K8s yaml 파일
Updated:
K8s yaml 파일
K8s yaml파일은 k8s component(service, deploy, pod 등등)의 형상(configuration)을 기재란 선언문(declaration)이다. 동일한 작업을 kubectl의 다양한 명령들을 사용해서도 달성할 수 있으나 불편하기 때문에 선언적으로 configure한 yaml파일을 사용하여 k8s 클러스터에서 pod(container)를 orchestrate(조율)하는 것이 바람직하다.
- metadata: 리소스의 라벨, 이름 등을 지정한다.
- spec(specification): 각 컴포넌트에 대한 상세 설명, 어떤 오브젝트 종류인지에 따라 다른 내용을 담는다.
- status: 쿠버네티스가 자동으로 생성, 자신의 원하는 상태가 되도록 현재 상태를 기술한다.
Google kubernetes-bootcamp example
kubeadm, kubelet, kubectl이 설치되어 있는 Control plane과 worker를 준비한다. 이전 실습에서 모든 Nodes에서 clean up을 하였으므로 Control plane에서 다음 명령어들을 다시 입력한다.
- sudo kubeadm init –pod-network-cidr=192.168.0.0/16
- mkdir -p $HOME/.kube
- sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
- sudo chown $(id -u):$(id -g) $HOME/.kube/config
- kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.3/manifests/tigera-operator.yaml
- curl https://raw.githubusercontent.com/projectcalico/calico/v3.27.3/manifests/custom-resources.yaml -O
- kubectl create -f custom-resources.yaml
이제 다시 worker nodes에서 join을 시킨다. 이후 Control plane에서 다음 명령어로 worker nodes에 잘 join되었는지 확인한다.
- kubectl get nodes
- kubectl get pods -n kube-system
join이 잘 되었으면 Docker image로 부터 deployment를 만들어 본다.
- kubectl create deployment kubernetes-bootcamp –image=gcr.io/google-samples/kubernetes-bootcamp:v1
- kubectl get deployments
- kubuctl get svc
- kubectl get pods -o wide
- curl http://192.168.133.194:8080
- 192.168.133.194는 pod network`s IP address이다.
- Worker node에서 서비스가 동작되는지 확인한다.
- worker-2에서는 서비스가 되지만 worker-1에서는 서비스가 되지 않는다.
- kubectl describe po kubernetes-bootcamp-644c5687f4-f7jck
- kubernetes-bootcamp-644c5687f4-f7jck는 pod name이다.
Name: kubernetes-bootcamp-644c5687f4-f7jck
Namespace: default
Priority: 0
Service Account: default
Node: worker-2/172.31.5.70
Start Time: Sun, 09 Jun 2024 14:59:15 +0000
Labels: app=kubernetes-bootcamp
pod-template-hash=644c5687f4
Annotations: cni.projectcalico.org/containerID: 9bea983bfcbdb903901eaa14bb03d3678a3f636dd6e0cc5418d9c6d33bfb4c8c
cni.projectcalico.org/podIP: 192.168.133.194/32
cni.projectcalico.org/podIPs: 192.168.133.194/32
Status: Running
IP: 192.168.133.194
IPs:
IP: 192.168.133.194
Controlled By: ReplicaSet/kubernetes-bootcamp-644c5687f4
Containers:
kubernetes-bootcamp:
Container ID: containerd://1a5d91e7b64b414054c75f0d63ee16403294f4126749315c336f90f6e3e173e9
Image: gcr.io/google-samples/kubernetes-bootcamp:v1
Image ID: gcr.io/google-samples/kubernetes-bootcamp@sha256:0d6b8ee63bb57c5f5b6156f446b3bc3b3c143d233037f3a2f00e279c8fcc64af
Port: <none>
Host Port: <none>
State: Running
Started: Sun, 09 Jun 2024 14:59:26 +0000
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-z4lz4 (ro)
Conditions:
Type Status
PodReadyToStartContainers True
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kube-api-access-z4lz4:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 10m default-scheduler Successfully assigned default/kubernetes-bootcamp-644c5687f4-f7jck to worker-2
Normal Pulling 10m kubelet Pulling image "gcr.io/google-samples/kubernetes-bootcamp:v1"
Normal Pulled 10m kubelet Successfully pulled image "gcr.io/google-samples/kubernetes-bootcamp:v1" in 10.763s (10.763s including waiting). Image size: 83642968 bytes.
Normal Created 10m kubelet Created container kubernetes-bootcamp
Normal Started 10m kubelet Started container kubernetes-bootcamp
- kubectl get deploy kubernetes-bootcamp -o yaml
- kubernetes-bootcamp는 deployment name이다.
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
creationTimestamp: "2024-06-09T14:59:15Z"
generation: 1
labels:
app: kubernetes-bootcamp
name: kubernetes-bootcamp
namespace: default
resourceVersion: "1614"
uid: 14dbe9cd-fec9-4e64-b49a-5a62f593ebc1
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: kubernetes-bootcamp
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: kubernetes-bootcamp
spec:
containers:
- image: gcr.io/google-samples/kubernetes-bootcamp:v1
imagePullPolicy: IfNotPresent
name: kubernetes-bootcamp
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
status:
availableReplicas: 1
conditions:
- lastTransitionTime: "2024-06-09T14:59:27Z"
lastUpdateTime: "2024-06-09T14:59:27Z"
message: Deployment has minimum availability.
reason: MinimumReplicasAvailable
status: "True"
type: Available
- lastTransitionTime: "2024-06-09T14:59:15Z"
lastUpdateTime: "2024-06-09T14:59:27Z"
message: ReplicaSet "kubernetes-bootcamp-644c5687f4" has successfully progressed.
reason: NewReplicaSetAvailable
status: "True"
type: Progressing
observedGeneration: 1
readyReplicas: 1
replicas: 1
updatedReplicas: 1
- kubectl describe svc kubernetes
- kubernetes는 svc name이다.
Name: kubernetes
Namespace: default
Labels: component=apiserver
provider=kubernetes
Annotations: <none>
Selector: <none>
Type: ClusterIP
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.96.0.1
IPs: 10.96.0.1
Port: https 443/TCP
TargetPort: 6443/TCP
Endpoints: 172.31.12.111:6443
Session Affinity: None
Events: <none>
- kubectl get svc kubernetes -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: "2024-06-09T14:54:06Z"
labels:
component: apiserver
provider: kubernetes
name: kubernetes
namespace: default
resourceVersion: "234"
uid: 516d7852-b9e0-4dff-ab0a-2cf27e9a168b
spec:
clusterIP: 10.96.0.1
clusterIPs:
- 10.96.0.1
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: https
port: 443
protocol: TCP
targetPort: 6443
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
yaml파일 예제
deploying pods to the cluster
- vi run-my-nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx
spec:
selector:
matchLabels:
run: my-nginx
replicas: 2
template:
metadata:
labels:
run: my-nginx
spec:
containers:
- name: my-nginx
image: nginx
ports:
- containerPort: 80
- kubectl apply -f run-my-nginx.yaml
- kubectl get pods -l run=my-nginx -o wide
pod들의 IP확인하고 worker node에서 pod ip주소 사용하여 다음 명령어를 입력한다.
- curl http://192.168.226.66:80
- 위 IP주소를 worker-2에서 입력하면 동작하지 않는다.
- curl http://192.168.133.195:80
creating a service
- vi nginx-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: my-nginx
labels:
run: my-nginx
spec:
ports:
- port: 80
protocol: TCP
selector:
run: my-nginx
- kubectl apply -f nginx-svc.yaml
- kubectl get svc my-nginx
- cluster-ip와 port번호를 확인한다.
- kubectl describe svc
임의의 node에서 curl http://10.98.213.142:80을 실행하여 pod동작을 확인한다. 여기서 10.98.213.142는 cluster-ip이다. 다음을 보면 worker-1과 worker-2에서 잘 동작함을 확인할 수 있다.
- kubectl get services kube-dns –namespace=kube-system
Use a Service to Access an Application in a Cluster
- vi hello-application.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: hello-world
spec:
selector:
matchLabels:
run: load-balancer-example
replicas: 2
template:
metadata:
labels:
run: load-balancer-example
spec:
containers:
- name: hello-world
image: us-docker.pkg.dev/google-samples/containers/gke/hello-app:2.0
ports:
- containerPort: 8080
protocol: TCP
- kubectl apply -f https://k8s.io/examples/service/access/hello-application.yaml
- kubectl get deployments hello-world
- deployment.apps/hello-world created
- kubectl describe deployments hello-world
Name: hello-world
Namespace: default
CreationTimestamp: Sun, 09 Jun 2024 16:14:24 +0000
Labels: <none>
Annotations: deployment.kubernetes.io/revision: 1
Selector: run=load-balancer-example
Replicas: 2 desired | 2 updated | 2 total | 1 available | 1 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: run=load-balancer-example
Containers:
hello-world:
Image: us-docker.pkg.dev/google-samples/containers/gke/hello-app:2.0
Port: 8080/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Node-Selectors: <none>
Tolerations: <none>
Conditions:
Type Status Reason
---- ------ ------
Available False MinimumReplicasUnavailable
Progressing True ReplicaSetUpdated
OldReplicaSets: <none>
NewReplicaSet: hello-world-cdd4458f4 (2/2 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 10s deployment-controller Scaled up replica set hello-world-cdd4458f4 to 2
- kubectl get replicasets
NAME DESIRED CURRENT READY AGE
hello-world-cdd4458f4 2 2 2 16s
kubernetes-bootcamp-644c5687f4 1 1 1 75m
my-nginx-fdd6574f7 2 2 2 35m
- kubectl describe replicasets
Name: hello-world-cdd4458f4
Namespace: default
Selector: pod-template-hash=cdd4458f4,run=load-balancer-example
Labels: pod-template-hash=cdd4458f4
run=load-balancer-example
Annotations: deployment.kubernetes.io/desired-replicas: 2
deployment.kubernetes.io/max-replicas: 3
deployment.kubernetes.io/revision: 1
Controlled By: Deployment/hello-world
Replicas: 2 current / 2 desired
Pods Status: 2 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: pod-template-hash=cdd4458f4
run=load-balancer-example
Containers:
hello-world:
Image: us-docker.pkg.dev/google-samples/containers/gke/hello-app:2.0
Port: 8080/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Node-Selectors: <none>
Tolerations: <none>
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 20s replicaset-controller Created pod: hello-world-cdd4458f4-l7lff
Normal SuccessfulCreate 20s replicaset-controller Created pod: hello-world-cdd4458f4-5lrvm
Name: kubernetes-bootcamp-644c5687f4
Namespace: default
Selector: app=kubernetes-bootcamp,pod-template-hash=644c5687f4
Labels: app=kubernetes-bootcamp
pod-template-hash=644c5687f4
Annotations: deployment.kubernetes.io/desired-replicas: 1
deployment.kubernetes.io/max-replicas: 2
deployment.kubernetes.io/revision: 1
Controlled By: Deployment/kubernetes-bootcamp
Replicas: 1 current / 1 desired
Pods Status: 1 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: app=kubernetes-bootcamp
pod-template-hash=644c5687f4
Containers:
kubernetes-bootcamp:
Image: gcr.io/google-samples/kubernetes-bootcamp:v1
Port: <none>
Host Port: <none>
Environment: <none>
Mounts: <none>
Volumes: <none>
Node-Selectors: <none>
Tolerations: <none>
Events: <none>
Name: my-nginx-fdd6574f7
Namespace: default
Selector: pod-template-hash=fdd6574f7,run=my-nginx
Labels: pod-template-hash=fdd6574f7
run=my-nginx
Annotations: deployment.kubernetes.io/desired-replicas: 2
deployment.kubernetes.io/max-replicas: 3
deployment.kubernetes.io/revision: 1
Controlled By: Deployment/my-nginx
Replicas: 2 current / 2 desired
Pods Status: 2 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: pod-template-hash=fdd6574f7
run=my-nginx
Containers:
my-nginx:
Image: nginx
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Node-Selectors: <none>
Tolerations: <none>
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 35m replicaset-controller Created pod: my-nginx-fdd6574f7-kw8fb
Normal SuccessfulCreate 35m replicaset-controller Created pod: my-nginx-fdd6574f7-bnnn4
- kubectl expose deployment hello-world –type=NodePort –name=example-service
- service/example-service exposed
- kubectl describe services example-service
Name: example-service
Namespace: default
Labels: <none>
Annotations: <none>
Selector: run=load-balancer-example
Type: NodePort
IP Family Policy: SingleStack
IP Families: IPv4
IP: 10.109.54.72
IPs: 10.109.54.72
Port: <unset> 8080/TCP
TargetPort: 8080/TCP
NodePort: <unset> 32353/TCP
Endpoints: 192.168.133.196:8080,192.168.226.67:8080
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
- kubectl get pods –selector=”run=load-balancer-example” –output=wide
- curl http://192.168.226.67:8080
- curl http://192.168.113.196:8080
- kubectl get deployment
- kubectl get po -o wide
- 위에서 봤던 IP주소를 볼 수 있다.
- kubectl describe svc
- kubectl describe svc example-service
- 이제 curl http://worker-nodes-public-ip:32353을 하면 어디에서든 접속이 되는 것을 확인할 수 있다.
실습을 하기위해 만든 모든 yaml파일을 삭제해본다.(배포만 삭제?)
- kubectl delete deploy –all
- kubectl delete svc –all
댓글남기기