leoh0

Simple kubernetes clustering by cloud-init

kubernetes 로 클러스터를 만드는 과정이 복잡하다고 생각하실 수 있지만 사실 스크립트로 만들면 이정도로 간단해 집니다. kubernetes, docker package가 준비되었다고 한다면 남는건 3가지 종류의 프로세스가 있습니다.

1. 첫번째 마스터

$./init_master.sh $MASTER_IP

leoh0

apiVersion: v1
kind: Pod
metadata:
  name: ttt
  namespace: default
spec:
  containers:
  - command:
    - nsenter
    - --mount=/proc/1/ns/mnt

leoh0

kubectl apply -f test.yaml

kubectl wait --for=condition=available deploy/eggs
kubectl wait --for=condition=Ready pod/cuckoo-egg
# 적용하고 나면 3개의 pod이 보인다 2개는 알 pod과 1개의 뻐꾸기 알 pod
kubectl get pods
# 그리고 서비스는 노드포트로 구성되어 있다.
kubectl get svc

NODEIP=$(kubectl get nodes minikube -o jsonpath='{.status.addresses[?(@.type=="InternalIP")].address}')

leoh0

curl \
  -fSL \
  --progress \
  -H "Authorization: Bearer $(curl \
    -fsSL \
    "https://auth.docker.io/token?service=registry.docker.io&scope=repository:leoh0/openstack10th.mov:pull" \
      | sed 's/.*"token":"\([^"]*\)".*/\1/g')" \
    https://registry-1.docker.io/v2/leoh0/openstack10th.mov/blobs/sha256:c5663bd9f3bb1234eea3d9be76d49538568a24dca4acb01b525f7441d955fe1b | \
    tar xzvf -

leoh0

# wireguard 설치
brew install wireguard-tools

# wgcf 설치
wget https://github.com/ViRb3/wgcf/releases/download/v1.0.6/wgcf_1.0.6_darwin_amd64
chmod +x wgcf_1.0.6_darwin_amd64
mv wgcf_1.0.6_darwin_amd64 /usr/local/bin/wgcf

# wgcf 로 wg to cf 컨피그 생성 
mkdir -p /usr/local/etc/wireguard

leoh0

• slow-kubectl.sh와 같이 했을시 걸리는 시간: 1m25.738s

$ time kubectl get all
I0401 17:58:21.966762   25969 request.go:621] Throttling request took 1.162451359s, request: GET:https://10.22.70.249:6443/apis/apiextensions.k8s.io/v1beta1?timeout=32s
I0401 17:58:32.166766   25969 request.go:621] Throttling request took 2.197797331s, request: GET:https://10.22.70.249:6443/apis/networking.k8s.io/v1beta1?timeout=32s
I0401 17:58:42.366787   25969 request.go:621] Throttling request took 2.798023909s, request: GET:https://10.22.70.249:6443/apis/networking.k8s.io/v1beta1?timeout=32s
I0401 17:58:52.566791   25969 request.go:621] Throttling request took 3.398025432s, request: GET:https://10.22.70.249:6443/apis/discovery.k8s.io/v1beta1?timeout=32s
I0401 17:59:02.766754   25969 request.go:621] Throttling request took 3.997812593s, request: GET:https://10.22.70.249:6443/apis/rbac.authorization.k8s.io/v1beta1?timeout=32s
I0401 17:59:12.767024   25969 request.go:621] Throttling request took 4.397012075s, request: GET:https://10.

leoh0

FROM alpine:3.11 as base

RUN apk add --update \
    git \
    gcc \
    file \
    make \
    musl-dev \
    openssl-dev \
    openssl-libs-static \

leoh0

# 마스터의 ca.crt 와 ca.key
cp ca.crt ca.key ~/temp
cd ~/temp

# openssl이 미리 설치 필요

cat > openssl.cnf << EOF
[ req ]
distinguished_name = req_distinguished_name
[req_distinguished_name]

leoh0

# 마스터의 ca.crt 와 ca.key
cp ca.crt ca.key ~/temp
cd ~/temp

cat > openssl.cnf << EOF
[ req ]
distinguished_name = req_distinguished_name
[req_distinguished_name]
[ v3_ca ]
basicConstraints = critical, CA:TRUE

leoh0

# http://docs.openstack.org/developer/heat/template_guide/hot_spec.html#heat-template-version
heat_template_version: 2014-10-16

# This template is the equivalent of the command set:
# $ wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
# $ glance image-create --name='cirros image' --container-format=bare --disk-format=qcow2 < cirros-0.3.5-x86_64-disk.img
# or:
# $ glance --os-image-api-version 1 image-create --name='cirros image' --container-format=bare --disk-format=qcow2 --location http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img