: f5ec1e2
Built: Tue Jun 27 02:21:36 2017
OS/Arch: linux/amd64
Experimental: false
If you would like to use Docker as a non-root user, you should now consider
adding your user to the "docker" group with something like:
sudo usermod -aG docker your-user
Remember that you will have to log out and back in for this to take effect!
WARNING: Adding a user to the "docker" group will grant the ability to run
containers which can be used to obtain root privileges on the
docker host.
Refer to https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
for more information.
[root@k8s-master ~]#
[root@k8s-master ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2018-10-15 01:12:31 UTC; 3min 56s ago
Docs: https://docs.docker.com
Main PID: 1287 (dockerd)
Tasks: 16
Memory: 20.9M
CGroup: /system.slice/docker.service
├─1287 /usr/bin/dockerd
└─1290 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-interval=0 --start-timeout 2m --state-dir /var/run/docker/libcontainerd/containerd -...
Oct 15 01:12:30 k8s-node-1 dockerd[1287]: time="2018-10-15T01:12:30.119275927Z" level=info msg="libcontainerd: new containerd process, pid: 1290"
Oct 15 01:12:31 k8s-node-1 dockerd[1287]: time="2018-10-15T01:12:31.188947120Z" level=info msg="Graph migration to content-addressability took 0.00 seconds"
Oct 15 01:12:31 k8s-node-1 dockerd[1287]: time="2018-10-15T01:12:31.190451809Z" level=info msg="Loading containers: start."
Oct 15 01:12:31 k8s-node-1 dockerd[1287]: time="2018-10-15T01:12:31.216932570Z" level=info msg="Firewalld running: true"
Oct 15 01:12:31 k8s-node-1 dockerd[1287]: time="2018-10-15T01:12:31.423924991Z" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option...d IP address"
Oct 15 01:12:31 k8s-node-1 dockerd[1287]: time="2018-10-15T01:12:31.649819895Z" level=info msg="Loading containers: done."
Oct 15 01:12:31 k8s-node-1 dockerd[1287]: time="2018-10-15T01:12:31.666467212Z" level=info msg="Daemon has completed initialization"
Oct 15 01:12:31 k8s-node-1 dockerd[1287]: time="2018-10-15T01:12:31.666511476Z" level=info msg="Docker daemon" commit=f5ec1e2 graphdriver=overlay version=17.03.2-ce
Oct 15 01:12:31 k8s-node-1 dockerd[1287]: time="2018-10-15T01:12:31.683106722Z" level=info msg="API listen on /var/run/docker.sock"
Oct 15 01:12:31 k8s-node-1 systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
[root@k8s-master ~]# systemctl enable docker.service
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@k8s-master ~]# |
F. Kubernetes Repository설정
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# vi /etc/yum.repos.d/kubernetes.repo
[root@k8s-master ~]# cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
[root@k8s-master ~]# |
G. iptables 사용 설정
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# sysctl net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-iptables = 1 |
H. kubelet kubeadm kubectl 설치
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.fileplanet.com
* epel: d2lzkl7pfhq30w.cloudfront.net
* extras: mirror.fileplanet.com
* updates: mirrors.sonic.net
kubernetes/signature | 454 B 00:00:00
Retrieving key from https://packages.cloud.google.com/yum/doc/yum-key.gpg
Importing GPG key 0xA7317B0F:
Userid : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
From : https://packages.cloud.google.com/yum/doc/yum-key.gpg
Retrieving key from https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
kubernetes/signature | 1.4 kB 00:00:00 !!!
kubernetes/primary | 37 kB 00:00:00
kubernetes 263/263
Resolving Dependencies
--> Running transaction check
---> Package kubeadm.x86_64 0:1.12.1-0 will be installed
--> Processing Dependency: kubernetes-cni >= 0.6.0 for package: kubeadm-1.12.1-0.x86_64
--> Processing Dependency: cri-tools >= 1.11.0 for package: kubeadm-1.12.1-0.x86_64
---> Package kubectl.x86_64 0:1.12.1-0 will be installed
---> Package kubelet.x86_64 0:1.12.1-0 will be installed
--> Processing Dependency: socat for package: kubelet-1.12.1-0.x86_64
--> Running transaction check
---> Package cri-tools.x86_64 0:1.12.0-0 will be installed
===================================================================================================================
Installing:
kubeadm x86_64 1.12.1-0 kubernetes 7.2 M
kubectl x86_64 1.12.1-0 google-cloud-sdk 7.7 M
kubelet x86_64 1.12.1-0 kubernetes 19 M
Installing for dependencies:
cri-tools x86_64 1.12.0-0 kubernetes 4.2 M
kubernetes-cni x86_64 0.6.0-0 kubernetes 8.6 M
socat x86_64 1.7.3.2-2.el7 base 290 k
Transaction Summary
===================================================================================================================
Install 3 Packages (+3 Dependent packages)
Total download size: 47 M
Installed size: 237 M
Downloading packages:
(1/6): 53edc739a0e51a4c17794de26b13ee5df939bd3161b37f503fe2af8980b41a89-cri-tools-1.12.0-0. | 4.2 MB 00:00:00
(2/6): ed7d25314d0fc930c9d0bae114016bf49ee852b3c4f243184630cf2c6cd62d43-kubectl-1.12.1-0.x8 | 7.7 MB 00:00:00
(3/6): 9c31cf74973740c100242b0cfc8d97abe2a95a3c126b1c4391c9f7915bdfd22b-kubeadm-1.12.1-0.x8 | 7.2 MB 00:00:00
(4/6): socat-1.7.3.2-2.el7.x86_64.rpm | 290 kB 00:00:00
(5/6): fe33057ffe95bfae65e2f269e1b05e99308853176e24a4d027bc082b471a07c0-kubernetes-cni-0.6. | 8.6 MB 00:00:00
(6/6): c4ebaa2e1ce38cda719cbe51274c4871b7ccb30371870525a217f6a430e60e3a-kubelet-1.12.1-0.x8 | 19 MB 00:00:01
-------------------------------------------------------------------------------------------------------------------
Total 29 MB/s | 47 MB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : socat-1.7.3.2-2.el7.x86_64 1/6
Installing : kubernetes-cni-0.6.0-0.x86_64 2/6
Installing : kubelet-1.12.1-0.x86_64 3/6
Installing : kubectl-1.12.1-0.x86_64 4/6
Installing : cri-tools-1.12.0-0.x86_64 5/6
Installing : kubeadm-1.12.1-0.x86_64 6/6
Verifying : cri-tools-1.12.0-0.x86_64 1/6
Verifying : kubectl-1.12.1-0.x86_64 2/6
Verifying : kubeadm-1.12.1-0.x86_64 3/6
Verifying : kubelet-1.12.1-0.x86_64 4/6
Verifying : kubernetes-cni-0.6.0-0.x86_64 5/6
Verifying : socat-1.7.3.2-2.el7.x86_64 6/6
Installed:
kubeadm.x86_64 0:1.12.1-0 kubectl.x86_64 0:1.12.1-0 kubelet.x86_64 0:1.12.1-0
Dependency Installed:
cri-tools.x86_64 0:1.12.0-0 kubernetes-cni.x86_64 0:0.6.0-0 socat.x86_64 0:1.7.3.2-2.el7
Complete!
[root@k8s-master ~]# |
I. kubelet.service Enable
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# systemctl status kubelet.service
● kubelet.service - kubelet: The Kubernetes Node Agent
Loaded: loaded (/etc/systemd/system/kubelet.service; disabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/kubelet.service.d
└─10-kubeadm.conf
Active: inactive (dead)
Docs: https://kubernetes.io/docs/
[root@k8s-master ~]#
[root@k8s-master ~]#
[root@k8s-master ~]# systemctl enable kubelet.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /etc/systemd/system/kubelet.service.
[root@k8s-master ~]# |
J. kubeadm init
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# kubeadm init --pod-network-cidr=192.168.0.0/16
[init] using Kubernetes version: v1.12.1
[preflight] running pre-flight checks
[preflight/images] Pulling images required for setting up a Kubernetes cluster
[preflight/images] This might take a minute or two, depending on the speed of your internet connection
[preflight/images] You can also perform this action in beforehand using 'kubeadm config images pull'
[kubelet] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[preflight] Activating the kubelet service
[certificates] Generated etcd/ca certificate and key.
[certificates] Generated etcd/healthcheck-client certificate and key.
[certificates] Generated apiserver-etcd-client certificate and key.
[certificates] Generated etcd/server certificate and key.
[certificates] etcd/server serving cert is signed for DNS names [k8s-master localhost] and IPs [127.0.0.1 ::1]
[certificates] Generated etcd/peer certificate and key.
[certificates] etcd/peer serving cert is signed for DNS names [k8s-master localhost] and IPs [10.128.0.2 127.0.0.1
::1]
[certificates] Generated ca certificate and key.
[certificates] Generated apiserver certificate and key.
[certificates] apiserver serving cert is signed for DNS names [k8s-master kubernetes kubernetes.default kubernetes.
default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.128.0.2]
[certificates] Generated apiserver-kubelet-client certificate and key.
[certificates] Generated front-proxy-ca certificate and key.
[certificates] Generated front-proxy-client certificate and key.
[certificates] valid certificates and keys now exist in "/etc/kubernetes/pki"
[certificates] Generated sa key and public key.
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/controller-manager.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/scheduler.conf"
[controlplane] wrote Static Pod manifest for component kube-apiserver to "/etc/kubernetes/manifests/kube-apiserver.
yaml"
[controlplane] wrote Static Pod manifest for component kube-controller-manager to "/etc/kubernetes/manifests/kube-c
ontroller-manager.yaml"
[controlplane] wrote Static Pod manifest for component kube-scheduler to "/etc/kubernetes/manifests/kube-scheduler.
yaml"
[etcd] Wrote Static Pod manifest for a local etcd instance to "/etc/kubernetes/manifests/etcd.yaml"
[init] waiting for the kubelet to boot up the control plane as Static Pods from directory "/etc/kubernetes/manifest
s"
[init] this might take a minute or longer if the control plane images have to be pulled
[apiclient] All control plane components are healthy after 24.502894 seconds
[uploadconfig] storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.12" in namespace kube-system with the configuration for the kubele
ts in the cluster
[markmaster] Marking the node k8s-master as master by adding the label "node-role.kubernetes.io/master=''"
[markmaster] Marking the node k8s-master as master by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "k8s-master" as
an annotation
[bootstraptoken] using token: dbeb7r.b36tc7x4h2jq6zbc
[bootstraptoken] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long t
erm certificate credentials
[bootstraptoken] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node B
ootstrap Token
[bootstraptoken] configured RBAC rules to allow certificate rotation for all node client certificates in the cluste
r
[bootstraptoken] creating the "cluster-info" ConfigMap in the "kube-public" namespace
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join 10.128.0.2:6443 --token dbeb7r.b36tc7x4h2jq6zbc --discovery-token-ca-cert-hash sha256:b90252612b6e12
790dfe2183408f9ec4b846ad2e92f29a64c1bd5ceb39a2a7ba
[root@k8s-master ~]#
[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@k8s-master ~]#
|
K. overlay networks 설정 (calico)
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
[root@k8s-master ~]# kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
configmap/calico-config created
service/calico-typha created
deployment.apps/calico-typha created
daemonset.extensions/calico-node created
customresourcedefinition.apiextensions.k8s.io/felixconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/bgppeers.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/bgpconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ippools.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/hostendpoints.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/clusterinformations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworkpolicies.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworksets.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/networkpolicies.crd.projectcalico.org created
serviceaccount/calico-node created
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-node-bsfg2 0/2 ContainerCreating 0 9s
kube-system coredns-576cbf47c7-ncdd7 0/1 Pending 0 6m49s
kube-system coredns-576cbf47c7-x5cd8 0/1 Pending 0 6m49s
kube-system etcd-k8s-master 0/1 Pending 0 0s
kube-system kube-proxy-jlb8b 1/1 NodeLost 0 6m49s
kube-system kube-scheduler-k8s-master 0/1 Pending 0 1s
[root@k8s-master ~]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-node-bsfg2 2/2 Running 0 46s
kube-system coredns-576cbf47c7-ncdd7 1/1 Running 0 7m26s
kube-system coredns-576cbf47c7-x5cd8 1/1 Running 0 7m26s
kube-system etcd-k8s-master 1/1 Running 0 15s
kube-system kube-apiserver-k8s-master 1/1 Running 0 11s
kube-system kube-controller-manager-k8s-master 1/1 Running 0 11s
kube-system kube-proxy-jlb8b 1/1 Running 0 7m26s
kube-system kube-scheduler-k8s-master 1/1 Running 0 13s
[root@k8s-master ~]# |
L. Master node 확인
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 15m v1.12.1 |
M. Dashboard 설치
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
[root@k8s-master ~]# export KUBECONFIG=/etc/kubernetes/admin.conf
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
[root@k8s-master ~]#
[root@k8s-master ~]#
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-node-99jlr 2/2 Running 0 10m
kube-system calico-node-gvf2s 2/2 Running 0 11m
kube-system calico-node-jnllq 2/2 Running 0 12m
kube-system coredns-576cbf47c7-56tj8 1/1 Running 0 15m
kube-system coredns-576cbf47c7-rt8zr 1/1 Running 0 15m
kube-system etcd-k8s-master 1/1 Running 0 14m
kube-system kube-apiserver-k8s-master 1/1 Running 0 14m
kube-system kube-controller-manager-k8s-master 1/1 Running 0 14m
kube-system kube-proxy-98xld 1/1 Running 0 11m
kube-system kube-proxy-kcnnv 1/1 Running 0 15m
kube-system kube-proxy-lhcz7 1/1 Running 0 10m
kube-system kube-scheduler-k8s-master 1/1 Running 0 14m
kube-system kubernetes-dashboard-77fd78f978-h75dk 1/1 Running 0 12s
[root@k8s-master ~]#
[root@k8s-master ~]# kubectl proxy
Starting to serve on 127.0.0.1:8001 |
...