구축1 : metrics-server 설정
root@ip-172-31-4-27:~# kubectl create -f https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.3.7/components.yaml
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
Warning: apiregistration.k8s.io/v1beta1 APIService is deprecated in v1.19+, unavailable in v1.22+; use apiregistration.k8s.io/v1 APIService
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
serviceaccount/metrics-server created
deployment.apps/metrics-server created
service/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
pod가 정상적으로 올라왔는지 확인
root@ip-172-31-4-27:~# kubectl -n kube-system get pods | grep metrics
metrics-server-68b849498d-7t5wj 1/1 Running 0 37s
deployment 수정
#kubectl -n kube-system edit deployment metrics-server
spec:
containers:
- args:
- --cert-dir=/tmp
- --secure-port=4443
- --kubelet-insecure-tls #@2 lines 추가
- --kubelet-preferred-address-types=InternalIP #@2 lines 추가
image: k8s.gcr.io/metrics-server-amd64:v0.3.6
imagePullPolicy: IfNotPresent
name: metrics-server
해당 metrics-server 로그를 확인한다. 에러가 없는지 확인한다.
root@ip-172-31-4-27:~# kubectl -n kube-system logs metrics-server-75f98fdbd5-g99j7
I1204 05:15:45.506075 1 serving.go:312] Generated self-signed cert (/tmp/apiserver.crt, /tmp/apiserver.key)
I1204 05:15:45.792267 1 secure_serving.go:116] Serving securely on [::]:4443
root@ip-172-31-4-27:~# kubectl top pods --all-namespaces
NAMESPACE NAME CPU(cores) MEMORY(bytes)
calico-system calico-kube-controllers-5c6f449c6f-w2pwg 1m 12Mi
calico-system calico-node-9zjx2 16m 88Mi
calico-system calico-node-nrj94 17m 91Mi
calico-system calico-typha-564cccbfc5-r7pww 1m 16Mi
calico-system calico-typha-564cccbfc5-znjsc 1m 17Mi
default idolized-mule-mariadb-master-0 2m 81Mi
default idolized-mule-mariadb-slave-0 2m 81Mi
kube-system coredns-f9fd979d6-5t4g6 2m 8Mi
kube-system coredns-f9fd979d6-r9p5f 2m 8Mi
kube-system etcd-ip-172-31-4-27 16m 84Mi
kube-system kube-apiserver-ip-172-31-4-27 51m 407Mi
kube-system kube-controller-manager-ip-172-31-4-27 11m 47Mi
kube-system kube-proxy-28mlr 5m 18Mi
kube-system kube-proxy-tn6qw 3m 18Mi
kube-system kube-scheduler-ip-172-31-4-27 4m 15Mi
kube-system metrics-server-75f98fdbd5-g99j7 2m 10Mi
kube-system tiller-deploy-7b56c8dfb7-tcp8l 1m 7Mi
kubernetes-dashboard dashboard-metrics-scraper-7b59f7d4df-nsqn6 1m 4Mi
kubernetes-dashboard kubernetes-dashboard-74d688b6bc-sjprt 1m 6Mi
tigera-operator tigera-operator-6998c47f45-pzsc7 2m 18Mi
root@ip-172-31-4-27:~# kubectl top nodes
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
ip-172-31-13-180 102m 5% 706Mi 18%
ip-172-31-4-27 205m 10% 1357Mi 35%
구축2 : Configure the Dashboard 구축
root@ip-172-31-4-27:~# kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
#@ svc 확인한다
root@ip-172-31-4-27:~# kubectl get svc --all-namespaces | grep dash
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.100.63.100 <none> 8000/TCP 24s
kubernetes-dashboard kubernetes-dashboard ClusterIP 10.96.178.195 <none> 443/TCP
#kubectl -n kubernetes-dashboard edit svc kubernetes-dashboard
selector:
type: NodePort #으로 변경 내부에서 확인하려면 NodePort로 바꿔줘야 한다.
status:
#@ dashboard의 NodePort로 접속테스트를 한다.
root@ip-172-31-4-27:~# kubectl get svc -n kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.100.63.100 <none> 8000/TCP 67s
kubernetes-dashboard NodePort 10.96.178.195 <none> 443:30011/TCP 67s
root@ip-172-31-4-27:~# kubectl create clusterrolebinding kubernetes-dashboard-admin --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:kubernetes-dashboard
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-admin created
토큰 기반 Dashboard 접속을 위해
root@ip-172-31-4-27:~# kubectl -n kubernetes-dashboard describe secrets kubernetes-dashboard-token-m99f2
Name: kubernetes-dashboard-token-m99f2
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: 9b3e254d-b87a-40ab-bfed-7e217d15504d
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1066 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6ImxoZEdBYnhGY2I2Y2k5N2RYcHBSOThYODNMb1E0ZkpORS1IU2h5Vy0xUU0ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1tOTlmMiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjliM2UyNTRkLWI4N2EtNDBhYi1iZmVkLTdlMjE3ZDE1NTA0ZCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.cLYvbRTf3uidfPi84BOA8Iw62y27g6I7D8rj8L4wPmbXWNru2ja2Jy6AS81rcPWcn6Yc6hZgk-R1IG4fEGZVhPyedPyeYkG4BOhreVpSo_mY9_3FOxL2OhsvVW_hmDtUFACx1mMRQY-ciHj-ZEFeZsq03BnqIZDjb7pAq0LnJuBONTzr6o9HoOqHlP9egH2JO5pm64NIE__jqxNGr77B3GAwq_f45iMV007nEZ-LWvrb-wLbNO91jBVnk5qGC1Uu_7wR0KdArExpYuWhRIWMqCp2VM3e3hDJnDi8foKf7O4oQuyIMPFix_XQuK1s2GD6b7mHMVSkOqS7HJ5FzPFgBg
https://15.165.170.115:30011로 접속하면 가능하다.
'클라우드 컴퓨팅 & NoSQL > k8s' 카테고리의 다른 글
HPA 설정 (0) | 2020.12.06 |
---|---|
AutoScaling (0) | 2020.12.06 |
Monitoring (0) | 2020.12.06 |
statefulset 시나리오 (0) | 2020.12.06 |
statefulset (0) | 2020.12.06 |