AWS で、2台のマシンを構成します。
今回は、ubuntu を使用します。
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 24.04.1 LTS
Release: 24.04
Codename: noble
- Master Node (t3.medium)
- Worker Node (t3.micro)
セキュリティグループ
ssh TCP:自分だけ
ssh TCP:3.112.23.0/29 (インスタンスコネクトに必要)
すべて ICMP 127.0.0.1/8
TCP 6443 10.0.0.0/8
ポート 6443 を kubernetes が使うため、オープンにする必要があります。
また、containerd が必要です。
#https://github.com/containerd/containerd/blob/main/docs/getting-started.md
wget https://github.com/containerd/containerd/releases/download/v2.0.0-rc.6/containerd-2.0.0-rc.6-linux-amd64.tar.gz
#Step 1: Installing containerd
$ sudo tar Cxzvf /usr/local containerd-2.0.0-rc.6-linux-amd64.tar.gz
bin/
bin/containerd-shim-runc-v2
bin/containerd-shim
bin/ctr
bin/containerd-shim-runc-v1
bin/containerd
bin/containerd-stress
containerd の起動
cat << EOF > containerd.service
# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target dbus.service
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/containerd
Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999
[Install]
WantedBy=multi-user.target
EOF
sudo mkdir -p /usr/local/lib/systemd/system
sudo cp containerd.service /usr/local/lib/systemd/system
sudo systemctl daemon-reload
sudo systemctl enable --now containerd
Runtime Path to Unix domain socket
containerd unix:///var/run/containerd/containerd.sock
これも必要
# https://kubernetes.io/docs/setup/production-environment/container-runtimes/
# sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
EOF
# Apply sysctl params without reboot
sudo sysctl --system
今回は、Debian-based ということなので、これらのコマンドを実行します。
パッケージのインストール
sudo apt-get update
# apt-transport-https may be a dummy package; if so, you can skip that package
sudo apt-get install -y apt-transport-https ca-certificates curl gpg
kubernetes の public signing key をダウンロードします。今回は、v1.31 用です。
# If the directory `/etc/apt/keyrings` does not exist, it should be created before the curl command, read the note below.
# sudo mkdir -p -m 755 /etc/apt/keyrings
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
apt package インデックス, kubelet, kubeadm と kubectl をインストールして, バージョンを pin します。
# This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
kubeadm を起動する前に、kubelet を動かします。
sudo systemctl enable --now kubelet
それぞれのマシンに名前をつけます。
(マスター)
sudo hostnamectl hostname "Master-Node" --static
(ワーカー)
sudo hostnamectl hostname "Worker-Node" --static
(参考)
Installing kubeadm