k8s 라즈베리파이 설치
- Dev-Ops/kubernetes
- 2023. 5. 31.
도커 설치
# https://docs.docker.com/engine/install/ubuntu/#set-up-the-repository
# Update the apt package index and install packages to allow apt to use a repository over HTTPS:
sudo apt-get update -y
sudo apt-get install ca-certificates curl gnupg -y
# Add Docker’s official GPG key:
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
# Use the following command to set up the repository:
echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# Update the apt package index:
sudo apt-get update -y
# Install Docker Engine, containerd
sudo apt-get install docker-ce docker-ce-cli containerd.io -y
# Docker 항상 실행
sudo systemctl enable docker
쿠버네티스 밑작업
# Swap Disable
sudo su - root
swapoff -a && sed -i '/swap/s/^/#/' /etc/fstab
# 노드 간 통신을 위한 네트워크 설정
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
# 쿠버네티스를 위한 도커 데몬 설정/ Cgroup 설정
sudo mkdir /etc/docker
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
sudo systemctl enable docker
sudo systemctl daemon-reload
sudo systemctl restart docker
# containerD 설정 초기화
rm /etc/containerd/config.toml
sudo systemctl restart containerd
쿠버네티스 설치
# https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/#install-using-native-package-management
# 쿠버네티스 리포지토리 업데이트
sudo apt-get update -y
sudo apt-get install -y ca-certificates curl
# Download the Google Cloud public signing key:
curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-archive-keyring.gpg
# Add the Kubernetes apt repository:
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
# https://kubernetes.io/ko/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
# install kubernetes
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
쿠버네티스 시작
Calico CNI 설치
# 마스터 노드만
$ kubectl apply -f \
https://raw.githubusercontent.com/projectcalico/calico/v3.25.1/manifests/calico.yaml
Nginx Ingress Controller 설치
// 리포지토리 추가 후, 버전 확인.
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
helm search repo ingress-nginx
// helm 설치
helm install ingress-nginx ingress-nginx/ingress-nginx -n ingress-nginx --create-namespace
// 설치되었는지 확인
kubectl get pod,svc -n ingress-nginx
MetalLB 설치
# https://metallb.universe.tf/installation/
# METAL LB 설치 위한 준비
# see what changes would be made, returns nonzero returncode if different
kubectl get configmap kube-proxy -n kube-system -o yaml | \
sed -e "s/strictARP: false/strictARP: true/" | \
kubectl diff -f - -n kube-system
# actually apply the changes, returns nonzero returncode on errors only
kubectl get configmap kube-proxy -n kube-system -o yaml | \
sed -e "s/strictARP: false/strictARP: true/" | \
kubectl apply -f - -n kube-system
# METAL LB 설치
helm repo add metallb https://metallb.github.io/metallb
helm install metallb metallb/metallb -n metallb-system --create-namespace
# secret 생성
(kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)")
# IP Pool 설정 --> metallb-system 네임 스페이스에 배포.
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: first-pool
namespace: metallb-system
spec:
addresses:
- 192.168.1.240-192.168.1.250 ## 할당되는 IP 리스트.
롱혼 설치
# 요구사항
apt-get install open-iscsi
# https://longhorn.io/docs/1.4.2/deploy/install/install-with-helm/
helm repo add longhorn https://charts.longhorn.io
helm repo update
# 롱혼 설치
helm install longhorn longhorn/longhorn --namespace longhorn-system --create-namespace --version 1.4.2
# 롱혼 설치 결과 확인
kubectl -n longhorn-system get pod
Kube-state-metrics + 메트릭 서버 설치
# kube-state-metrics 설치
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
helm install kube-state-metrics prometheus-community/kube-state-metrics -n kube-state-metrics --create-namespace
# metrics-server 설치
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml메트릭 서버를 설치해도 kubectl top 명령어가 동작하지 않는 경우가 있다. TLS 문제이기 때문에 아래 Argument를 metrics-server에 추가해주면 된다.
# https://m.blog.naver.com/isc0304/221860790762
<앞 부분 생략>
spec:
containers:
- args:
- --cert-dir=/tmp
- --secure-port=4443
- --kubelet-insecure-tls # 추가된 옵션
- --kubelet-preferred-address-types=InternalIP # 추가된 옵션
<뒷 부분 생략>
'Dev-Ops > kubernetes' 카테고리의 다른 글
| Kubernetes in Action : Chapter10. Statefulset (0) | 2023.06.05 |
|---|---|
| Kubernetes in Action : Chapter9. Deployment (0) | 2023.06.01 |
| Kubernetes in Action : Chapter8. 어플리케이션에서 파드 메타데이터와 그 외의 리소스에 액세스하기 (0) | 2023.05.29 |
| Kubernetes in Action : Chapter7. ConfigMap, Secret (0) | 2023.05.27 |
| Kubernetes in Action : Chapter5. Service (1) | 2023.05.24 |