728x90 IT Tech/Cloud Native53 [CKA] KubeConfig # 경로 $HOME/.kube/config # 구성 - Clusters - Contexts - Users 2022. 3. 17. [CKA] TLS # Server Certificate - Kube-API Server : admin, Kube-scheduler, Kube-controller manager, kube-proxy 등과 인증 - ETCD Server - Kubelet Server # Client Certificate - admin, Kube-scheduler, Kube-controller manager, kube-proxy 등 # 인증서 정보 cat /etc/kubernetes/manifests/kube-apiserver.yaml # Health Check https://github.com/mmumshad/kubernetes-the-hard-way/tree/master/tools GitHub - mmumshad/kubernetes-the-.. 2022. 3. 17. [CKA] Security - 인증, 권한 # Authentication - kube-apiserver가 인증 체크 . static password file, static token file, certificates, identity Services # Auth Mechanism - Follow the below instructions to configure basic authentication in a kubeadm setup. Create a file with user details locally at /tmp/users/user-details.csv Edit the kube-apiserver static pod configured by kubeadm to pass in the user details. The file is located at.. 2022. 3. 16. [CKA] Software Version https://kubernetes.io/docs/concepts/overview/kubernetes-api/ The Kubernetes API The Kubernetes API lets you query and manipulate the state of objects in Kubernetes. The core of Kubernetes' control plane is the API server and the HTTP API that it exposes. Users, the different parts of your cluster, and external components all communica kubernetes.io https://github.com/kubernetes/community/blob/ma.. 2022. 3. 15. [CKA] Cluster Maintenance # OS Upgrade cordon은 특정 노드를 선택하여 스케줄 대상에서 제외 시킵니다 SchedulingDisabled를 해제하고 싶다면 uncordon을 사용 drain은 cordon이랑 똑같이 동작 하지만, SchedulingDisabled 된 노드에 남아있는 Pod를 모두 삭제하고 재생성 하는 등의 기능이 추가된 명령어 kubectl drain node1 kubectl cordon node2 : kubectl uncordon node2 # kubeadm upgrade https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/ Upgrading kubeadm clusters This page explains how to.. 2022. 3. 15. 이전 1 2 3 4 5 6 7 ··· 11 다음 반응형