Kubernetes

Vagrant를 사용하는 Containerd 런타임을 가지는 Kubernetes

zerobig-k8s 2021. 8. 16. 06:20
이번 글은 Kubernetes 관련해서 유용한 동영상 컨텐츠를 게시해 주시는 Just me and Opensource님의 게시물 중 "[ Kube 94 ] Kubernetes with Containerd on Ubuntu using Vagrant"를 베이스로 하여 작성되었습니다. (사전 협의 완료)
이 글에서는 Azure 상에 VM을 생성하고 그 위에 Vagrant를 사용하는 Containerd 런타임을 가지는 Kubernetes 클러스터 생성하는 내용을 정리해 봅니다.
보다 나은 이해가 필요하시면 원본 영상을 함께 보시며 진행하는 것도 좋을 듯 합니다. 

### 2022.04.26 업데이트 사항
vagrant up 명령 수행 시 "host-only network is not within the allowed ranges." 등 host-only 네트워크 관련 에러 발생하는 경우 다음과 같이 조치하시면 됩니다.
/etc/vbox/networks.conf 파일을 생성하시고 다음 내용을 복사하여 붙여넣으신 뒤 다시 vagrant up 명령 수행하시면 됩니다.
* 0.0.0.0/0 ::/0​

 

<출처> https://youtu.be/AoEWX84h_ig

 

 

 

 

VM 환경 구성

먼저 Vagrant를 사용하는 Kubernetes 클러스터를 실행 할 VM을 설치하고 환경을 구성한다. (각자 상황에 맞는 VM 준비 가능)

이 글에서는 Azure 포털로부터 Ubuntu Server 20.04 LTS - Gen2 VM을 생성하여 그 기반 위에 진행한다.

 

설치가 완료되면 해당 VM으로 SSH 접속을 시행하고 한다.


ssh username@vm_publicIP
PS C:\Users\zerobig> ssh zerobig@52.231.28.102
The authenticity of host '52.231.28.102 (52.231.28.102)' can't be established.
ECDSA key fingerprint is SHA256:GdzphFFblCkpmlj3VVTFla8602pAfsqeNpNalJqc0oo.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '52.231.28.102' (ECDSA) to the list of known hosts.
zerobig@52.231.28.102's password:
Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.8.0-1039-azure x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Sat Aug 14 12:59:05 UTC 2021

  System load:  0.08              Processes:             149
  Usage of /:   4.5% of 28.90GB   Users logged in:       0
  Memory usage: 2%                IPv4 address for eth0: 10.2.0.4
  Swap usage:   0%

1 update can be applied immediately.
To see these additional updates run: apt list --upgradable


The list of available updates is more than a week old.
To check for new updates run: sudo apt update


The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

zerobig@zero-k8s-containerd:~$ sudo su
root@zero-k8s-containerd:/home/zerobig# passwd
New password:
Retype new password:
passwd: password updated successfully
root@zero-k8s-containerd:/home/zerobig#

 

Vagrant 및 VisualBox 설치 후  kubelet 설치를 수행한다.


# Vagrant, VirtualBox 설치
sudo apt update
sudo apt install virtualbox
curl -O https://releases.hashicorp.com/vagrant/2.2.9/vagrant_2.2.9_x86_64.deb
sudo apt install ./vagrant_2.2.9_x86_64.deb
vagrant --version

# kubectl 설치
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
kubectl version --client


root@zero-k8s-containerd:/home/zerobig# sudo apt update
root@zero-k8s-containerd:/home/zerobig# sudo apt install virtualbox
root@zero-k8s-containerd:/home/zerobig# curl -O https://releases.hashicorp.com/vagrant/2.2.9/vagrant_2.2.9_x86_64.deb
root@zero-k8s-containerd:/home/zerobig# vagrant --version
root@zero-k8s-containerd:/home/zerobig# sudo apt install ./vagrant_2.2.9_x86_64.deb
root@zero-k8s-containerd:/home/zerobig# vagrant --version
Vagrant 2.2.9
root@zero-k8s-containerd:/home/zerobig# curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   154  100   154    0     0    655      0 --:--:-- --:--:-- --:--:--   658
100 44.7M  100 44.7M    0     0  38.2M      0  0:00:01  0:00:01 --:--:--  100M
root@zero-k8s-containerd:/home/zerobig# sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
root@zero-k8s-containerd:/home/zerobig# kubectl version --client
Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.0", GitCommit:"c2b5237ccd9c0f1d600d3072634ca66cefdf272f", GitTreeState:"clean", BuildDate:"2021-08-04T18:03:20Z", GoVersion:"go1.16.6", Compiler:"gc", Platform:"linux/amd64"}

 

 

 

Vagrant 환경 Git clone

GIT 저장소로부터 Vagrant 환경 소스를 내려 받는다.


git clone https://github.com/zer0big/kubernetes.git
cd kubernetes/vagrant-provisioning/
root@zero-k8s-containerd:/home/zerobig# git clone https://github.com/zer0big/kubernetes.git
Cloning into 'kubernetes'...
remote: Enumerating objects: 761, done.
remote: Counting objects: 100% (97/97), done.
remote: Compressing objects: 100% (57/57), done.
remote: Total 761 (delta 46), reused 79 (delta 38), pack-reused 664
Receiving objects: 100% (761/761), 149.34 KiB | 439.00 KiB/s, done.
Resolving deltas: 100% (406/406), done.
root@zero-k8s-containerd:/home/zerobig# cd kubernetes/vagrant-provisioning/
root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning#
root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# ls -rlth
total 16K
-rw-r--r-- 1 root root  292 Aug 14 13:18 bootstrap_kworker.sh
-rw-r--r-- 1 root root  588 Aug 14 13:18 bootstrap_kmaster.sh
-rw-r--r-- 1 root root 2.0K Aug 14 13:18 bootstrap.sh
-rw-r--r-- 1 root root 1.5K Aug 14 13:18 Vagrantfile

 

참고로 본 환경의 주요 특징은 다음과 같다.

  • CentOS7 대신 Ubuntu20.04 사용 설정
  • docker 대신 containerd 사용위한 설치 및 설정

 

 

 

클러스터 구동 (Vagrant Up)

vagrant up 명령을 통해 이미지를 실행한다.


vagrant up
root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# vagrant up
==> vagrant: A new version of Vagrant is available: 2.2.18 (installed version: 2.2.9)!
==> vagrant: To upgrade visit: https://www.vagrantup.com/downloads.html

Bringing machine 'kmaster' up with 'virtualbox' provider...
Bringing machine 'kworker1' up with 'virtualbox' provider...
Bringing machine 'kworker2' up with 'virtualbox' provider...
==> kmaster: Box 'generic/ubuntu2004' could not be found. Attempting to find and install...
    kmaster: Box Provider: virtualbox
    kmaster: Box Version: 3.2.18
==> kmaster: Loading metadata for box 'generic/ubuntu2004'
    kmaster: URL: https://vagrantcloud.com/generic/ubuntu2004
==> kmaster: Adding box 'generic/ubuntu2004' (v3.2.18) for provider: virtualbox
    kmaster: Downloading: https://vagrantcloud.com/generic/boxes/ubuntu2004/versions/3.2.18/providers/virtualbox.box
Download redirected to host: vagrantcloud-files-production.s3-accelerate.amazonaws.com
    kmaster: Calculating and comparing box checksum...
==> kmaster: Successfully added box 'generic/ubuntu2004' (v3.2.18) for 'virtualbox'!
==> kmaster: Importing base box 'generic/ubuntu2004'...
==> kmaster: Matching MAC address for NAT networking...
==> kmaster: Setting the name of the VM: kmaster
==> kmaster: Clearing any previously set network interfaces...
==> kmaster: Preparing network interfaces based on configuration...
    kmaster: Adapter 1: nat
    kmaster: Adapter 2: hostonly
==> kmaster: Forwarding ports...
    kmaster: 22 (guest) => 2222 (host) (adapter 1)
==> kmaster: Running 'pre-boot' VM customizations...
==> kmaster: Booting VM...
==> kmaster: Waiting for machine to boot. This may take a few minutes...
    kmaster: SSH address: 127.0.0.1:2222
    kmaster: SSH username: vagrant
    kmaster: SSH auth method: private key
    kmaster: Warning: Connection reset. Retrying...
    kmaster: Warning: Remote connection disconnect. Retrying...
    kmaster:
    kmaster: Vagrant insecure key detected. Vagrant will automatically replace
    kmaster: this with a newly generated keypair for better security.
    kmaster:
    kmaster: Inserting generated public key within guest...
    kmaster: Removing insecure key from the guest if it's present...
    kmaster: Key inserted! Disconnecting and reconnecting using new SSH key...
==> kmaster: Machine booted and ready!
==> kmaster: Checking for guest additions in VM...
==> kmaster: Setting hostname...
==> kmaster: Configuring and enabling network interfaces...
==> kmaster: Running provisioner: shell...
    kmaster: Running: /tmp/vagrant-shell20210814-12639-h091je.sh
    kmaster: [TASK 1] Disable and turn off SWAP
    kmaster: [TASK 2] Stop and Disable firewall
    kmaster: [TASK 3] Enable and Load Kernel modules
    kmaster: [TASK 4] Add Kernel settings
    kmaster: [TASK 5] Install containerd runtime
    kmaster: [TASK 6] Add apt repo for kubernetes
    kmaster: [TASK 7] Install Kubernetes components (kubeadm, kubelet and kubectl)
    kmaster: [TASK 8] Enable ssh password authentication
    kmaster: [TASK 9] Set root password
    kmaster: [TASK 10] Update /etc/hosts file
==> kmaster: Running provisioner: shell...
    kmaster: Running: /tmp/vagrant-shell20210814-12639-wg05r.sh
    kmaster: [TASK 1] Pull required containers
    kmaster: [TASK 2] Initialize Kubernetes Cluster
    kmaster: [TASK 3] Deploy Calico network
    kmaster: [TASK 4] Generate and save cluster join command to /joincluster.sh
==> kworker1: Box 'generic/ubuntu2004' could not be found. Attempting to find and install...
    kworker1: Box Provider: virtualbox
    kworker1: Box Version: 3.2.18
==> kworker1: Loading metadata for box 'generic/ubuntu2004'
    kworker1: URL: https://vagrantcloud.com/generic/ubuntu2004
==> kworker1: Adding box 'generic/ubuntu2004' (v3.2.18) for provider: virtualbox
==> kworker1: Importing base box 'generic/ubuntu2004'...
==> kworker1: Matching MAC address for NAT networking...
==> kworker1: Setting the name of the VM: kworker1
==> kworker1: Fixed port collision for 22 => 2222. Now on port 2200.
==> kworker1: Clearing any previously set network interfaces...
==> kworker1: Preparing network interfaces based on configuration...
    kworker1: Adapter 1: nat
    kworker1: Adapter 2: hostonly
==> kworker1: Forwarding ports...
    kworker1: 22 (guest) => 2200 (host) (adapter 1)
==> kworker1: Running 'pre-boot' VM customizations...
==> kworker1: Booting VM...
==> kworker1: Waiting for machine to boot. This may take a few minutes...
    kworker1: SSH address: 127.0.0.1:2200
    kworker1: SSH username: vagrant
    kworker1: SSH auth method: private key
    kworker1: Warning: Connection reset. Retrying...
    kworker1: Warning: Remote connection disconnect. Retrying...
    kworker1: Warning: Connection reset. Retrying...
    kworker1: Warning: Remote connection disconnect. Retrying...
    kworker1:
    kworker1: Vagrant insecure key detected. Vagrant will automatically replace
    kworker1: this with a newly generated keypair for better security.
    kworker1:
    kworker1: Inserting generated public key within guest...
    kworker1: Removing insecure key from the guest if it's present...
    kworker1: Key inserted! Disconnecting and reconnecting using new SSH key...
==> kworker1: Machine booted and ready!
==> kworker1: Checking for guest additions in VM...
==> kworker1: Setting hostname...
==> kworker1: Configuring and enabling network interfaces...
==> kworker1: Running provisioner: shell...
    kworker1: Running: /tmp/vagrant-shell20210814-12639-5o933c.sh
    kworker1: [TASK 1] Disable and turn off SWAP
    kworker1: [TASK 2] Stop and Disable firewall
    kworker1: [TASK 3] Enable and Load Kernel modules
    kworker1: [TASK 4] Add Kernel settings
    kworker1: [TASK 5] Install containerd runtime
    kworker1: [TASK 6] Add apt repo for kubernetes
    kworker1: [TASK 7] Install Kubernetes components (kubeadm, kubelet and kubectl)
    kworker1: [TASK 8] Enable ssh password authentication
    kworker1: [TASK 9] Set root password
    kworker1: [TASK 10] Update /etc/hosts file
==> kworker1: Running provisioner: shell...
    kworker1: Running: /tmp/vagrant-shell20210814-12639-1vsm4yl.sh
    kworker1: [TASK 1] Join node to Kubernetes Cluster
==> kworker2: Box 'generic/ubuntu2004' could not be found. Attempting to find and install...
    kworker2: Box Provider: virtualbox
    kworker2: Box Version: 3.2.18
==> kworker2: Loading metadata for box 'generic/ubuntu2004'
    kworker2: URL: https://vagrantcloud.com/generic/ubuntu2004
==> kworker2: Adding box 'generic/ubuntu2004' (v3.2.18) for provider: virtualbox
==> kworker2: Importing base box 'generic/ubuntu2004'...
==> kworker2: Matching MAC address for NAT networking...
==> kworker2: Setting the name of the VM: kworker2
==> kworker2: Fixed port collision for 22 => 2222. Now on port 2201.
==> kworker2: Clearing any previously set network interfaces...
==> kworker2: Preparing network interfaces based on configuration...
    kworker2: Adapter 1: nat
    kworker2: Adapter 2: hostonly
==> kworker2: Forwarding ports...
    kworker2: 22 (guest) => 2201 (host) (adapter 1)
==> kworker2: Running 'pre-boot' VM customizations...
==> kworker2: Booting VM...
==> kworker2: Waiting for machine to boot. This may take a few minutes...
    kworker2: SSH address: 127.0.0.1:2201
    kworker2: SSH username: vagrant
    kworker2: SSH auth method: private key
    kworker2: Warning: Connection reset. Retrying...
    kworker2: Warning: Remote connection disconnect. Retrying...
    kworker2:
    kworker2: Vagrant insecure key detected. Vagrant will automatically replace
    kworker2: this with a newly generated keypair for better security.
    kworker2:
    kworker2: Inserting generated public key within guest...
    kworker2: Removing insecure key from the guest if it's present...
    kworker2: Key inserted! Disconnecting and reconnecting using new SSH key...
==> kworker2: Machine booted and ready!
==> kworker2: Checking for guest additions in VM...
==> kworker2: Setting hostname...
==> kworker2: Configuring and enabling network interfaces...
==> kworker2: Running provisioner: shell...
    kworker2: Running: /tmp/vagrant-shell20210814-12639-1k0ooa9.sh
    kworker2: [TASK 1] Disable and turn off SWAP
    kworker2: [TASK 2] Stop and Disable firewall
    kworker2: [TASK 3] Enable and Load Kernel modules
    kworker2: [TASK 4] Add Kernel settings
    kworker2: [TASK 5] Install containerd runtime
    kworker2: [TASK 6] Add apt repo for kubernetes
    kworker2: [TASK 7] Install Kubernetes components (kubeadm, kubelet and kubectl)
    kworker2: [TASK 8] Enable ssh password authentication
    kworker2: [TASK 9] Set root password
    kworker2: [TASK 10] Update /etc/hosts file
==> kworker2: Running provisioner: shell...
    kworker2: Running: /tmp/vagrant-shell20210814-12639-1ttg0vs.sh
    kworker2: [TASK 1] Join node to Kubernetes Cluster

 

 

 

 

초기 환경 구성 및 결과 검증 

다음을 수행한다.

  • hosts 파일에 IP를 업데이트 및 추가

172.16.16.100 kmaster.example.com kmaster
172.16.16.101 kworker1.example.com kworker1
172.16.16.102 kworker2.example.com kworker2
  • scp 명령으로 master의 admin.conf 복사 : 초기 패스워드 kubeadmin
  • kubectl get nodes 명령으로 결과 검증
root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# cat /etc/hosts
127.0.0.1 localhost

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts


172.16.16.100 kmaster.example.com kmaster
172.16.16.101 kworker1.example.com kworker1
172.16.16.102 kworker2.example.com kworker2
root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# scp root@kmaster:/etc/kubernetes/admin.conf /root/.kube/config
The authenticity of host 'kmaster (172.16.16.100)' can't be established.
ECDSA key fingerprint is SHA256:zotHh9UER/YNN9pk8fwuihgiZpsssj6q65c0+Z0BRcA.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'kmaster,172.16.16.100' (ECDSA) to the list of known hosts.
root@kmaster's password:
/root/.kube/config: No such file or directory
root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# mkdir -p /root/.kube
root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# scp root@kmaster:/etc/kubernetes/admin.conf /root/.kube/config
root@kmaster's password:
admin.conf                                                                                          100% 5593     4.7MB/s   00:00
root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# kubectl get nodes -o wide
NAME       STATUS   ROLES                  AGE     VERSION   INTERNAL-IP     EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION     CONTAINER-RUNTIME
kmaster    Ready    control-plane,master   10m     v1.21.0   172.16.16.100   <none>        Ubuntu 20.04.2 LTS   5.4.0-72-generic   containerd://1.5.2
kworker1   Ready    <none>                 6m57s   v1.21.0   172.16.16.101   <none>        Ubuntu 20.04.2 LTS   5.4.0-72-generic   containerd://1.5.2
kworker2   Ready    <none>                 3m28s   v1.21.0   172.16.16.102   <none>        Ubuntu 20.04.2 LTS   5.4.0-72-generic   containerd://1.5.2

→ 컨테이너 런타임이 "containerd://1.5.2" 인 것을 확인 할 수 있음.

 

root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# kubectl get all -n kube-system
NAME                                          READY   STATUS    RESTARTS   AGE
pod/calico-kube-controllers-cc8959d7f-4c8vv   1/1     Running   0          10m
pod/calico-node-k6b8r                         1/1     Running   0          3m59s
pod/calico-node-qqvpm                         1/1     Running   0          7m27s
pod/calico-node-sqxn7                         1/1     Running   0          10m
pod/coredns-558bd4d5db-468fn                  1/1     Running   0          10m
pod/coredns-558bd4d5db-wrfn6                  1/1     Running   0          10m
pod/etcd-kmaster                              1/1     Running   0          11m
pod/kube-apiserver-kmaster                    1/1     Running   0          11m
pod/kube-controller-manager-kmaster           1/1     Running   0          11m
pod/kube-proxy-9qjw9                          1/1     Running   0          3m59s
pod/kube-proxy-pssj8                          1/1     Running   0          7m27s
pod/kube-proxy-xbfpm                          1/1     Running   0          10m
pod/kube-scheduler-kmaster                    1/1     Running   0          11m

NAME               TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE
service/kube-dns   ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP,9153/TCP   11m

NAME                         DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
daemonset.apps/calico-node   3         3         3       3            3           kubernetes.io/os=linux   11m
daemonset.apps/kube-proxy    3         3         3       3            3           kubernetes.io/os=linux   11m

NAME                                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/calico-kube-controllers   1/1     1            1           11m
deployment.apps/coredns                   2/2     2            2           11m

NAME                                                DESIRED   CURRENT   READY   AGE
replicaset.apps/calico-kube-controllers-cc8959d7f   1         1         1       10m
replicaset.apps/coredns-558bd4d5db                  2         2         2       10m

 

 

 

 

Calico Overlay Network 동작 검증 

이제 하나의 노드상의 컨테이너에서 다른 노드의 컨테이너로 네트워크 간 Ping을 통해 검증이 가능하다.

두 개의 alpine 파드 생성 후 접속한다.


# 터미널 1에서 명령 수행
kubectl run --rm -it --image=alpine alpine1 -- sh

# 터미널 2에서 명령 수행
kubectl run --rm -it --image=alpine alpine2 -- sh

 

터미널 1


root@zero-k8s-containerd:~# kubectl run --rm -it --image=alpine alpine1 -- sh
If you don't see a command prompt, try pressing enter.
/ #

 

터미널 2


root@zero-k8s-containerd:~# kubectl run --rm -it --image=alpine alpine2 -- sh
If you don't see a command prompt, try pressing enter.
/ #

 

각각의 파드가 각각의 노드에서 실행 중임을 확인할 수 있다.

root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# kubectl get pod -o wide
NAME      READY   STATUS    RESTARTS   AGE    IP               NODE       NOMINATED NODE   READINESS GATES
alpine1   1/1     Running   0          100s   192.168.41.130   kworker1   <none>           <none>
alpine2   1/1     Running   0          84s    192.168.77.130   kworker2   <none>           <none>

 

각 파드 내에서 다음 명령을 통해 결과를 검증한다.


# 터미널 1에서 명령 수행
hostname -i $
ping <상대 IP>

# 터미널 2에서 명령 수행
hostname -i $
ping <상대 IP>

 

터미널 1

root@zero-k8s-containerd:~# kubectl run --rm -it --image=alpine alpine1 -- sh
If you don't see a command prompt, try pressing enter.
/ # hostname -i
192.168.41.130
/ # ping 192.168.77.130
PING 192.168.77.130 (192.168.77.130): 56 data bytes
64 bytes from 192.168.77.130: seq=0 ttl=62 time=1.878 ms
64 bytes from 192.168.77.130: seq=1 ttl=62 time=5.442 ms
64 bytes from 192.168.77.130: seq=2 ttl=62 time=0.989 ms
64 bytes from 192.168.77.130: seq=3 ttl=62 time=3.341 ms
64 bytes from 192.168.77.130: seq=4 ttl=62 time=1.226 ms
64 bytes from 192.168.77.130: seq=5 ttl=62 time=6.312 ms
^C
--- 192.168.77.130 ping statistics ---
6 packets transmitted, 6 packets received, 0% packet loss
round-trip min/avg/max = 0.989/3.198/6.312 ms
/ #

 

터미널 2

root@zero-k8s-containerd:~# kubectl run --rm -it --image=alpine alpine2 -- sh
If you don't see a command prompt, try pressing enter.
/ # hostname -i
192.168.77.130
/ # ping 192.168.41.130
PING 192.168.41.130 (192.168.41.130): 56 data bytes
64 bytes from 192.168.41.130: seq=0 ttl=62 time=3.573 ms
64 bytes from 192.168.41.130: seq=1 ttl=62 time=1.103 ms
64 bytes from 192.168.41.130: seq=2 ttl=62 time=8.142 ms
64 bytes from 192.168.41.130: seq=3 ttl=62 time=3.414 ms
64 bytes from 192.168.41.130: seq=4 ttl=62 time=3.283 ms
64 bytes from 192.168.41.130: seq=5 ttl=62 time=4.229 ms
^C
--- 192.168.41.130 ping statistics ---
6 packets transmitted, 6 packets received, 0% packet loss
round-trip min/avg/max = 1.103/3.957/8.142 ms
/ #

 

 

 

 

containerd 명령 실습 

하나의 노드로 ssh 접속을 수행하고 containerd 관련 명령을 실습한다.


# ssh 접속
ssh root@172.16.16.101

# containerd 명령어 help 수행
ctr -h
ctr container
root@zero-k8s-containerd:/home/zerobig/kubernetes/vagrant-provisioning# ssh root@172.16.16.101
The authenticity of host '172.16.16.101 (172.16.16.101)' can't be established.
ECDSA key fingerprint is SHA256:jjp+KvxYaZUtw56q66rauWsvQxX9CCTwIo7gmex/bpA.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '172.16.16.101' (ECDSA) to the list of known hosts.
root@172.16.16.101's password:
root@kworker1:~#
root@kworker1:~# ctr -h
NAME:
   ctr -
        __
  _____/ /______
 / ___/ __/ ___/
/ /__/ /_/ /
\___/\__/_/

containerd CLI


USAGE:
   ctr [global options] command [command options] [arguments...]

VERSION:
   1.5.2-0ubuntu1~20.04.2

DESCRIPTION:

ctr is an unsupported debug and administrative client for interacting
with the containerd daemon. Because it is unsupported, the commands,
options, and operations are not guaranteed to be backward compatible or
stable from release to release of the containerd project.

COMMANDS:
   plugins, plugin            provides information about containerd plugins
   version                    print the client and server versions
   containers, c, container   manage containers
   content                    manage content
   events, event              display containerd events
   images, image, i           manage images
   leases                     manage leases
   namespaces, namespace, ns  manage namespaces
   pprof                      provide golang pprof outputs for containerd
   run                        run a container
   snapshots, snapshot        manage snapshots
   tasks, t, task             manage tasks
   install                    install a new package
   oci                        OCI tools
   shim                       interact with a shim directly
   help, h                    Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --debug                      enable debug output in logs
   --address value, -a value    address for containerd's GRPC server (default: "/run/containerd/containerd.sock") [$CONTAINERD_ADDRESS]
   --timeout value              total timeout for ctr commands (default: 0s)
   --connect-timeout value      timeout for connecting to containerd (default: 0s)
   --namespace value, -n value  namespace to use with commands (default: "default") [$CONTAINERD_NAMESPACE]
   --help, -h                   show help
   --version, -v                print the version
root@kworker1:~#
root@kworker1:~#
root@kworker1:~# ctr container
NAME:
   ctr containers - manage containers

USAGE:
   ctr containers command [command options] [arguments...]

COMMANDS:
   create           create container
   delete, del, rm  delete one or more existing containers
   info             get info about a container
   list, ls         list containers
   label            set and clear labels for a container
   checkpoint       checkpoint a container
   restore          restore a container from checkpoint

OPTIONS:
   --help, -h  show help

root@kworker1:~#
root@kworker1:~#
root@kworker1:~# ctr container list
CONTAINER    IMAGE    RUNTIME
root@kworker1:~#
root@kworker1:~#
root@kworker1:~#
root@kworker1:~# ctr namespaces list
NAME   LABELS
k8s.io
root@kworker1:~#
root@kworker1:~#
root@kworker1:~#
root@kworker1:~# ctr -n k8s.io container list
CONTAINER                                                           IMAGE                                          RUNTIME

26e07789799daf890d7c6abb1d2430786d2c8508c46dd10665497754bee353b5    k8s.gcr.io/kube-proxy:v1.21.4                  io.containerd.runc.v2
3264d44357054e6ee8dc590d3f927e84de02a3fc8d0836e43175f20abda473b6    docker.io/calico/cni:v3.18.4                   io.containerd.runc.v2
53867b748b6b7aef75f5781e2bc6c35f33ce2c427cdc0667c58bd333c62845af    docker.io/library/alpine:latest                io.containerd.runc.v2
55cd50f85b0b7686e93397853debb741a6d02a90861d6a6fa569cb11e1ccc595    docker.io/calico/cni:v3.18.4                   io.containerd.runc.v2
6092ebf0ddbeaf326ba670c8902a49fb02963ba485472110c3f331c73a222092    docker.io/calico/node:v3.18.4                  io.containerd.runc.v2
b9c3f27a61b4e610718a31614b27d2d0377fe951cb9c3d49914b518e0d836278    docker.io/calico/pod2daemon-flexvol:v3.18.4    io.containerd.runc.v2
e223fe48ea7ed2a5ab43afffb165cca24df2c49dc2452354af012d7b944b454a    k8s.gcr.io/pause:3.5                           io.containerd.runc.v2
e29cf2bcd0201f5462e55a21297e9bf1c168d62fac0ac5b11f38fea6824367dc    k8s.gcr.io/pause:3.5                           io.containerd.runc.v2
fb06cdc8204e124801926dc1adf6bdf363760fbf231462f1c574595914fa5cc5    k8s.gcr.io/pause:3.5                           io.containerd.runc.v2