728x90
반응형
Practice Test - Explore environment
$ k get no -owide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
controlplane Ready control-plane 7m3s v1.27.0 192.23.163.6 <none> Ubuntu 20.04.5 LTS 5.4.0-1106-gcp containerd://1.6.6
node01 Ready <none> 6m38s v1.27.0 192.23.163.8 <none> Ubuntu 20.04.5 LTS 5.4.0-1106-gcp containerd://1.6.6
# 컨트롤플레인 노드 네트워크 인터페이스 확인
$ ifconfig -a
...
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 192.23.163.6 netmask 255.255.255.0 broadcast 192.23.163.255
ether 02:42:c0:17:a3:06 txqueuelen 0 (Ethernet)
RX packets 2609 bytes 322396 (322.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2059 bytes 1176322 (1.1 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
...
$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/ether 06:c6:e7:bd:4c:6f brd ff:ff:ff:ff:ff:ff
3: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether b2:3f:d1:83:41:91 brd ff:ff:ff:ff:ff:ff
4: veth0cbdd223@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue master cni0 state UP mode DEFAULT group default
link/ether 7a:79:9c:6b:bd:ec brd ff:ff:ff:ff:ff:ff link-netns cni-f38f5df3-79ff-c6a4-b471-ee257a25a2c9
5: veth3e78708c@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue master cni0 state UP mode DEFAULT group default
link/ether ea:c8:8a:1d:e2:2e brd ff:ff:ff:ff:ff:ff link-netns cni-c619fc0c-fae4-ab7a-f80d-ca285ca0255c
7628: eth0@if7629: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:c0:17:a3:06 brd ff:ff:ff:ff:ff:ff link-netnsid 0
7630: eth1@if7631: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default
link/ether 02:42:ac:19:00:34 brd ff:ff:ff:ff:ff:ff link-netnsid 1
$ ip addr show type bridge
3: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP group default qlen 1000
link/ether 5a:6e:69:2c:08:9b brd ff:ff:ff:ff:ff:ff
inet 10.244.0.1/24 brd 10.244.0.255 scope global cni0
valid_lft forever preferred_lft forever
$ ip route show default
default via 172.25.0.1 dev eth1
# node01 네트워크 인터페이스 확인
arp 192.23.163.8
Address HWtype HWaddress Flags Mask Iface
k8-multi-node-ttyd-stab ether 02:42:c0:17:a3:08 C eth0포트 확인
$ netstat -anp | grep sche
tcp 0 0 127.0.0.1:10259 0.0.0.0:* LISTEN 3704/kube-scheduler
tcp 0 0 192.23.163.6:55778 192.23.163.6:6443 ESTABLISHED 3704/kube-scheduler
tcp 0 0 192.23.163.6:55834 192.23.163.6:6443 ESTABLISHED 3704/kube-scheduler
$ netstat -anp | grep etcd | grep -i listen
tcp 0 0 192.23.163.6:2380 0.0.0.0:* LISTEN 3573/etcd
tcp 0 0 127.0.0.1:2381 0.0.0.0:* LISTEN 3573/etcd
tcp 0 0 192.23.163.6:2379 0.0.0.0:* LISTEN 3573/etcd
tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN 3573/etcd
$ netstat -anp | grep etcd | grep 2380
tcp 0 0 192.23.163.6:2380 0.0.0.0:* LISTEN 3573/etcd
controlplane /etc/kubernetes ➜ netstat -anp | grep etcd | grep 2379
tcp 0 0 192.23.163.6:2379 0.0.0.0:* LISTEN 3573/etcd
tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN 3573/etcd
tcp 0 0 127.0.0.1:2379 127.0.0.1:57076 ESTABLISHED 3573/etcd
tcp 0 0 127.0.0.1:2379 127.0.0.1:57340 ESTABLISHED 3573/etcd
tcp 0 0 127.0.0.1:2379 127.0.0.1:57436 ESTABLISHED 3573/etcd
tcp 0 0 127.0.0.1:2379 127.0.0.1:57468 ESTABLISHED 3573/etcd
tcp 0 0 127.0.0.1:2379 127.0.0.1:57256 ESTABLISHED 3573/etcd
tcp 0 0 127.0.0.1:2379 127.0.0.1:57118 ESTABLISHED 3573/etcdPractice Test - CNI
$ ps -ef | grep kubelet
root 3590 3030 0 09:36 ? 00:00:09 kube-apiserver --advertise-address=192.25.102.3 --allow-privileged=true --authorization-mode=Node,RBAC --client-ca-file=/etc/kubernetes/pki/ca.crt --enable-admission-plugins=NodeRestriction --enable-bootstrap-token-auth=true --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key --etcd-servers=https://127.0.0.1:2379 --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key --requestheader-allowed-names=front-proxy-client --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --secure-port=6443 --service-account-issuer=https://kubernetes.default.svc.cluster.local --service-account-key-file=/etc/kubernetes/pki/sa.pub --service-account-signing-key-file=/etc/kubernetes/pki/sa.key --service-cluster-ip-range=10.96.0.0/12 --tls-cert-file=/etc/kubernetes/pki/apiserver.crt --tls-private-key-file=/etc/kubernetes/pki/apiserver.key
root 4566 1 0 09:36 ? 00:00:02 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --container-runtime-endpoint=unix:///var/run/containerd/containerd.sock --pod-infra-container-image=registry.k8s.io/pause:3.9
root 7369 6368 0 09:37 pts/0 00:00:00 grep --color=auto kubelet
$ kubectl get ns
NAME STATUS AGE
default Active 4m59s
kube-flannel Active 4m49s
kube-node-lease Active 4m59s
kube-public Active 4m59s
kube-system Active 4m59s
$ kubectl get ns^C
$ kubectl get po -n kube-flannel
NAME READY STATUS RESTARTS AGE
kube-flannel-ds-jcqs6 1/1 Running 0 4m49s
$ kubectl describe po kube-flannel-ds-jcqs6 -n kube-flannel
...
Command:
cp
Args:
-f
/flannel
/opt/cni/bin/flannel
...
Volumes:
run:
Type: HostPath (bare host directory volume)
Path: /run/flannel
HostPathType:
cni-plugin:
Type: HostPath (bare host directory volume)
Path: /opt/cni/bin
HostPathType:
cni:
Type: HostPath (bare host directory volume)
Path: /etc/cni/net.d
HostPathType:
...
$ ls -al /opt/cni/bin
total 71368
drwxrwxr-x 1 root root 4096 Jun 19 09:37 .
drwxr-xr-x 1 root root 4096 Apr 17 04:02 ..
-rwxr-xr-x 1 root root 3859475 Jan 16 16:42 bandwidth
-rwxr-xr-x 1 root root 4299004 Jan 16 16:42 bridge
-rwxr-xr-x 1 root root 10167415 Jan 16 16:42 dhcp
-rwxr-xr-x 1 root root 3986082 Jan 16 16:42 dummy
-rwxr-xr-x 1 root root 4385098 Jan 16 16:42 firewall
-rwxr-xr-x 1 root root 2474798 Jun 19 09:37 flannel
-rwxr-xr-x 1 root root 3870731 Jan 16 16:42 host-device
-rwxr-xr-x 1 root root 3287319 Jan 16 16:42 host-local
-rwxr-xr-x 1 root root 3999593 Jan 16 16:42 ipvlan
-rwxr-xr-x 1 root root 3353028 Jan 16 16:42 loopback
-rwxr-xr-x 1 root root 4029261 Jan 16 16:42 macvlan
-rwxr-xr-x 1 root root 3746163 Jan 16 16:42 portmap
-rwxr-xr-x 1 root root 4161070 Jan 16 16:42 ptp
-rwxr-xr-x 1 root root 3550152 Jan 16 16:42 sbr
-rwxr-xr-x 1 root root 2845685 Jan 16 16:42 static
-rwxr-xr-x 1 root root 3437180 Jan 16 16:42 tuning
-rwxr-xr-x 1 root root 3993252 Jan 16 16:42 vlan
-rwxr-xr-x 1 root root 3586502 Jan 16 16:42 vrf
$ ls -al /etc/cni/net.d
total 16
drwx------ 1 root root 4096 Jun 19 09:37 .
drwx------ 1 root root 4096 Apr 17 04:02 ..
-rw-r--r-- 1 root root 292 Jun 19 09:37 10-flannel.conflist
$ cat /etc/cni/net.d/10-flannel.conflist
{
"name": "cbr0",
"cniVersion": "0.3.1",
"plugins": [
{
"type": "flannel",
"delegate": {
"hairpinMode": true,
"isDefaultGateway": true
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
Practice Test - Deploy Network Solution
# https://v1-22.docs.kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/
$ k apply -f /root/weave/weave-daemonset-k8s.yaml
$ k get ns
$ k get po -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-5d78c9869d-7rlw9 1/1 Running 0 46m
coredns-5d78c9869d-ddmwx 1/1 Running 0 46m
etcd-controlplane 1/1 Running 0 46m
kube-apiserver-controlplane 1/1 Running 0 46m
kube-controller-manager-controlplane 1/1 Running 0 46m
kube-proxy-kx2hk 1/1 Running 0 46m
kube-scheduler-controlplane 1/1 Running 0 46m
weave-net-l9prf 2/2 Running 0 42sPractice Test - Networking Weave
$ k get po -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-5d78c9869d-5p82z 1/1 Running 0 43m
coredns-5d78c9869d-v9vnt 1/1 Running 0 43m
etcd-controlplane 1/1 Running 0 44m
kube-apiserver-controlplane 1/1 Running 0 44m
kube-controller-manager-controlplane 1/1 Running 0 44m
kube-proxy-nv22c 1/1 Running 0 43m
kube-proxy-zg9n2 1/1 Running 0 43m
kube-scheduler-controlplane 1/1 Running 0 44m
weave-net-mql5g 2/2 Running 1 (43m ago) 43m
weave-net-r5824 2/2 Running 0 43m
$ k get po -n kube-system -o wide | grep weave
weave-net-mql5g 2/2 Running 1 (44m ago) 45m 192.20.35.9 controlplane <none> <none>
weave-net-r5824 2/2 Running 0 45m 192.20.35.12 node01 <none> <none>
$ ip link show type bridge
4: weave: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1376 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether c2:e4:dc:1a:a8:e4 brd ff:ff:ff:ff:ff:ff
$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: datapath: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1376 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 1e:64:2f:1f:e8:67 brd ff:ff:ff:ff:ff:ff
4: weave: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1376 qdisc noqueue state UP group default qlen 1000
link/ether c2:e4:dc:1a:a8:e4 brd ff:ff:ff:ff:ff:ff
inet 10.244.0.1/16 brd 10.244.255.255 scope global weave
valid_lft forever preferred_lft forever
...
$ k exec -it weave-net-r5824 -n kube-system -- /bin/sh
Defaulted container "weave" out of: weave, weave-npc, weave-init (init)
/home/weave # ip route
default via 172.25.0.1 dev eth1
10.244.0.0/16 dev weave proto kernel scope link src 10.244.192.0
172.25.0.0/24 dev eth1 proto kernel scope link src 172.25.0.65
192.20.35.0/24 dev eth0 proto kernel scope link src 192.20.35.12
/home/weave #
$ ssh node01
$ ip route
default via 172.25.0.1 dev eth1
10.244.0.0/16 dev weave proto kernel scope link src 10.244.192.0
172.25.0.0/24 dev eth1 proto kernel scope link src 172.25.0.34
192.21.41.0/24 dev eth0 proto kernel scope link src 192.21.41.9728x90
'기타 > 자격증' 카테고리의 다른 글
| [CKA][실습] 10. Troubleshooting (0) | 2023.06.24 |
|---|---|
| [CKA][실습] 9. Networking (2) (0) | 2023.06.22 |
| [CKA][실습] 8. Install (0) | 2023.06.19 |
| [CKA][실습] 7. Storage (0) | 2023.06.12 |
| [CKA][실습] 6. Security (4) (2) | 2023.05.14 |