kind 는 Docker 컨테이너(kindest/node 이미지)를 사용하여 로컬 Kubernetes 클러스터를 실행하기 위한 도구
https://kind.sigs.k8s.io/
Docker 설치
# sudo su -
# yum update -y
yum install -y bash-completion git
# Set up the repository
sudo dnf -y install dnf-plugins-core
sudo dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo
# Install Docker Engine
sudo dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
mkdir -p /root/files/rpm
cd /root/files/rpm
dnf download --resolve --destdir=/root/files/rpm dnf-plugins-core
dnf download --resolve --destdir=/root/files/rpm docker-ce
dnf download --resolve --destdir=/root/files/rpm docker-ce-cli
dnf download --resolve --destdir=/root/files/rpm containerd.io
dnf download --resolve --destdir=/root/files/rpm docker-buildx-plugin
dnf download --resolve --destdir=/root/files/rpm docker-compose-plugin
dnf localinstall -y /root/files/rpm/*.rpm
sudo systemctl enable --now docker
# Manage Docker as a non-root user
sudo groupadd docker
sudo usermod -aG docker $USER
docker ps
# Configure Docker to start on boot with systemd
sudo systemctl enable docker.service
sudo systemctl enable containerd.service
Kind Install
# For AMD64 / x86_64
[ $(uname -m) = x86_64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.27.0/kind-linux-amd64
# For ARM64
[ $(uname -m) = aarch64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.27.0/kind-linux-arm64
chmod +x ./kind
sudo mv ./kind /usr/local/bin/kind
Tool Install (kubectl, kustomize)
KUBE_VER=1.32
KUBE_DETAIL_VER=1.32.0
# Kubernetes 리포지토리 설정
sudo tee /etc/yum.repos.d/kubernetes.repo <<- K8S_REPO
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v$KUBE_VER/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v$KUBE_VER/rpm/repodata/repomd.xml.key
K8S_REPO
# kubectl 설치
mkdir -p /root/files/tool
cd /root/files/tool
dnf install -y kubectl-$KUBE_DETAIL_VER
curl -L https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.5.0/kustomize_v5.5.0_linux_amd64.tar.gz -o /root/files/tool/kustomize_v5.5.0_linux_amd64.tar.gz
tar -zxvf /root/files/tool/kustomize_v5.5.0_linux_amd64.tar.gz -C /root/files/tool/
mv /root/files/tool/kustomize /usr/local/bin/
kustomize version
Kind Kubernetes Cluster 생성
cat <<EOF | kind create cluster --name=kubeflow --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
image: kindest/node:v1.32.0@sha256:c48c62eac5da28cdadcf560d1d8616cfa6783b58f0d94cf63ad1bf49600cb027
kubeadmConfigPatches:
- |
kind: ClusterConfiguration
apiServer:
extraArgs:
"service-account-issuer": "https://kubernetes.default.svc"
"service-account-signing-key-file": "/etc/kubernetes/pki/sa.key"
EOF
kind get kubeconfig --name kubeflow > /tmp/kubeflow-config
export KUBECONFIG=/tmp/kubeflow-config
echo "source <(kubectl completion bash)" >> ~/.bashrc
echo "alias k=kubectl" >> ~/.bashrc
echo "complete -o default -F __start_kubectl k" >> ~/.bashrc
source ~/.bashrc
source /etc/profile.d/bash_completion.sh
Kubeflow Install
docker login
kubectl create secret generic regcred \
--from-file=.dockerconfigjson=$HOME/.docker/config.json \
--type=kubernetes.io/dockerconfigjson
cd
git clone https://github.com/kubeflow/manifests.git
cd ~/manifests
# cert-manager
kustomize build common/cert-manager/base | kubectl apply -f -
kustomize build common/cert-manager/kubeflow-issuer/base | kubectl apply -f -
echo "Waiting for cert-manager to be ready ..."
kubectl wait --for=condition=ready pod -l 'app in (cert-manager,webhook)' --timeout=180s -n cert-manager
kubectl wait --for=jsonpath='{.subsets[0].addresses[0].targetRef.kind}'=Pod endpoints -l 'app in (cert-manager,webhook)' --timeout=180s -n cert-manager
# Istio
echo "Installing Istio configured with external authorization..."
kustomize build common/istio-1-24/istio-crds/base | kubectl apply -f -
kustomize build common/istio-1-24/istio-namespace/base | kubectl apply -f -
kustomize build common/istio-1-24/istio-install/overlays/oauth2-proxy | kubectl apply -f -
echo "Waiting for all Istio Pods to become ready..."
kubectl wait --for=condition=Ready pods --all -n istio-system --timeout 300s
# Oauth2-proxy
echo "Installing oauth2-proxy..."
kustomize build common/oauth2-proxy/overlays/m2m-dex-only/ | kubectl apply -f -
kubectl wait --for=condition=ready pod -l 'app.kubernetes.io/name=oauth2-proxy' --timeout=180s -n oauth2-proxy
# Dex
echo "Installing Dex..."
kustomize build common/dex/overlays/oauth2-proxy | kubectl apply -f -
kubectl wait --for=condition=ready pods --all --timeout=180s -n auth
# Knative
kustomize build common/knative/knative-serving/overlays/gateways | kubectl apply -f -
kustomize build common/istio-1-24/cluster-local-gateway/base | kubectl apply -f -
kustomize build common/knative/knative-eventing/base | kubectl apply -f -
# Kubeflow Namespace
kustomize build common/kubeflow-namespace/base | kubectl apply -f -
# Network Policies
kustomize build common/networkpolicies/base | kubectl apply -f -
# Kubeflow Roles
kustomize build common/kubeflow-roles/base | kubectl apply -f -
# Kubeflow Istio Resources
kustomize build common/istio-1-24/kubeflow-istio-resources/base | kubectl apply -f -
# Kubeflow Pipelines
kustomize build apps/pipeline/upstream/env/cert-manager/platform-agnostic-multi-user | kubectl apply -f -
# KServe
kustomize build contrib/kserve/kserve | kubectl apply --server-side --force-conflicts -f -
kustomize build contrib/kserve/models-web-app/overlays/kubeflow | kubectl apply -f -
# Katib
kustomize build apps/katib/upstream/installs/katib-with-kubeflow | kubectl apply -f -
# Central Dashboard
kustomize build apps/centraldashboard/overlays/oauth2-proxy | kubectl apply -f -
# Model Registry
kustomize build apps/model-registry/upstream/overlays/db | kubectl apply -f -
kustomize build apps/model-registry/upstream/options/istio | kubectl apply -f -
kubectl wait --for=condition=available -n kubeflow deployment/model-registry-deployment --timeout=2m
kubectl logs -n kubeflow deployment/model-registry-deployment
kubectl apply -k apps/model-registry/upstream/options/ui/overlays/istio -n kubeflow
# kustomize build apps/model-registry/upstream/options/ui/overlays/istio | kubectl apply -f -
kubectl get configmap centraldashboard-config -n kubeflow -o json | jq '.data.links |= (fromjson | .menuLinks += [{"icon": "assignment", "link": "/model-registry/", "text": "Model Registry", "type": "item"}] | tojson)' | kubectl apply -f - -n kubeflow
# Admission Webhook
kustomize build apps/admission-webhook/upstream/overlays/cert-manager | kubectl apply -f -
# Notebooks 1.0
kustomize build apps/jupyter/notebook-controller/upstream/overlays/kubeflow | kubectl apply -f -
kustomize build apps/jupyter/jupyter-web-app/upstream/overlays/istio | kubectl apply -f -
# PVC Viewer Controller
kustomize build apps/pvcviewer-controller/upstream/base | kubectl apply -f -
# Profiles + KFAM
kustomize build apps/profiles/upstream/overlays/kubeflow | kubectl apply -f -
# Volumes Web Application
kustomize build apps/volumes-web-app/upstream/overlays/istio | kubectl apply -f -
# Tensorboard
kustomize build apps/tensorboard/tensorboards-web-app/upstream/overlays/istio | kubectl apply -f -
kustomize build apps/tensorboard/tensorboard-controller/upstream/overlays/kubeflow | kubectl apply -f -
# Training Operator
kustomize build apps/training-operator/upstream/overlays/kubeflow | kubectl apply --server-side --force-conflicts -f -
# User Namespaces
kustomize build common/user-namespace/base | kubectl apply -f -
# Port-Forward
kubectl port-forward svc/istio-ingressgateway -n istio-system 8080:80 --address=0.0.0.0