일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | |||||
3 | 4 | 5 | 6 | 7 | 8 | 9 |
10 | 11 | 12 | 13 | 14 | 15 | 16 |
17 | 18 | 19 | 20 | 21 | 22 | 23 |
24 | 25 | 26 | 27 | 28 | 29 | 30 |
Tags
- terraform
- cephadm
- pacman
- k8s
- OpenStack
- Ansible
- i3
- Docker
- nfs-provisioner
- awx
- Linux
- kolla
- Arch
- repository
- Kubeflow
- Octavia
- grafana-loki
- archlinux
- Kubernetes
- ceph-ansible
- ceph
- ubuntu
- yum
- HTML
- cloud-init
- KVM
- port open
- kolla-ansible
- golang
- libvirt
Archives
- Today
- Total
YJWANG
kubespray (Ubuntu 20.04) 본문
refer to
Deploy
root@yjwang0-k8s-01:~# apt update
root@yjwang0-k8s-01:~# apt -y install python3-pip
-
root@yjwang0-k8s-01:~# git clone https://github.com/kubernetes-sigs/kubespray.git
root@yjwang0-k8s-01:~# cd kubespray/
-
root@yjwang0-k8s-01:~/kubespray# pip3 install -r requirements.txt
root@yjwang0-k8s-01:~/kubespray# cp -rfp inventory/sample inventory/mycluster
-
root@yjwang0-k8s-01:~/kubespray# ssh-keygen -N "" -f /root/.ssh/id_rsa
inventory 제일 앞에 있는 node의 이름이 각 node의 hostname이됨
# 환경에 맞게 수정
root@yjwang0-k8s-01:~/kubespray# cat inventory/mycluster/inventory.ini
# ## Configure 'ip' variable to bind kubernetes services on a
# ## different ip than the default iface
# ## We should set etcd_member_name for etcd cluster. The node that is not a etcd member do not need to set the value, or can set the empty string value.
[all]
yjwang0-k8s-01 ansible_host=10.99.99.10 ip=10.99.98.10 etcd_member_name=etcd1
yjwang0-k8s-02 ansible_host=10.99.99.11 ip=10.99.98.11 etcd_member_name=etcd2
yjwang0-k8s-03 ansible_host=10.99.99.12 ip=10.99.98.12 etcd_member_name=etcd3
yjwang0-k8s-04 ansible_host=10.99.99.13 ip=10.99.98.13
yjwang0-k8s-05 ansible_host=10.99.99.14 ip=10.99.98.14
# ## configure a bastion host if your nodes are not directly reachable
# [bastion]
# bastion ansible_host=x.x.x.x ansible_user=some_user
[kube-master]
yjwang0-k8s-01
yjwang0-k8s-02
yjwang0-k8s-03
[etcd]
yjwang0-k8s-01
yjwang0-k8s-02
yjwang0-k8s-03
[kube-node]
yjwang0-k8s-04
yjwang0-k8s-05
[calico-rr]
[k8s-cluster:children]
kube-master
kube-node
calico-rr
ssh-copy-id 진행
root@yjwang0-k8s-01:~/kubespray# grep 'ansible_host=' inventory/mycluster/inventory.ini |grep -v '#' |awk '{print $2}' |sed 's/ansible_host=/ssh-copy-id -f /'|sh -x
(Option) 만약 sshd로 접근이 안되면 아래와 같이 Password 접근할 수 있게하고 root로 들어갈 수 있도록 한다
# sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
# sed -i '/PermitRootLogin prohibit-password/a\PermitRootLogin yes' /etc/ssh/sshd_config
# systemctl restart sshd
ansible-adhoc command로 통신 확인
root@yjwang0-k8s-01:~/kubespray# ansible -m ping -i inventory/mycluster/inventory.ini all
yjwang0-k8s-01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
...
-
# 환경에 맞게 수정
root@yjwang0-k8s-01:~/kubespray# vim inventory/mycluster/group_vars/all/all.yml
root@yjwang0-k8s-01:~/kubespray# vim inventory/mycluster/group_vars/k8s-cluster/k8s-cluster.yml
Cluster 배포 진행
root@yjwang0-k8s-01:~/kubespray# ansible-playbook -i inventory/mycluster/inventory.ini cluster.yml
...
PLAY RECAP ***********************************************************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
yjwang0-k8s-01 : ok=574 changed=116 unreachable=0 failed=0 skipped=1106 rescued=0 ignored=2
yjwang0-k8s-02 : ok=498 changed=106 unreachable=0 failed=0 skipped=964 rescued=0 ignored=1
yjwang0-k8s-03 : ok=500 changed=107 unreachable=0 failed=0 skipped=962 rescued=0 ignored=1
yjwang0-k8s-04 : ok=364 changed=72 unreachable=0 failed=0 skipped=597 rescued=0 ignored=1
yjwang0-k8s-05 : ok=364 changed=73 unreachable=0 failed=0 skipped=596 rescued=0 ignored=1
...
Cluster 배포 확인
root@yjwang0-k8s-01:~/kubespray# kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://10.99.98.10:6443
name: cluster.local
contexts:
- context:
cluster: cluster.local
user: kubernetes-admin
name: kubernetes-admin@cluster.local
current-context: kubernetes-admin@cluster.local
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
root@yjwang0-k8s-01:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
yjwang0-k8s-01 Ready control-plane,master 12m v1.20.2
yjwang0-k8s-02 Ready control-plane,master 12m v1.20.2
yjwang0-k8s-03 Ready control-plane,master 12m v1.20.2
yjwang0-k8s-04 Ready <none> 10m v1.20.2
yjwang0-k8s-05 Ready <none> 10m v1.20.2
bash completion 적용
root@yjwang0-k8s-01:~/kubespray# apt -y install bash-completion
root@yjwang0-k8s-01:~/kubespray# exit
# 재 로그인
root@yjwang0-k8s-01:~# kubectl get
apiservices.apiregistration.k8s.io mutatingwebhookconfigurations.admissionregistration.k8s.io
certificatesigningrequests.certificates.k8s.io namespaces
...
반응형