{"id":8270,"date":"2024-01-10T18:43:37","date_gmt":"2024-01-10T09:43:37","guid":{"rendered":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=8270"},"modified":"2024-01-13T17:20:56","modified_gmt":"2024-01-13T08:20:56","slug":"ubuntu-22-04-%ec%97%90%ec%84%9c-kubernetes-%ec%84%a4%ec%b9%98%ed%95%98%ea%b8%b0-without-docker","status":"publish","type":"post","link":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=8270","title":{"rendered":"Ubuntu 22.04 \uc5d0\uc11c Kubernetes \uc124\uce58\ud558\uae30 (Without Docker)"},"content":{"rendered":"<h1>Ubuntu 22.04 \uc5d0\uc11c Kubernetes \uc124\uce58\ud558\uae30 (Without Docker)<\/h1>\n<blockquote>\n<p>Docker \uac00 \uc5c6\ub294 \uc0c1\ud669\uc5d0\uc11c Kubernetes \ub97c \uc124\uce58\ud558\ub294 \ubc29\ubc95\uc744 \uc124\uba85\ud569\ub2c8\ub2e4.<\/p>\n<\/blockquote>\n<p>\uc544\ub798 \ub0b4\uc6a9\uc740 AWS EC2 \ub97c \uc774\uc6a9\ud574 Kubernetes \ub97c \uc124\uce58\ud558\ub294 \ubc29\ubc95\uc744 \uc124\uba85\ud569\ub2c8\ub2e4.<\/p>\n<p>\uac04\ub2e8\ud788 \ud750\ub984\uc744 \uc815\ub9ac\ud574 \ubcf4\uba74<\/p>\n<ul>\n<li>EC2 \uc778\uc2a4\ud134\uc2a4 \uc0dd\uc131<\/li>\n<li>\ubaa8\ub4e0 \uc778\uc2a4\ud134\uc2a4\uc5d0 \uc900\ube44\uc0ac\ud56d \ubc18\uc601<\/li>\n<li>\ubaa8\ub4e0 \uc778\uc2a4\ud134\uc2a4\uc5d0 \ub3c4\ucee4 \uc124\uce58<\/li>\n<li>Control-plane \uad6c\uc131 (master only)<\/li>\n<li>Worker node \uad6c\uc131 (worker node only)<\/li>\n<\/ul>\n<p>\uc774\ub807\uac8c \uc9c4\ud589\ud569\ub2c8\ub2e4.<\/p>\n<p>\uae30\ud0c0 Hello, World \uc571\uc744 \uc2e4\ud589\uc2dc\ucf1c \ubcf4\ub294 \uac83\uc740 \ub2e4\ub978 \ubb38\uc11c\uc5d0 \uc791\uc131\ud558\ub3c4\ub85d \ud558\uaca0\uc2b5\ub2c8\ub2e4.<\/p>\n<h2>EC2 \uc778\uc2a4\ud134\uc2a4 \uc0dd\uc131<\/h2>\n<p>Ubuntu 22.04 \ubc84\uc804\uc744 \uc120\ud0dd\ud574\uc11c \uc778\uc2a4\ud134\uc2a4\ub97c \uc0dd\uc131\ud569\ub2c8\ub2e4.<\/p>\n<p>Master \uc5d0\ub294 t3.small(\uba54\ubaa8\ub9ac 2G, CPU 2\uac1c, 20G), Node 01 \uc5d0\ub294 t3.medium(\uba54\ubaa8\ub9ac 4G, CPU 2\uac1c, 20G)\ub97c \uc124\uc815\ud574 \uc90d\ub2c8\ub2e4.<\/p>\n<p>\ube44\uc6a9\uc740 \uc2dc\uac04\ub2f9 100\uc6d0\uc774 \uc548\ub418\ubbc0\ub85c \uc0dd\uc131\ud655\uc778 \ud6c4 \uc0ad\uc81c\ud558\uba74 \ube44\uc6a9\ubc1c\uc0dd\uc740 \ub9ce\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.<\/p>\n<h2>\ubaa8\ub4e0 \uc778\uc2a4\ud134\uc2a4\uc5d0 \uc900\ube44\uc0ac\ud56d \ubc18\uc601<\/h2>\n<h3>\uc2dc\uc2a4\ud15c \uc5c5\ub370\uc774\ud2b8<\/h3>\n<pre><code class=\"language-bash\">sudo apt update\nsudo sed -i &quot;\/#\\$nrconf{restart} = &#039;i&#039;;\/s\/.*\/\\$nrconf{restart} = &#039;a&#039;;\/&quot; \/etc\/needrestart\/needrestart.conf\nsudo apt -y upgrade<\/code><\/pre>\n<h3>Swap off<\/h3>\n<p>AWS EC2 \uc778\uc2a4\ud134\uc2a4\ub294 \ub514\ud3f4\ud2b8\ub85c \uc2a4\uc651\uc744 disable \uc2dc\ud0a4\ubbc0\ub85c \ud544\uc694\uc5c6\uae30\ub294 \ud558\uc9c0\ub9cc \uadf8\ub798\ub3c4 \uc801\uc5b4 \ub193\uc2b5\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-bash\">sudo swapoff -a &amp;&amp; sudo sed -i &#039;\/ swap \/ s\/^\\(.*\\)$\/#\\1\/g&#039; \/etc\/fstab<\/code><\/pre>\n<h3>\ubc29\ud654\ubcbd off<\/h3>\n<pre><code class=\"language-bash\">sudo ufw disable<\/code><\/pre>\n<h3>\ucee4\ub110 \ud30c\ub77c\ubbf8\ud130 \uc218\uc815<\/h3>\n<pre><code class=\"language-bash\">sudo tee \/etc\/modules-load.d\/containerd.conf &lt;&lt;EOF\noverlay\nbr_netfilter\nEOF\n\nsudo modprobe overlay\nsudo modprobe br_netfilter<\/code><\/pre>\n<pre><code class=\"language-bash\">sudo tee \/etc\/sysctl.d\/kubernetes.conf &lt;&lt;EOF\nnet.bridge.bridge-nf-call-ip6tables = 1\nnet.bridge.bridge-nf-call-iptables = 1\nnet.ipv4.ip_forward = 1\nEOF\n\nsudo sysctl --system<\/code><\/pre>\n<h3>\ubcf4\uc548\uadf8\ub8f9 \uc124\uc815<\/h3>\n<p>allow-kubernetes \ub77c\ub294 \uc774\ub984\uc758 \ubcf4\uc548\uadf8\ub8f9\uc744 \uc0dd\uc131\ud569\ub2c8\ub2e4.<br \/>\ninbound\/outbound \ub294 \uc124\uc815\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.<\/p>\n<p>protect-kubernetes \ub77c\ub294 \uc774\ub984\uc758 \ubcf4\uc548\uadf8\ub8f9\uc744 \uc0dd\uc131\ud569\ub2c8\ub2e4.<br \/>\ninbound \uc5d0 \uc544\ub798 \ub0b4\uc6a9\uc744 \uc124\uc815\ud569\ub2c8\ub2e4.<\/p>\n<ul>\n<li>\uc720\ud615 : \ubaa8\ub4e0 TCP<\/li>\n<li>\ud3ec\ud2b8\ubc94\uc704 : 0 \u2013 65535<\/li>\n<li>\uc18c\uc2a4 : allow-kubernetes<\/li>\n<\/ul>\n<p>allow-kubernetes, protect-kubernetes \ub97c \ubaa8\ub4e0 master\/node \uc5d0 \ud560\ub2f9\ud574 \uc90d\ub2c8\ub2e4.<\/p>\n<h2>\ubaa8\ub4e0 \uc778\uc2a4\ud134\uc2a4\uc5d0 containerd \uc124\uce58<\/h2>\n<pre><code class=\"language-bash\">sudo apt-get update\n\n# \uc758\uc874\uc131 \ubaa9\ub85d\uc744 \ubc18\ub4dc\uc2dc \ud655\uc778\ud558\uc790. \ubaa9\ub85d\uc774 \ud2c0\ub9ac\uba74 containerd \uac00 \uc624\uc791\ub3d9\ud55c\ub2e4.\nsudo apt install -y \\\n    curl \\\n    gnupg2 \\\n    software-properties-common \\\n    apt-transport-https \\\n    ca-certificates<\/code><\/pre>\n<pre><code class=\"language-bash\">sudo curl -fsSL https:\/\/download.docker.com\/linux\/ubuntu\/gpg | sudo gpg --dearmour -o \/etc\/apt\/trusted.gpg.d\/docker.gpg\nsudo add-apt-repository -y &quot;deb [arch=amd64] https:\/\/download.docker.com\/linux\/ubuntu $(lsb_release -cs) stable&quot;<\/code><\/pre>\n<pre><code class=\"language-bash\">sudo apt update\nsudo apt install -y containerd.io<\/code><\/pre>\n<pre><code class=\"language-bash\">containerd config default | sudo tee \/etc\/containerd\/config.toml &gt;\/dev\/null 2&gt;&amp;1\nsudo sed -i &#039;s\/SystemdCgroup \\= false\/SystemdCgroup \\= true\/g&#039; \/etc\/containerd\/config.toml\n\nsudo systemctl restart containerd\nsudo systemctl enable containerd\n\ncat \/etc\/containerd\/config.toml | grep SystemdCgroup\nsudo systemctl status containerd<\/code><\/pre>\n<p>containerd \uc758 \uc815\uc0c1 \uc124\uce58 \ud655\uc778\uc774 \uc911\uc694\ud569\ub2c8\ub2e4.<br \/>\n\uc544\ub798 Kubernetes \uc758 \uc124\uce58\ub294 \ub2e4\ub978 \uac83\uc774 \uc5c6\uc2b5\ub2c8\ub2e4.<\/p>\n<h2>\ubaa8\ub4e0 \uc778\uc2a4\ud134\uc2a4\uc5d0 Kubernetes \uc124\uce58<\/h2>\n<pre><code class=\"language-bash\">curl -s https:\/\/packages.cloud.google.com\/apt\/doc\/apt-key.gpg | sudo gpg --dearmour -o \/etc\/apt\/trusted.gpg.d\/kubernetes-xenial.gpg\nsudo apt-add-repository -y &quot;deb http:\/\/apt.kubernetes.io\/ kubernetes-xenial main&quot;\n\nsudo apt update\nsudo apt install -y kubelet kubeadm kubectl\nsudo apt-mark hold kubelet kubeadm kubectl<\/code><\/pre>\n<h2>Control-plane \uad6c\uc131 (master only)<\/h2>\n<p>\ubc18\ub4dc\uc2dc master \uc5d0\uc11c\ub9cc \uc2e4\ud589\ud569\ub2c8\ub2e4.<\/p>\n<p><code>--control-plane-endpoint<\/code>, <code>--upload-certs<\/code> \ub97c \uc124\uc815\ud574 \uc8fc\uba74 \ucd94\uac00\ud560 \ub178\ub4dc\ub97c Master \ub85c \uc870\uc778\ud560 \uc218 \uc788\ub294 \uba85\ub839\uc5b4\ub97c \uc81c\uacf5\ud569\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-bash\">sudo kubeadm init\n# sudo kubeadm init --control-plane-endpoint &quot;172.31.43.124:6443&quot; --upload-certs<\/code><\/pre>\n<p>\uc544\ub798\uc640 \uc720\uc0ac\ud55c \uba54\uc2dc\uc9c0\uac00 \ud45c\uc2dc\ub418\uba74 \uba54\ubaa8\uc7a5\uac19\uc740 \uacf3\uc5d0 \ubcf5\uc0ac\ud574 \ub193\uc2b5\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-bash\">kubeadm join 172.31.43.124:6443 --token co2dgc.6tqutxehblku3mpp \\\n        --discovery-token-ca-cert-hash sha256:af76d7e108915d86b3af4be9a8b3d1e26799de1a96ec75f84e80d7be32b68012<\/code><\/pre>\n<p>\uc544\ub798 \uba85\ub839\uc744 \uc124\uc815\ud574 \uc90c\uc73c\ub85c \ud574\uc11c sudo \uc5c6\uc774 kubectl \uc744 \uc2e4\ud589\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-bash\">mkdir -p $HOME\/.kube\nsudo cp -i \/etc\/kubernetes\/admin.conf $HOME\/.kube\/config\nsudo chown $(id -u):$(id -g) $HOME\/.kube\/config\n\n# sudo \ub97c \ubd99\uc774\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.\nkubectl version\n---------------------------\nClient Version: v1.28.2\nKustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3\nServer Version: v1.28.5\n\nkubectl get nodes\n---------------------------\nNAME               STATUS     ROLES           AGE     VERSION\nip-172-31-43-124   NotReady   control-plane   3m40s   v1.28.2\n\nkubectl get pods -n kube-system\n---------------------------\nNAME                                      READY   STATUS    RESTARTS   AGE\ncoredns-5dd5756b68-jz8hj                  0\/1     Pending   0          2m50s\ncoredns-5dd5756b68-qg2ll                  0\/1     Pending   0          2m50s\netcd-ip-172-31-41-44                      1\/1     Running   0          2m53s\nkube-apiserver-ip-172-31-41-44            1\/1     Running   0          2m53s\nkube-controller-manager-ip-172-31-41-44   1\/1     Running   0          2m53s\nkube-proxy-d8lwv                          1\/1     Running   0          2m51s\nkube-scheduler-ip-172-31-41-44            1\/1     Running   0          2m53s<\/code><\/pre>\n<p>\uc704\uc5d0 NotReady\/Pending \uc740 \uc2e0\uacbd\uc4f0\uc9c0 \uc54a\uc544\ub3c4 \ub429\ub2c8\ub2e4.<\/p>\n<h2>Worker node \uad6c\uc131 (worker node only)<\/h2>\n<p>\uc544\ub798 \uba85\ub839\uc73c\ub85c Worker node \ub97c \ub4f1\ub85d\ud569\ub2c8\ub2e4.<\/p>\n<p>sudo \ub97c \ubc18\ub4dc\uc2dc \ubd99\uc5ec\uc11c \uc2e4\ud589\ud574\uc57c \ud569\ub2c8\ub2e4.<\/p>\n<pre><code class=\"language-bash\">sudo kubeadm join 172.31.16.157:6443 --token ou08ek.xzjXXXXXXXXXXXXX \\\n        --discovery-token-ca-cert-hash sha256:6e0305d27b12b3f8b51d8e021138d59227124c2XXXXXXXXXXXXXXXX<\/code><\/pre>\n<h2>Pod network \uc560\ub4dc\uc628 \uc124\uce58 (master only)<\/h2>\n<pre><code class=\"language-bash\"># kubectl apply -f https:\/\/github.com\/weaveworks\/weave\/releases\/download\/v2.8.1\/weave-daemonset-k8s.yaml\nkubectl apply -f https:\/\/raw.githubusercontent.com\/projectcalico\/calico\/v3.25.0\/manifests\/calico.yaml<\/code><\/pre>\n<pre><code class=\"language-bash\">kubectl get nodes\nkubectl get pods -n kube-system<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Ubuntu 22.04 \uc5d0\uc11c Kubernetes \uc124\uce58\ud558\uae30 (Without Docker) Docker \uac00 \uc5c6\ub294 \uc0c1\ud669\uc5d0\uc11c Kubernetes \ub97c \uc124\uce58\ud558\ub294 \ubc29\ubc95\uc744 \uc124\uba85\ud569\ub2c8\ub2e4. \uc544\ub798 \ub0b4\uc6a9\uc740 AWS EC2 \ub97c \uc774\uc6a9\ud574 Kubernetes \ub97c \uc124\uce58\ud558\ub294 \ubc29\ubc95\uc744 \uc124\uba85\ud569\ub2c8\ub2e4. \uac04\ub2e8\ud788 \ud750\ub984\uc744 \uc815\ub9ac\ud574 \ubcf4\uba74 EC2 \uc778\uc2a4\ud134\uc2a4 \uc0dd\uc131 \ubaa8\ub4e0 \uc778\uc2a4\ud134\uc2a4\uc5d0 \uc900\ube44\uc0ac\ud56d \ubc18\uc601 \ubaa8\ub4e0 \uc778\uc2a4\ud134\uc2a4\uc5d0 \ub3c4\ucee4 \uc124\uce58 Control-plane \uad6c\uc131 (master only) Worker node \uad6c\uc131 (worker node only) \uc774\ub807\uac8c \uc9c4\ud589\ud569\ub2c8\ub2e4. \uae30\ud0c0\u2026 <span class=\"read-more\"><a href=\"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=8270\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-8270","post","type-post","status-publish","format-standard","hentry","category-kubernetes"],"_links":{"self":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/8270","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8270"}],"version-history":[{"count":12,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/8270\/revisions"}],"predecessor-version":[{"id":8346,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/8270\/revisions\/8346"}],"wp:attachment":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8270"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8270"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8270"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}