1. ssh key 생성
$ ssh-keygen -t rsa -q -N "" -f kubespray_ssh_key
2. secret 생성
$ kubectl create secret generic --from-file=id_rsa=./kubespray_ssh_key kubespray-ssh-key -n default
3. 노드 정보 삽입
$ sshpass -p passwd123 ssh-copy-id -i kubespray_ssh_key.pub 192.168.56.101
4. Image 생성
....
5. Job 생성
| test-cluster-deploy-job.yaml |
| apiVersion: batch/v1 kind: Job metadata: name: test-cluster-deploy-kubespray.2.16.0 namespace: default spec: template: spec: hostNetwork: true nodeSelector: node-role.kubernetes.io/management: management tolerations: - operator: Exists containers: - name: kubespray image: 192.168.56.101:5000/kubespray/forest-kubespray:v1.20.7 imagePullPolicy: Always env: - name: MODE value: DEPLOY - name: CLUSTER_RUNTIME value: docker - name: CLUSTER_NAME value: test-service - name: MASTERS value: master01:192.168.56.101,master02:192.168.56.102,master03:192.168.56.103 - name: WORKERS value: worker01:192.168.56.104,worker02:192.168.56.105,worker02:192.168.56.105,worker03:192.168.56.106 - name: INGRESSES value: worker01,worker02 - name: EGRESSES value: worker01,worker02 - name: PRIVATE_REPO value: 192.168.56.101 - name: PRIVATE_REGISTRY value: 192.168.56.101:5000 - name: PRIVATE_NTP value: 192.168.56.101 volumeMounts: - name: ssh-key-volume mountPath: "/etc/ssh-key" - name: inventory-volume mountPath: "/kubespray/inventory" volumes: - name: ssh-key-volume secret: secretName: kubespray-ssh-key defaultMode: 256 - name: inventory-volume persistentVolumeClaim: claimName: kubespray-inventory restartPolicy: Never backoffLimit: 0 |
7. kubectl apply -f
*노드에 taint가 걸려있기 때문에 toleration 설정이 필요
taints:
- effect: NoSchedule
key: management
value: "true"
'Kubernetes' 카테고리의 다른 글
| [context] 원격지 클러스터 context 적용 스크립트 (0) | 2021.11.09 |
|---|---|
| [kubespray] 배포 방화벽 (0) | 2021.11.01 |
| [Gatekeeper] K8S 클러스터 정책 제어 (0) | 2021.09.10 |
| [custom-columns] event 정렬 (0) | 2021.09.10 |
| VM 재기동시 kube-apiserver 기동 불가현상 - Kernel (0) | 2021.07.28 |