kubernetes 로 클러스터를 만드는 과정이 복잡하다고 생각하실 수 있지만 사실 스크립트로 만들면 이정도로 간단해 집니다. kubernetes, docker package가 준비되었다고 한다면 남는건 3가지 종류의 프로세스가 있습니다.
- 첫번째 마스터
$./init_master.sh $MASTER_IP
apiVersion: v1 | |
kind: Pod | |
metadata: | |
name: ttt | |
namespace: default | |
spec: | |
containers: | |
- command: | |
- nsenter | |
- --mount=/proc/1/ns/mnt |
kubectl apply -f test.yaml | |
kubectl wait --for=condition=available deploy/eggs | |
kubectl wait --for=condition=Ready pod/cuckoo-egg | |
# 적용하고 나면 3개의 pod이 보인다 2개는 알 pod과 1개의 뻐꾸기 알 pod | |
kubectl get pods | |
# 그리고 서비스는 노드포트로 구성되어 있다. | |
kubectl get svc | |
NODEIP=$(kubectl get nodes minikube -o jsonpath='{.status.addresses[?(@.type=="InternalIP")].address}') |
curl \ | |
-fSL \ | |
--progress \ | |
-H "Authorization: Bearer $(curl \ | |
-fsSL \ | |
"https://auth.docker.io/token?service=registry.docker.io&scope=repository:leoh0/openstack10th.mov:pull" \ | |
| sed 's/.*"token":"\([^"]*\)".*/\1/g')" \ | |
https://registry-1.docker.io/v2/leoh0/openstack10th.mov/blobs/sha256:c5663bd9f3bb1234eea3d9be76d49538568a24dca4acb01b525f7441d955fe1b | \ | |
tar xzvf - |
# wireguard 설치 | |
brew install wireguard-tools | |
# wgcf 설치 | |
wget https://github.com/ViRb3/wgcf/releases/download/v1.0.6/wgcf_1.0.6_darwin_amd64 | |
chmod +x wgcf_1.0.6_darwin_amd64 | |
mv wgcf_1.0.6_darwin_amd64 /usr/local/bin/wgcf | |
# wgcf 로 wg to cf 컨피그 생성 | |
mkdir -p /usr/local/etc/wireguard |
slow-kubectl.sh
와 같이 했을시 걸리는 시간: 1m25.738s
$ time kubectl get all
I0401 17:58:21.966762 25969 request.go:621] Throttling request took 1.162451359s, request: GET:https://10.22.70.249:6443/apis/apiextensions.k8s.io/v1beta1?timeout=32s
I0401 17:58:32.166766 25969 request.go:621] Throttling request took 2.197797331s, request: GET:https://10.22.70.249:6443/apis/networking.k8s.io/v1beta1?timeout=32s
I0401 17:58:42.366787 25969 request.go:621] Throttling request took 2.798023909s, request: GET:https://10.22.70.249:6443/apis/networking.k8s.io/v1beta1?timeout=32s
I0401 17:58:52.566791 25969 request.go:621] Throttling request took 3.398025432s, request: GET:https://10.22.70.249:6443/apis/discovery.k8s.io/v1beta1?timeout=32s
I0401 17:59:02.766754 25969 request.go:621] Throttling request took 3.997812593s, request: GET:https://10.22.70.249:6443/apis/rbac.authorization.k8s.io/v1beta1?timeout=32s
I0401 17:59:12.767024 25969 request.go:621] Throttling request took 4.397012075s, request: GET:https://10.
FROM alpine:3.11 as base | |
RUN apk add --update \ | |
git \ | |
gcc \ | |
file \ | |
make \ | |
musl-dev \ | |
openssl-dev \ | |
openssl-libs-static \ |
# 마스터의 ca.crt 와 ca.key | |
cp ca.crt ca.key ~/temp | |
cd ~/temp | |
# openssl이 미리 설치 필요 | |
cat > openssl.cnf << EOF | |
[ req ] | |
distinguished_name = req_distinguished_name | |
[req_distinguished_name] |
# 마스터의 ca.crt 와 ca.key | |
cp ca.crt ca.key ~/temp | |
cd ~/temp | |
cat > openssl.cnf << EOF | |
[ req ] | |
distinguished_name = req_distinguished_name | |
[req_distinguished_name] | |
[ v3_ca ] | |
basicConstraints = critical, CA:TRUE |
# http://docs.openstack.org/developer/heat/template_guide/hot_spec.html#heat-template-version | |
heat_template_version: 2014-10-16 | |
# This template is the equivalent of the command set: | |
# $ wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img | |
# $ glance image-create --name='cirros image' --container-format=bare --disk-format=qcow2 < cirros-0.3.5-x86_64-disk.img | |
# or: | |
# $ glance --os-image-api-version 1 image-create --name='cirros image' --container-format=bare --disk-format=qcow2 --location http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img | |