Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Kubernetes the hard way revisited 〜ゼロダウンタイムクラスタ...
Search
LINEヤフーTech (LY Corporation Tech)
PRO
December 10, 2023
Technology
660
3
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Kubernetes the hard way revisited 〜ゼロダウンタイムクラスタ移行から学ぶクラスタ構築の仕組み〜
CloudNative Days Tokyo 2023 での登壇資料です
LINEヤフーTech (LY Corporation Tech)
PRO
December 10, 2023
More Decks by LINEヤフーTech (LY Corporation Tech)
See All by LINEヤフーTech (LY Corporation Tech)
プライバシー保護の理論と実践
lycorptech_jp
PRO
1
220
AIDLC_ヤフーショッピングの取り組み
lycorptech_jp
PRO
0
400
Business ID Integration at LY Corporation : Phased Migration for a B2B authentication platform with Tens of Millions of Users
lycorptech_jp
PRO
0
32
LINE Messaging: From Active-Standby to Active-Active Multi-DC Architecture
lycorptech_jp
PRO
0
51
LY Corporation's implementation of Confidential VM ensuring privacy for AI features
lycorptech_jp
PRO
0
70
Good Design Pays Dividends: The Evolution of LINE API Gateway Handling 30B Daily Requests
lycorptech_jp
PRO
0
44
The Path Paved by Flava MCP Hub Piping Work for the AI Era
lycorptech_jp
PRO
0
44
The Kitakyushu Data Center's Unrelenting Effort to Reduce Air Cooling Power Consumption
lycorptech_jp
PRO
0
26
Designing a Media Content Ecosystem — Case Studies on Integrating AI-Generated Content
lycorptech_jp
PRO
0
46
Other Decks in Technology
See All in Technology
秘密度ラベル初心者が第1歩でつまづかないための「設計・運用」ポイント
seafay
PRO
1
550
FinOps X 2026 Recap from Engineer Side #JapanFinOps
chacco38
0
240
作る力から、見極める力へ — AI時代に広がるエンジニアの価値と役割
rince
0
390
水を運ぶ人としてのリーダーシップ
izumii19
4
1.2k
Mastraエージェント、どのクラウドにデプロイする?
minorun365
PRO
1
130
起点・思考・出力で分解する 〜PM業務の自動化設計〜
kazu_kichi_67
2
1.2k
Kotlin 開発のツラミを爆破した話! / Explode the difficulty of Kotlin dev!
eller86
0
130
初めてのDatabricks勉強会
taka_aki
2
220
“詰む”前に仕組みを作れ 〜技術の波に溺れないためのキャッチアップ術〜
takasyou
8
4.9k
CVE-2026-20833_脆弱性対応とAES 化について
jukishiya
0
340
感情と身体を置き去りにしない、エンジニアの生きのこり方 ──いまから、ここから「自分の状態」を扱うという選択
saorimurooka
1
450
AIペネトレーションテスト・ セキュリティ検証「AgenticSec」紹介資料
laysakura
2
7.9k
Featured
See All Featured
Accessibility Awareness
sabderemane
1
150
WCS-LA-2024
lcolladotor
0
670
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
37
6.5k
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
2.1k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
340
Crafting Experiences
bethany
1
200
Measuring Dark Social's Impact On Conversion and Attribution
stephenakadiri
2
230
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
290
How to build an LLM SEO readiness audit: a practical framework
nmsamuel
1
790
How STYLIGHT went responsive
nonsquared
100
6.2k
Building Adaptive Systems
keathley
44
3.1k
Transcript
-:$PSQPSBUJPO -*/&Ϡϑʔגࣜձࣾ ޒాਖ਼ଠ ,VCFSOFUFTUIFIBSEXBZSFWJTJUFE ʙθϩμϯλΠϜΫϥελҠߦ͔ΒֶͿΫϥελߏஙͷΈʙ
-:$PSQPSBUJPO • ޒా ਖ਼ଠ ˏTHPUBOE • -*/&Ϡϑʔגࣜձࣾ ιϑτΣΞΤϯδχΞ • ϓϥΠϕʔτΫϥυ7FSEBͷ,BB4։ൃʹैࣄ
• -*/&גࣜձࣾ ࣌ ʹೖࣾɺҎདྷݱ৬ • ,VCFDPO /"Ͱొஃ • “Leveraging Cluster-API for Production-Ready Multi-Regional Infrastructures” ࣗݾհ
-:$PSQPSBUJPO ,VCFSOFUFTUIFIBSEXBZSFWJTJUFEʙθϩμϯλΠϜΫϥελҠߦ͔ΒֶͿΫϥελߏஙͷΈʙ ຊϓϨθϯ͔ΒֶΔ͜ͱ • ,VCFSOFUFTΫϥελͷجຊߏͱٕज़ཁૉ • ΫϥελΛແఀࢭͰҠߦ͢ΔͨΊͷέʔεελσΟ
-:$PSQPSBUJPO ࣭ ,VCFSOFUFTΫϥελʔ࡞ͬͨ͜ͱ͋Γ·͔͢ʁ
-:$PSQPSBUJPO • ύϒϦοΫΫϥυ&,4 (,& ",4 • اۀ͚3FE)BU 0QFOTIJGU 7.XBSF5BO[V •
ΦϯϓϨϛε,VCFBEN ,VCFTQSBZ LPQT LJOE .JOJLVCF • ͦͷଞ,VCFSFOFUFT UIF )BSE 8BZ ,VCFSOFUFTσΟετϦϏϡʔγϣϯ
-:$PSQPSBUJPO • 7FSEB0QFOTUBDL ϕʔεͷࣾΫϥυ • 7FSEB ,VCFSOFUFT4FSWJDF 7,4 • ॳظ3BODIFSΛGPMLͯ͠։ൃ
• ݱࡏ $MVTUFS"1* ,VCFBEN ͱҠߦத 7FSEBͰͷ,VCFSOFUFTσΟετϦϏϡʔγϣϯ ˞ຊεϥΠυͰ3BODIFSͱݴٴ͢Δࡍɺ'PSLͨ͠ͷΛࢦ͠·͢ɻΞοϓετϦʔϜͱҰகੑอূ͠·ͤΜ
-:$PSQPSBUJPO • ӡ༻ऀࢹ • ෳͷσΟετϦϏϡʔγϣϯΛཧ͢Δͷਏ͍ • ΫϥελͷҠߦΛਐΊ͍ͨ • ར༻ऀࢹ •
طଘͷΫϥελΛ͍ଓ͚͍ͨ • ΫϥελΛ࡞Γͨ͘͠ͳ͍ • ඪطଘͷΫϥελΛಈ͔ͨ͠··Ҡߦ͢Δ 3BODIFS͔Β$MVTUFS"1*,VCFBENͷҠߦ
-:$PSQPSBUJPO ,VCFSOFUFT UIF )BSE 8BZ
-:$PSQPSBUJPO • ֶश༻σΟετϦϏϡʔγϣϯ • ֤ίϯϙʔωϯτΛखಈͰઃఆɾߏங • FUDE • LVCFBQJTFSWFS •
LVCFDPOUSPMMFSNBOBHFS • LVCFTDIFEVMFS • LVCFMFU • LVCFQSPYZ ,VCFSOFUFTUIFIBSEXBZͱ https://github.com/kelseyhightower/kubernetes-the-hard-way
-:$PSQPSBUJPO • ΫϥυϦιʔε࡞ • $POUSPM1MBOF༻7. • ,VCFSOFUFT"1*༻ *1ΞυϨε • 8PSLFS༻7.
• ʜ • ຊՈ($1͕ͩɺੜ൛͋Δ • "84 • MJCWJSULWN • ʜ ,5)8෮शɿϦιʔεͷ࡞ IP address for apiserver VM VM worker-* (VM) https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/03-compute-resources.md VM VM controller-* (VM)
-:$PSQPSBUJPO • 5-4ɺΩʔϖΞͷੜ • $"ূ໌ॻɾൿີݤ • αʔόʔূ໌ॻɾൿີݤ • ΫϥΠΞϯτূ໌ॻɾൿີݤ •
4FSWJDF"DDPVOU༻ΩʔϖΞ • ֤ϊʔυʹ ,5)8෮शɿূ໌ॻΩʔϖΞͷੜɾ https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/04-certificate-authority.md controller-* (VM) worker-* (VM)
-:$PSQPSBUJPO • ,VCFDPOGJHͷੜ • ҎԼΛؚΉ • $"ূ໌ॻ • ΫϥΠΞϯτূ໌ॻɾൿີݤ •
"1*4FSWFSͷΤϯυϙΠϯτ ,5)8෮शɿ,VCFDPOGJHͷੜɾ https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/05-kubernetes-configuration-files.md
-:$PSQPSBUJPO • &UDE όΠφϦͷஔ • ઃఆϑΝΠϧʢTZTUFNEʣͷੜ • $" 5-4ূ໌ॻ •
ॳظͷϝϯόͷΞυϨε • ҉߸Խ • ʜ • &UDEαʔϏεͷىಈ ,5)8෮शɿ&UDE Ϋϥελͷߏங controller-1 (VM) controller-2 (VM) controller-0 (VM) https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/07-bootstrapping-etcd.md
-:$PSQPSBUJPO • όΠφϦͷஔ • LVCFBQJTFSWFS • LVCFDPOUSPMMFSNBOBHFS • LVCFTDIFEVMFS •
ઃఆϑΝΠϧʢTZTUFNEʣͷੜ • $" 5-4ূ໌ॻɾൿີݤ • 1&. • LVCFDPOGJH • ΤϯυϙΠϯτ • FUDEˡˠFUDE • LVCFBQJTFSWFSˠFUDE • LVCFTDIFEVMFSˠLVCFBQJTFSWFS • LVCFDPOUSPMMFSNBOBHFSˠLVCFBQJTFSWFS • ֤αʔϏεͷىಈ ,5)8෮शɿ$POUSPM1MBOFͷىಈ https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/08-bootstrapping-kubernetes-controllers.md controller-* (VM)
-:$PSQPSBUJPO • ্ཱ͕ͪͬͨLVCFBQJTFSWFSʹରͯ͠ -PBE#BMBODFSΛଓ • ࣄલ֬อͨ͠ *1ΞυϨεΛ༩ • ,VCFDPOGJHʹࢦఆͨ͠ͷ
,5)8෮शɿ-#ͷଓ https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/08-bootstrapping-kubernetes-controllers.md ce2(VM) ce3(VM) ce1(VM) LoadBalancer
-:$PSQPSBUJPO • ϗετͷઃఆ • TXBQPGG • ίϯϙʔωϯτͷΠϯετʔϧ • DPOUBJOFSE $/*QMVHJO
,VCFMFU LVCFQSPYZ • ઃఆϑΝΠϧੜ • 4ZTUFNE 6OJUͷىಈ ϫʔΧʔϊʔυͷߏஙɾՃ Worker1 (VM) Worker2 (VM) Worker3 (VM) hSps://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/09-bootstrapping-kubernetes-workers.md
-:$PSQPSBUJPO ,VCFSOFUFTUIFIBSEXBZ͕ڭ͑ͯ͘Εͨ͜ͱ ,VCFSOFUFTUIFIBSEXBZSFWJTJUFE ֤ίϯϙʔωϯτखಈͰઃఆͰ͖Δ ֤σΟετϦϏϡʔγϣϯࣗಈԽͯ͠Δ͚ͩ ˣ ઃఆΛௐ͢ΕΠϯετʔϥΛҠߦͰ͖ΔͷͰʁ
-:$PSQPSBUJPO 3BODIFS͔Β$MVTUFS"1*,VCFBEN ͷΫϥελҠߦ
-:$PSQPSBUJPO • ҟͳΔόʔδϣϯͷίϯϙʔωϯτߋ৽ • ྫWˠW • ϊʔυΛ̍ͭͣͭೖΕସ͑ • ࠷ऴతʹશͯͷϊʔυɾίϯϙʔωϯτΛߋ৽
ࢀߟࣄྫΫϥελΞοϓάϨʔυ v1.27 v1.27 v1.27 v1.28 v1.27 v1.27 v1.28 v1.28 v1.27 v1.28 v1.28 v1.28
-:$PSQPSBUJPO • ҟͳΔઃఆͷίϯϙʔωϯτߋ৽ • 3BODIFS SLF ˠ,VCFBEN • ϊʔυΛ̍ͭͣͭೖΕସ͑ •
࠷ऴతʹશͯͷϊʔυɾίϯϙʔωϯτΛߋ৽ ઓུɿϊʔυΛͭͣͭೖΕସ͑Δ
-:$PSQPSBUJPO ݹ͍Ϋϥελ 3BODIFS3,& ʹ,VCFBENͰ/PEFΛ+PJOͤ͞Δ ͡ΊͷҰาɿ8PSLFS/PEFΛՃ͢Δ Join
-:$PSQPSBUJPO ,VCFBEN +PJO LVCFBEN KPJODPOGJHSVOLVCFBENLVCFBENKPJODPOGJHZBNM
-:$PSQPSBUJPO ,VCFBEN +PJO LVCFBEN KPJODPOGJHSVOLVCFBENLVCFBENKPJODPOGJHZBNM
-:$PSQPSBUJPO • ,VCF "1*4FSWFSͷΤϯυϙΠϯτ • $"ͷϋογϡ • ೝূ༻ͷ#PPUTUSBQτʔΫϯ ,VCFBEN
+PJOͷͨΊʹ
-:$PSQPSBUJPO ,VCFMFU͔Β"1*4FSWFSͷଓ LB چߏʢ3BODIFSʣ ৽ߏʢ,VCFBENʣ worker worker mycluster.example.com
-:$PSQPSBUJPO • "1*4FSWFSʹରͯ͠-#Λ࡞ • ,VCFSOFUFT UIF IBSEXBZͱಉ͡ʂ • ৽ߏʹ߹ΘͤͯυϝΠϯ໊Λ༩ •
NZDMVTUFSFYBNQMFDPN • ˠଓΤϥʔ -#Λ࡞Εղܾʁ LB worker چߏʢ3BODIFSʣվ mycluster.example.com
-:$PSQPSBUJPO 5-4ূ໌ॻͷ4"/ͷमਖ਼ • 5-4Ͱ4"/ʹ͋ΔυϝΠϯ໊ͷΈ௨৴Մ • 4"/4VCKFDU"MUFSOBUJWF/BNF • ͦ͏Ͱͳ͍ͱݕূΤϥʔͱͳΔ ˣ
• ৽ߏʹԊͬͨυϝΠϯ໊Λ4"/Ճ • 5-4ূ໌ॻͷߋ৽طଘػೳͰ࣮ݱ
-:$PSQPSBUJPO • ,VCF "1*4FSWFSͷΤϯυϙΠϯτˡ-#ɾυϝΠϯ࡞ˍ4"/ͷमਖ਼ • $"ͷϋογϡˡ • ೝূ༻ͷ#PPUTUSBQτʔΫϯ ,VCFBEN
+PJOͷͨΊʹ
-:$PSQPSBUJPO • ,VCFSOFUFTͰ௨৴ͷ҉߸ԽͷͨΊʹ5-4௨৴Λ׆༻ • ݪଇɺڞ௨ͷ$"Λ༻͍ͯαʔόʔΫϥΠΞϯτূ໌ॻΛੜ • ࣄલʹ͞Εͨ$"ূ໌ॻΛ༻͍ͯ௨৴Λݕূ • ֤OBNFTQBDFʹLVCFSPPUDBDSU $POGJH.BQͱͯ͠͞Ε͍ͯΔ
• ˢ͜ΕΛ༻͍ͯLVCFBEN༻ʹ$"ͷϋογϡΛੜ ,VCFSOFUFTͱ$"ূ໌ॻ
-:$PSQPSBUJPO • ,VCF "1*4FSWFSͷΤϯυϙΠϯτˡ-#ɾυϝΠϯ࡞ˍ4"/ͷमਖ਼ • $"ͷϋογϡ ˡLVCFSPPUDBDSU$POGJH.BQ͔Βੜ • ೝূ༻ͷ#PPUTUSBQτʔΫϯ ˡ
,VCFBEN +PJOͷͨΊʹ
-:$PSQPSBUJPO • Ϋϥελͷ࡞ϊʔυͷՃ༻ʹ༻ҙ͞Ε͍ͯΔೝূํࣜͷͨΊͷτʔΫϯ • BCDEFGBCDEFGͷΑ͏ͳܗࣜ • CPPUTUSBQLVCFSOFUFTJPUPLFO ܕͷ4FDSFUͱͯ͠ཧ • ҎԼͷϑϥάΛઃఆͯ͠༗ޮԽ
• LVCFBQJTFSWFSFOBCMFCPPUTUSBQUPLFOBVUI • LVCFDPOUSPMMFSNBOBHFS DPOUSPMMFST UPLFODMFBOFS CPPUTUSBQTJHOFS #PPUTUSBQτʔΫϯͱ https://kubernetes.io/docs/reference/access-authn-authz/bootstrap-tokens/
-:$PSQPSBUJPO • LVCFBEN UPLFODSFBUFίϚϯυͰ࡞Մ • ෦తʹ4FDSFUΛ࡞͍ͯ͠Δ͚ͩ • ˠLVCFBENҎ֎Ͱ൚༻తʹར༻Ͱ͖Δ #PPUTUSBQτʔΫϯͷੜ
https://kubernetes.io/docs/reference/access-authn-authz/bootstrap-tokens/
-:$PSQPSBUJPO • ,VCF "1*4FSWFSͷΤϯυϙΠϯτˡ-#ɾυϝΠϯ࡞ˍ4"/ͷमਖ਼ • $"ͷϋογϡ ˡLVCFSPPUDBDSU$POGJH.BQ͔Βੜ • ೝূ༻ͷ#PPUTUSBQτʔΫϯ ˡ༗ޮԽˍLVCFBEN
UPLFODSFBUF ,VCFBEN +PJOͷͨΊʹ
-:$PSQPSBUJPO ,VCFBEN +PJO LVCFBEN KPJODPOpHSVOLVCFBENLVCFBENKPJODPOpHZBNM
-:$PSQPSBUJPO ,VCFBEN +PJO ࣦഊʜ
-:$PSQPSBUJPO • 3#"$ͷઃఆ࿙Ε • 5-4#PPUTUSBQQJOH • ֤छઃఆ༻ͷ$POGJH.BQ • ʜ
Δ
-:$PSQPSBUJPO • #PPUTUSBQ τʔΫϯͰೝূͰ͖Δ͚ͩͰಈ͔ͳ͍ • ೝՄઃఆඞཁ • /PEFҰཡͷऔಘ • $43ؔ࿈
3#"$ͷઃఆ
-:$PSQPSBUJPO ,VCFBENͷ3#"$ੜίʔυ IUUQTHJUIVCDPNLVCFSOFUFTLVCFSOFUFTCMPCNBTUFSDNE LVCFBENBQQDNEQIBTFTJOJUCPPUTUSBQUPLFOHP
-:$PSQPSBUJPO • 3#"$ͷઃఆ࿙Εˡ,VCFBENΛࢀߟʹ3PMFCJOEJOH࡞ • 5-4#PPUTUSBQQJOH • ֤छઃఆ༻ͷ$POGJH.BQʜ Δ
-:$PSQPSBUJPO • ,VCFMFUΫϥΠΞϯτূ໌ॻΛ༻͍ͯ"1*4FSWFSͱN5-4Ͱ௨৴ • #PPUTUSBQUPLFOىಈ࣌ͷΈ༻ • ΫϥΠΞϯτূ໌ॻ$43"1*Λ༻͍ͯLVCFMFUࣗͰੜՄೳ • $43 $FSUJGJDBUF
4JHOJOH 3FRVFTU • ,5)8ͰखಈͰੜ • ैདྷΫϥελͰ༗ޮʹͳ͍ͬͯͳ͔ͬͨ • ,VCFBEN͚ʹ༗ޮԽ • LVCFDPOUSPMMFSNBOBHFSDMVTUFSTJHOJOHLFZGJMF DMVTUFSTJHOJOHDFSUGJMF $43ͱ,VCFMFUͷ5-4#PPUTUSBQQJOH https://kubernetes.io/docs/reference/access-authn-authz/kubelet-tls-bootstrapping/
-:$PSQPSBUJPO • 3#"$ͷઃఆ࿙Εˡ,VCFBENΛࢀߟʹ3PMFCJOEJOH࡞ • 5-4#PPUTUSBQQJOHˡ$43ͷ༗ޮԽ • ֤छઃఆ༻ͷ$POGJH.BQ • ʜ
Δ
-:$PSQPSBUJPO ,VCFBENͷઃఆཧ • ઃఆϑΝΠϧΛ$POGJH.BQͱͯ͠ཧ • LVCFBENDPOGJH • LVCFMFUDPOGJH • LVCFQSPYZ
• طଘΫϥελͷઃఆΛݩʹੜ ,VCFBENʹ͓͚Δઃఆཧ
-:$PSQPSBUJPO • 3#"$ͷઃఆ࿙Εˡ,VCFBENΛࢀߟʹ3PMFCJOEJOH࡞ • 5-4#PPUTUSBQQJOHˡ$43ͷ༗ޮԽ • ֤छઃఆ༻ͷ$POGJH.BQˡطଘΫϥελͷઃఆΛݩʹੜ • ʜ
Δ
-:$PSQPSBUJPO • ,VCFBEN KPJO༻ͷઃఆϑΝΠϧ४උ • apiserver endpoint • CA ハッシュ
• Bootstrapトークン • ͦͷଞඞཁͳௐ • RBAC • Certificate Signing Request API • 設定⽤ConfigMap • … ·ͱΊɿ8PSLFS/PEFՃʹඞཁͳमਖ਼
-:$PSQPSBUJPO • ҟͳΔઃఆͷίϯϙʔωϯτߋ৽ • 3BODIFS SLF ˠ,VCFBEN • ϊʔυΛ̍ͭͣͭೖΕସ͑ •
࠷ऴతʹશͯͷϊʔυɾίϯϙʔωϯτΛߋ৽ ઓུɿϊʔυΛͭͣͭೖΕସ͑Δ ࠶ܝ
-:$PSQPSBUJPO $POUSPM1MBOFϊʔυΛೖΕସ͑Δʹʁ Control Plane Worker Control Plane Control Plane
Worker Worker
-:$PSQPSBUJPO • ൿີݤɾূ໌ॻͷෳ • FUDEͷϝϯόʔཧ • ʜ $POUSPM1MBOFϊʔυՃͷ՝
-:$PSQPSBUJPO • σϑΥϧτಈ࡞Ͱ ,VCFBEN͕ࣗূ໌ॻɾൿີݤΛੜ • ࢦఆύεʹஔ͢Δ͜ͱͰ$"ূ໌ॻΛ͢͜ͱ͕Ͱ͖Δ • طଘΫϥελ͚ͷূ໌ॻɾൿີݤΛίϐʔ • σΟετϦϏϡʔγϣϯຖʹཧํ๏͕ҟͳΔ
• $MVTUFS"1*Ͱ.BOBHFNFOU$MVTUFSʹ໋໊نଇʹԊͬͯ4FDSFUΛ࡞Ε0, ,VCFBENͱূ໌ॻɾൿີݤ
-:$PSQPSBUJPO • ൿີݤɾূ໌ॻͷෳˡطଘΫϥελ͔Βίϐʔ • FUDEͷϝϯόʔཧ • ʜ $POUSPM1MBOFϊʔυՃͷ՝
-:$PSQPSBUJPO • $POUSPM1MBOF /PEFͷՃɺআ࣌ʹFUDEΫϥελΛૢ࡞͢Δඞཁ͕͋Δ • ৽نϝϯόʔͷՃ࣌FUDEͷىಈ࣌ʹطଘϝϯόʔͷΤϯυϙΠϯτࢦఆ • طଘϝϯόʔͷআ࣌ରϝϯόʔΛΫϥελ͔Βআ • FUDEͷΤϯυϙΠϯτ͕Θ͔Βͳ͚Εૢ࡞Ͱ͖ͳ͍
• ˠͲ͏ͬͯϝϯόʔͷΤϯυϙΠϯτΛཧ͢Δʁ &UDEϝϯόʔཧͷඞཁੑ
-:$PSQPSBUJPO • FUDELVCFMFU TUBUJDQPEͱ࣮ͯ͠ߦ • )PTU/FUXPSLϞʔυ • ,VCFSOFUFT"1*ܦ༝Ͱใऔಘ • -BCFMͰFUDE
1PETΛࣝผ • DPNQPOFOUFUDE • UJFSDPOUSPMQMBOF • ΤϯυϙΠϯτ1PEͷ"OOPUBUJPOʹ֨ೲ • kubeadm.kubernetes.io/etcd.advertise-client-urls ैདྷͷ&UDEϝϯόʔཧ control-1 (IP: 10.0.0.1) containerd kubelet 通常Pod etcd Pod listen at 10.0.0.1:2379
-:$PSQPSBUJPO • ैདྷʢ3BODIFSʣ%PDLFSίϯςφͱͯ͠ FUDEΛ࣮ߦ • )PTUOFUXPSLϞʔυ • FUDE%PDLFSίϯςφ3BODIFS͕ཧ • ,VCFSOFUFT
"1*͔ΒFUDEίϯςφ ૢ࡞औಘͰ͖ͳ͍ ैདྷͷ&UDEϝϯόʔཧ ཧ control-1 (IP: 10.0.0.1) containerd kubelet 通常Pod Etcd コンテナ Docker listen at 10.0.0.1:2379
-:$PSQPSBUJPO μϛʔ1PEʹΑΔFUDEϝϯόʔใͷࠂ &UDEϝϯόʔཧͷղܾࡦ ཧ control-1 (IP: 10.0.0.1) containerd kubelet
ダミー etcd Pod Etcd コンテナ Docker listen at 10.0.0.1:2379
-:$PSQPSBUJPO • ൿີݤɾূ໌ॻͷෳˡطଘΫϥελ͔Βίϐʔ • FUDEͷϝϯόʔཧˡμϛʔ1PEΛஔ • ʜ ·ͱΊ$POUSPM1MBOFϊʔυՃͷ՝
-:$PSQPSBUJPO Ҡߦྃ Control Plane Worker Control Plane Control Plane
Worker Worker
-:$PSQPSBUJPO l ΦϖϨʔγϣϯͷࣗಈԽɾίϯτϩʔϥʔԽɾ"1*Խ l 3BODIFS$MVTUFS"1*ίϯτϩʔϥͱͷڠௐಈ࡞ l Ҡߦதͷૢ࡞ͷࢭ l ,VCFBENઃఆϑΝΠϧͷੜ l
ࡉ͔͍ΧελϜػೳͷରԠ l ࢹγεςϜͷҠߦ l ʜ ͦͷଞͷ
-:$PSQPSBUJPO • σΟετϦϏϡʔγϣϯʹґΒͣLVCFSOFUFTͷجຊίϯϙʔωϯτڞ௨ • LVCFBQJTFSWFS LVCFMFU FUD • खಈͰઃఆ͢ΕҟͳΔσΟετϦϏϡʔγϣϯΛҠߦ͢Δ͜ͱՄೳ •
l,VCFSOFUFTUIF )BSE8BZz͠·͠ΐ͏ ·ͱΊ
-:$PSQPSBUJPO ‒ IUUQTHJUIVCDPNLFMTFZIJHIUPXFSLVCFSOFUFTUIFIBSEXBZ ‒ IUUQTLVCFSOFUFTJPEPDTSFGFSFODFTFUVQUPPMTLVCFBENJNQMFNFOUBUJPOEFUBJMT ‒ IUUQTLVCFSOFUFTJPEPDTSFGFSFODFBDDFTTBVUIOBVUI[ • "VUIFOUJDBUJOHXJUI#PPUTUSBQ5PLFOT •
$FSUJGJDBUF4JHOJOH3FRVFTUT • 5-4CPPUTUSBQQJOH ࢀߟϦϯΫ
-:$PSQPSBUJPO 5IBOLZPV
-:$PSQPSBUJPO ɿσΟετϦϏϡʔγϣϯຖͷҧ͍ ,VCFBEN ,5)8 3BODIFS3,& ,VCFMFU࣮ߦڥ 4ZTUFNE 6OJU QBDLBHF 4ZTUFNE
6OJU TFMGCJOBSZ %PDLFSίϯςφ BQJTFSWFS࣮ߦڥ LVCFMFU TUBUJD QPE 4ZTUFNE 6OJU TFMGCJOBSZ %PDLFSίϯςφ LVCF QSPYZ࣮ߦڥ %BFNPOTFU %BFNPOTFU %PDLFSίϯςφ BQJTFSWFSˠFUDE௨৴ MPDBMIPTUͷΈ શϝϯόʔྻڍ MPDBMIPTUͷΈ ,VCFMFUˠBQJTFSWFS௨৴ -#ܦ༝ -# *1 "EESFTT ܦ༝ ,VCFMFU༻ূ໌ॻੜ खಈੜ ίϯτϩʔϥͰੜ