07. Networking
01. Explore Environment
02. CNI weave
03. Deploy Network Solution
04. Networking Weave
05. Service Networking
06. CoreDNS in Kubernetes
07. CKA – Ingress Networking – 1
08. CKA – Ingress Networking – 2
01. In this practice test we will install weave-net POD networking solution to the cluster.
Let us first inspect the setup.
We have deployed an application called app in the default namespace. What is the state of the pod?
ask : NotRunning
root@controlplane:~# k describe pod/app
Name: app
Namespace: default
Priority: 0
Node: controlplane/10.13.20.9
Start Time: Thu, 27 Jan 2022 07:38:06 +0000
Labels: run=app
Annotations: <none>
Status: Pending
IP:
IPs: <none>
Containers:
app:
Container ID:
Image: busybox
Image ID:
Port: <none>
Host Port: <none>
Args:
sleep
1000
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-nfvgq (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
default-token-nfvgq:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-nfvgq
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 85s default-scheduler Successfully assigned default/app to controlplane
Warning FailedCreatePodSandBox 79s kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = [failed to set up sandbox container "b60102f4a600d9c5f012f570a5cee420a8438fd2d950d7bc25531b7858901d3c" network for pod "app": networkPlugin cni failed to set up pod "app_default" network: unable to allocate IP address: Post "http://127.0.0.1:6784/ip/b60102f4a600d9c5f012f570a5cee420a8438fd2d950d7bc25531b7858901d3c": dial tcp 127.0.0.1:6784: connect: connection refused, failed to clean up sandbox container "b60102f4a600d9c5f012f570a5cee420a8438fd2d950d7bc25531b7858901d3c" network for pod "app": networkPlugin cni failed to teardown pod "app_default" network: Delete "http://127.0.0.1:6784/ip/b60102f4a600d9c5f012f570a5cee420a8438fd2d950d7bc25531b7858901d3c": dial tcp 127.0.0.1:6784: connect: connection refused]
Normal SandboxChanged 1s (x7 over 78s) kubelet Pod sandbox changed, it will be killed and re-created.
02. Inspect why the POD is not running.
1) Wrong image
2) No Network Configured
3) Faulty start command
4) Node failed
03. Deploy weave-net networking solution to the cluster.
Replace the default IP address and subnet of weave-net to the 10.50.0.0/16.
Please check the official weave installation and configuration guide which is available at the top right panel.
| 클러스터에 weave-net 네트워킹 솔루션을 배포합니다. weave-net의 기본 IP 주소와 서브넷을 10.50.0.0/16으로 바꿉니다. 오른쪽 상단 패널에 있는 공식 weave 설치 및 구성 가이드를 확인하십시오. |
- Deploy weave
- Wait for the app to run
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
root@controlplane:~# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
serviceaccount/weave-net created
clusterrole.rbac.authorization.k8s.io/weave-net created
clusterrolebinding.rbac.authorization.k8s.io/weave-net created
role.rbac.authorization.k8s.io/weave-net created
rolebinding.rbac.authorization.k8s.io/weave-net created
daemonset.apps/weave-net createdhttps://www.weave.works/docs/net/latest/kubernetes/kube-addon/#-installation
Integrating Kubernetes via the Addon
The following topics are discussed: Installation Before installing Weave Net, you should make sure the following ports are not blocked by your firewall: TCP 6783 and UDP 6783/6784. For more details, see the FAQ. Weave Net can be installed onto your CNI-ena
www.weave.works
$ echo "s3cr3tp4ssw0rd" > /var/lib/weave/weave-passwd
$ kubectl create secret -n kube-system generic weave-passwd --from-file=/var/lib/weave/weave-passwd
$ kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')&password-secret=weave-passwd"https://www.weave.works/docs/net/latest/kubernetes/kube-addon/#-changing-configuration-options
Integrating Kubernetes via the Addon
The following topics are discussed: Installation Before installing Weave Net, you should make sure the following ports are not blocked by your firewall: TCP 6783 and UDP 6783/6784. For more details, see the FAQ. Weave Net can be installed onto your CNI-ena
www.weave.works
root@controlplane:~# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-74ff55c5b-kn7tk 1/1 Running 0 39m
coredns-74ff55c5b-zh6gt 1/1 Running 0 39m
etcd-controlplane 1/1 Running 0 40m
kube-apiserver-controlplane 1/1 Running 0 40m
kube-controller-manager-controlplane 1/1 Running 0 40m
kube-proxy-926nj 1/1 Running 0 39m
kube-scheduler-controlplane 1/1 Running 0 40m
weave-net-4n7gs 2/2 Running 0 37s'CKA (Certified Kubernetes Administrator) > Kode Kloud' 카테고리의 다른 글
| 07. Networking - Service Networking (0) | 2022.02.03 |
|---|---|
| 07. Networking - Networking Weave (0) | 2022.01.27 |
| 07. Networking - CNI weave (0) | 2022.01.27 |
| 08. Networking - Explore Environment (0) | 2022.01.27 |
| 06.Security - Network Policies (0) | 2022.01.27 |