k8s 환경 구축하기 (containerd, Calico)

시작에 앞서 우리가 구축할 k8s 환경은 아래와 같이 정의한다.

- container : containerd

- control plane : Calico

container는 Docker도 많이 쓰지만, 일단 가장 가벼운 containerd만 다룬다. 다음에 기회가 되면 Docker도 해보자. 그리고 k8s cluster를 구축하게 되면, 얘를 조종할 Master Node에는 networking plane이 필요하다. hozy는 Flannel, Calico 이 두개를 설치해봤는데, 이번에는 Calico만 다룬다.

우리는 앞선 과정으로 총 3대의 EC2에 접속된 상태다. 이중 1개는 Master Node가, 나머지 2개는 Worker Node가 될 예정이다. 앞으로 할 작업들을 요약하자면 아래와 같다.

1. containerd 설치 (모든 노드)

2. k8s 설치 (모든노드)

3. k8s Cluster 초기화 (Master Node만)

4. Calico 설치 (Master Node만)

5. k8s Cluster에 Worker Node 추가하기 (Worker Node만)

주의할 점은 각 단계별로, 어떤 노드에 작업할지 다르다는 점이다. 꼭 해당 노드에만 해주자.

1. containerd 설치 (모든 노드)

• Enable kernel modules, overlay and br_netfilter, to be loaded whenever the server starts.

  • Enable overlay and br_netfilter immediately without the server restart.

    sudo modprobe br_netfilter

    sudo modprobe overlay

    cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf 
    overlay 
    br_netfilter 
    EOF

• Configurations needed for the kubernetes networking.

  • Enable the above settings immediately.

    sudo sysctl --system

    cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf 
    net.bridge.bridge-nf-call-iptables = 1 
    net.ipv4.ip_forward = 1 
    net.bridge.bridge-nf-call-ip6tables = 1 
    EOF

• Install containerd.

• sudo apt-get update && sudo apt-get install -y containerd

• Setup the containerd configuration file.

  • Create a directory as follows:

    sudo mkdir -p /etc/containerd

  • Create the config file.

    sudo containerd config default | sudo tee /etc/containerd/config.toml

  • Restart containerd to make sure that containerd uses the above config file.

    sudo systemctl restart containerd

  • Check if containerd is running.

    sudo systemctl status containerd

ctrl+c 로 빠져나오자.

2. k8s 설치 (모든노드)

• Disable swap

  sudo swapoff -a

• Install packages that might be needed during the installation process (Recommended in the k8s documentation.)

  • Packages
    • apt-transport-https
    • curl
    • etcd

      sudo apt-get update && sudo apt-get install -y apt-transport-https curl etcd

• Download the gpg key for the k8s package repository so that we can locate the k8s packages. and add it.

  curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -

• Set up repository configuration

  • The second line is the reference to the kubernetes repository.

    cat <<EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list 
    deb https://apt.kubernetes.io/ kubernetes-xenial main 
    EOF

• Update the local package listings.

  sudo apt-get update

• Install kubelet, kubeadm, kubectl

  • Ensure that the version numbers are all the same!

    sudo apt-get install -y kubelet=1.27.0-00 kubeadm=1.27.0-00 kubectl=1.27.0-00

• Disable automatic update of the above three packages.

  sudo apt-mark hold kubelet kubeadm kubectl

3. k8s Cluster 초기화 (Master Node만)

• Initialize the cluster using kubeadm

  • Explanation
    • 192.168.0.0/16 is the ip-range that will be used for our virtual pod network.
    • Calico requires this setting.
  • If something goes wrong during this, check the log, fix the problem, and reset kubeadm with the following command.

    sudo kubeadm reset

    sudo kubeadm init --pod-network-cidr 192.168.0.0/16 --kubernetes-version 1.27.0

• Set up the kube config to interact with the cluster using kubectl.

  • Use the output from the previous kubeadm init command.
    )))

    

• Check if the kubectl is properly working.)

  

  • The control plane is NotReady because no network-plugin for this cluster is installed yet.
  • We will install Calico.

  kubectl get nodes

4. Calico 설치 (Master Node만)

• Pass the manifest file to kubectl.

  kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

• Check the cluster once again and the control plane will be changed in a couple of minutes.)

  

  kubectl get nodes

5. k8s Cluster에 Worker Node 추가하기 (Worker Node만)

• Get the join command from the control plane.

  kubeadm token create --print-join-command

• Run the above join command with root(sudo)!
  

  

• Check the worker node in the control plane.

  kubectl get nodes