Pre Install Script (All Node)
# root 계정으로 작업
# sudo su -
##################################################
# 시스템 업데이트
yum update -y
# 시간대 설정
sudo ln -sf /usr/share/zoneinfo/Asia/Seoul /etc/localtime
# Kubernetes 관련 모듈 로드 설정
echo -e "overlay\nbr_netfilter" | sudo tee /etc/modules-load.d/k8s.conf
sudo modprobe overlay
sudo modprobe br_netfilter
# sysctl 설정
echo -e "net.bridge.bridge-nf-call-iptables = 1\nnet.bridge.bridge-nf-call-ip6tables = 1\nnet.ipv4.ip_forward = 1" | sudo tee /etc/sysctl.d/k8s.conf
sudo sysctl --system
# 스왑 비활성화
swapoff -a
sed -i '/ swap / s/^/#/' /etc/fstab
# 방화벽 비활성화
systemctl stop firewalld
systemctl disable firewalld
# SELinux 설정 변경
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
##################################################
# ContainerD 설치 디렉토리 생성 및 이동
mkdir -p /root/files/containerd
cd /root/files/containerd
# ContainerD 설치
curl -L https://github.com/containerd/containerd/releases/download/v1.6.36/containerd-1.6.36-linux-amd64.tar.gz -o /root/files/containerd/containerd-1.6.36-linux-amd64.tar.gz
tar Cxzvf /usr/local /root/files/containerd/containerd-1.6.36-linux-amd64.tar.gz
# systemd 서비스 파일 복사
mkdir -p /usr/local/lib/systemd/system
curl -L https://raw.githubusercontent.com/containerd/containerd/main/containerd.service -o /root/files/containerd/containerd.service
cp /root/files/containerd/containerd.service /usr/local/lib/systemd/system/containerd.service
# systemd 재로드 및 ContainerD 서비스 시작
systemctl daemon-reload
systemctl enable --now containerd
systemctl status containerd --no-pager
# runc 설치
curl -L https://github.com/opencontainers/runc/releases/download/v1.1.14/runc.amd64 -o /root/files/containerd/runc.amd64
install -m 755 /root/files/containerd/runc.amd64 /usr/local/sbin/runc
# ContainerD 설정
mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
# sed -i 's|sandbox_image = "registry.k8s.io/pause:3.6"|sandbox_image = "registry.k8s.io/pause:3.9"|' /etc/containerd/config.toml
# ContainerD 서비스 재시작
systemctl restart containerd
systemctl status containerd --no-pager
# 기본 리눅스 패키지 (Kubernetes 설치 시 필요)
# 패키지 목록 변수
PACKAGES="conntrack-tools libibverbs libnetfilter_conntrack libnetfilter_cthelper libnetfilter_cttimeout libnetfilter_queue libnfnetlink libnftnl libpcap nfs-utils gssproxy keyutils libev libverto-libev quota quota-nls rpcbind bash-completion git vim"
# 기본 리눅스 패키지 설치
dnf install -y $PACKAGES
KUBE_VER=1.30
KUBE_DETAIL_VER=1.30.3
# Kubernetes 리포지토리 설정
sudo tee /etc/yum.repos.d/kubernetes.repo <<- K8S_REPO
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v$KUBE_VER/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v$KUBE_VER/rpm/repodata/repomd.xml.key
K8S_REPO
# kubelet 설치
dnf install -y kubelet-$KUBE_DETAIL_VER
# kubectl 설치
dnf install -y kubectl-$KUBE_DETAIL_VER
# kubeadm 설치
dnf install -y kubeadm-$KUBE_DETAIL_VER
# kubelet 서비스 활성화 및 시작
systemctl enable kubelet && systemctl start kubelet
systemctl status kubelet --no-pager
# crictl 설정 디렉토리 및 파일 생성
sudo tee /etc/crictl.yaml <<- CRICTL_CONFIG
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: false
CRICTL_CONFIG
# crictl 명령어 테스트
crictl ps
crictl images
⚠️ Multi Node 실습 환경 구축 시 Worker Node는
Pre Install Script (All Node)만 설치하면 됨!!
NFS 활성화 및 NFS Provisioner 설치파일 다운로드
AWS 환경 사용시 기 설정한 VPC CIDR을 입력해야 함
GCP의 경우
asia-northeast3지역의 CIDR은10.178.0.0/20임. 자세한 내용 아래 링크 참고
https://cloud.google.com/vpc/docs/subnets?hl=ko#ip-ranges
NAS 가 따로 확보되어 있다면 아래 내용은 설치하지 않아도 됨
# NET_CIDR="10.0.0.0/20" # AWS VPC CIDR
NET_CIDR="10.178.0.0/20" # GCP VPC CIDR
# nfs-server 서비스 기동
sudo systemctl start nfs-server.service
sudo systemctl enable nfs-server.service
sudo systemctl status nfs-server.service --no-pager
sudo mkdir -p /nfs/kf
sudo chmod -R 777 /nfs/kf
sudo chown -R 999:999 /nfs/kf
sudo systemctl restart nfs-server.service
sudo tee /etc/exports <<- NFS_EXPORTS
/nfs/kf $NET_CIDR(rw,sync,no_subtree_check,no_root_squash)
NFS_EXPORTS
sudo exportfs -arv
sudo exportfs -s
sudo systemctl restart nfs-server.service
NFS_IP=$(hostname -I | awk '{print $1}')
sudo showmount -e $NFS_IP
# NFS Provisioner 설치파일
mkdir -p /root/files/nfs
curl -L https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner/releases/download/nfs-subdir-external-provisioner-4.0.18/nfs-subdir-external-provisioner-4.0.18.tgz -o /root/files/nfs/nfs-subdir-external-provisioner-4.0.18.tgz
Tool Install (Helm, Kustomize, k9s, cilium cli)
mkdir -p /root/files/tool
cd /root/files/tool
# helm
curl -L https://get.helm.sh/helm-v3.16.3-linux-amd64.tar.gz -o /root/files/tool/helm-v3.16.3-linux-amd64.tar.gz
tar -zxvf /root/files/tool/helm-v3.16.3-linux-amd64.tar.gz -C /root/files/tool/
mv /root/files/tool/linux-amd64/helm /usr/local/bin/helm
helm version
# kustomize
curl -L https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.5.0/kustomize_v5.5.0_linux_amd64.tar.gz -o /root/files/tool/kustomize_v5.5.0_linux_amd64.tar.gz
tar -zxvf /root/files/tool/kustomize_v5.5.0_linux_amd64.tar.gz -C /root/files/tool/
mv /root/files/tool/kustomize /usr/local/bin/
kustomize version
# k9s
curl -LO https://github.com/derailed/k9s/releases/download/v0.27.4/k9s_Linux_amd64.tar.gz
tar -zxvf ./k9s_Linux_amd64.tar.gz
chmod +x k9s
mv k9s /usr/local/bin
# Cilium CLI
mkdir -p /root/files/cilium
curl -L https://github.com/cilium/charts/raw/refs/heads/master/cilium-1.16.4.tgz -o /root/files/cilium/cilium-1.16.4.tgz
curl -L https://github.com/cilium/cilium-cli/releases/download/v0.16.21/cilium-linux-amd64.tar.gz -o /root/files/cilium/cilium-linux-amd64.tar.gz
tar -zxvf /root/files/cilium/cilium-linux-amd64.tar.gz -C /usr/local/bin