SWAP 비활성화 (모든 노드 공통)
sudo sed -i '/swap/s/^/#/' /etc/fstab
sudo systemctl list-unit-files --type swap
sudo systemctl mask *****.swap
sudo rebootcontainerd 설치 (모든 노드 공통)
# 1. Uninstall old versions
for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg; done
# 2. Setup the repository
# 2-1. Update the apt package index and install packages to allow apt to use a repository over HTTPS:
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg
# 2-2. Add Docker's official GPG key
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# 2-3. Use the following command to set up the repository
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# 2-4. Update the apt package index
sudo apt-get update
# 3. Install containerd
sudo apt-get install containerd.iocontainerd 설정 변경
sudo rm -rf /etc/containerd/config.toml
sudo containerd config default | sudo tee /etc/containerd/config.toml
# Configuring the systemd cgroup driver
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
sudo systemctl restart containerdIPv4 포워딩하여 iptalbes가 브릿지된 트래픽을 보게 하기 (모든 노드 공통)
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
# sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
# Apply sysctl params without reboot
sudo sysctl --systemkubeadm, kubelet, kubectl 설치 (모든 노드 공통)
# 1. Update the apt package index and install packages needed to use the Kubernetes apt repository
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
# 2. Download the public signing key for the Kubernetes package repositories.
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
# 3. Add the appropriate Kubernetes apt repository
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
# 4. Update the apt package index, install kubelet, kubeadm and kubectl, and pin their version
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl클러스터 초기화 ( 첫번째 마스터 노드에서만 수행 )
# Only access to master node
sudo kubeadm init \
--control-plane-endpoint <Master Node IP>:<Kube-apiserver Port Number> \
--apiserver-advertise-address=0.0.0.0 \
--pod-network-cidr=<Ex. 10.0.0.0/16> \
--apiserver-cert-extra-sans=<Master Node Private IP>, <Master Node Public IP> \
--upload-certs
# Multiple access to master nodes
sudo kubeadm init \
--control-plane-endpoint <Ex. kubectl.dongdorrong.io>:<Kube-apiserver Port Number> \
--apiserver-advertise-address=0.0.0.0 \
--pod-network-cidr=<Ex. 10.0.0.0/16> \
--apiserver-cert-extra-sans=<Master Node01 Private IP>, <Master Node02 Public IP>, <Master02 Priv, Pub IP>, ... \
--upload-certs
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config마스터 노드를 HA 구성할 경우, kubeadm init 결과로 출력되는 join 명령을 나머지 마스터 노드에서 실행해 주어야 합니다.
Calico 설치 (모든 노드 공통)
# 1. Install the operator on your cluster
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml
# 2. Download the custom resources necessary to configure Calico
curl https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/custom-resources.yaml -O
# 3. Enter the 'cidr' value in the custom-resources.yaml file the same as the '--pod-network-cidr' value you used when running the kubeadm init command.
# 4. Create the manifest in order to install Calico
kubectl create -f custom-resources.yaml
# 5. Verify Calico installation in your cluster
watch kubectl get pods -n calico-systemmetrics-server 설치
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
DevOps 엔지니어 / 열심히 해서 잘하자