入門！ClusterAPI 〜 k8s クラスターも k8s API で管理したい〜 / k8s_meetup_31

∁ੴྒ ,VCFSOFUFT.FFUVQ5PLZP ೖ໳ʂ$MVTUFS"1* ʙLTΫϥελʔ΋LT"1*Ͱ؅ཧ͍ͨ͠ʙ

@r_takaishi Software Engineer @ GMO Pepabo, Inc. Belgian / Craft
Beer ☕ Tea Go, Kubernetes https://repl.info/ Cloud Native Meetup Tokyo CloudNative Days Tokyo 2020 5BLBJTIJ3ZP

"HFOEB 8IBUJTB$MVTUFS"1* 8IZEPXFOFFEB$MVTUFS"1* )PXEPFTB$MVTUFS"1*XPSL
%FFQ%JWFJOUPB$MVTUFS"1* $MVTUFS"1*Ԡ༻ࣄྫ

8IBUJTB $MVTUFS"1*

$MVTUFS"1*ͬͯԿʁ w ,VCFSOFUFTΫϥελʔΛ؅ཧ͢ΔͨΊͷ"1* w ,VCFSOFUFTͷ"1*Ͱ,VCFSOFUFTΛ؅ཧͰ͖Δ w ύϒϦοΫΫϥ΢υɺϓϥΠϕʔτΫϥ΢υɺϕΞϝλϧͳͲ༷ʑͳΠϯϑϥͰར༻Մೳ w $3%ͱ$VTUPN$POUSPMMFSɺ$-*πʔϧͰߏ੒͞Ε͍ͯΔ w
$3%LTͷ"1*Λ֦ு͠ɺಠࣗͷϦιʔεΛఆٛ͢ΔͨΊͷػೳ w $VTUPN$POUSPMMFSLT্ͷϦιʔεͷ࡞੒΍ߋ৽ɺ࡟আʹ൓Ԡͯ͠Կ͔͠Βͷॲཧ Λߦ͏ϓϩάϥϜɻ$3%ͱҰॹʹ࡞Δ͜ͱ͕͋Δ

$MVTUFS"1*ͷؔ܎ऀͨͪΛ঺հ ͬ͘͟Γ͍͏ͱ͜Μͳײ͡ 8PSLMPBE$MVTUFS .BOBHFNFOU$MVTUFS )VNBO 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS "QQMZ8PSLMPBE $MVTUFS`TNBOJGFTUT .BOBHF8PSLMPBE
$MVTUFST NBOJGFTUT DMVTUFSDUM )BOEMJOHMJGFDZDMFPGB $MVTUFS"1*

$MVTUFS"1*ͷؔ܎ऀͨͪΛ঺հ ͬ͘͟Γ͍͏ͱ͜Μͳײ͡ 8PSLMPBE$MVTUFS .BOBHFNFOU$MVTUFS )VNBO 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS "QQMZ8PSLMPBE $MVTUFS`TNBOJGFTUT .BOBHF8PSLMPBE
$MVTUFST NBOJGFTUT DMVTUFSDUM )BOEMJOHMJGFDZDMFPGB $MVTUFS"1* w )VNBO w ࢲͰ͢ w .BOBHFNFOU$MVTUFS w ΫϥελʔΛ؅ཧ͢ΔͨΊͷΫϥελʔ w ֤छ$3%ͱ$POUSPMMFS͕σϓϩΠ͞Ε͍ͯΔ w 8PSLMPBE$MVTUFS w .BOBHFNFOU$MVTUFSʹ؅ཧ͞Εͯ ͍ΔΫϥελʔ w ͍Ζ͍Ζͳ؀ڥʹ࡞Δ͜ͱ͕Ͱ͖ͯศར

$MVTUFS"1*ͷؔ܎ऀͨͪΛ঺հ ΋͏ͪΐͬͱࡉ͔͘ݟΔ .BOBHFNFOU$MVTUFS )VNBO 8PSLMPBE$MVTUFS "84 0QFO4UBDL .FUBM DBQBDPOUSPMMFSNBOBHFS DBQPDPOUSPMMFSNBOBHFS
DBQNDPOUSPMMFSNBOBHFS DMVTUFSBQJDPOUSPMMFSNBOBHFS *OGSBTUSVDUVSF1SPWJEFST #PPUTUSBQ1SPWJEFS LVCFBENCPPUTUSBQDPOUSPMMFS $POUSPM1MBOF1SPWJEFS LVCFBENDPOUSPMQMBOFDPOUSPMMFS )BOEMJOHMJGFDZDMFPGB $MVTUFS"1* NBOJGFTUT DMVTUFSDUM )BOEMJOHMJGFDZDMFPGB 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS

༻ޠͷ੔ཧ .BOBHFNFOU$MVTUFS 8PSLMPBE$MVTUFSͷ؅ཧΛߦ͏LTΫϥελʔɻ $MVTUFS"1*ɺ֤छ1SPWJEFS͕ಈ࡞͢Δ 8PSLMPBE$MVTUFS .BOBHFNFOU$MVTUFSʹ؅ཧ͞ΕΔLTΫϥελʔ $MVTUFS"1* ίΞͱͳΔ$3%ͱίϯτϩʔϥʔ *OGSBTUSVDUVSF1SPWJEFS ֤Πϯϑϥ
"84 7.XBSF NFUBMͳͲ ݻ༗ͷઃఆ΍ૢ࡞Λߦ͏ͨΊͷ$3%ͱίϯτϩʔϥʔɻ $POUSPM1MBOF1SPWJEFS ෳ਺ͷ$POUSPM1MBOFϊʔυΛ؅ཧ͢ΔͨΊͷ$3%ͱίϯτϩʔϥʔ #PPUTUSBQ1SPWJEFS %BUB1MBOFϊʔυ͕LTΫϥελʔʹࢀՃ͢ΔͨΊͷ$MPVE*OJUεΫϦϓτΛੜ੒͢ΔͨΊͷ$3% ͱίϯτϩʔϥʔ $MVTUFS 8PSLMPBE$MVTUFSͷTQFDΛදݱ .BDIJOF ,VCFSOFUFTͷϊʔυΛϗετ͢Δ7.΍෺ཧϚγϯ DMVTUFSDUM .BOBHFNFOU$MVTUFS্ͷ$MVTUFS"1*΍ϓϩόΠμʔΛ؅ཧ͢Δ$-*πʔϧ

,VCFSOFUFTίϛϡχςΟ಺ͰͷҐஔ͚ͮ w $MVTUFS"1*͸4*($MVTUFS-JGFDZDMFͷαϒϓϩδΣΫτ w 4*($MVTUFS-JGFDZDMFΫϥελʔͷσϓϩΠͱΞοϓάϨʔυʹϑΥʔΧ εͨ͠άϧʔϓ w LVCFBEN NJOJLVCF LPQTͳͲ͕αϒϓϩδΣΫτͱͯ͠ଘࡏ͍ͯ͠Δ
4*(4QFDJBM*OUFSFTU(SPVQɻಛఆͷςʔϚʹ͍ͭͯڵຯɾؔ৺͕͋Δਓͷू·Γɻ

ଞͷπʔϧͱͷؔ܎ $MVTUFS"1*͸.BDIJOFͱ*OGSBTUSVDUVSFʹ஫ྗ IUUQTLVCFSOFUFTJPCMPHBVUPNBUFEIJHIBWBJMBCJMJUZJOLVCFBENWCBUUFSJFTJODMVEFECVUTXBQQBCMF

8IZEPXFOFFEB $MVTUFS"1*

LTͷߏஙɾӡ༻ɺߟ͑ͳ͍ͱ͍͚ͳ͍͜ͱ͕ଟ͍ w FUDEͷΫϥελʔ࡞੒ w ίϯτϩʔϧϓϨʔϯ BQJTFSWFS DPOUSPMMFSNBOBHFS TDIFEVMFS ͷ)" w
ίϯτϩʔϧϓϨʔϯͷ୆਺૿ݮ w /PEFΛͲ͏ΫϥελʔʹࢀՃͤ͞Δ͔ w /PEFͷ୆਺૿ݮ w LTͷόʔδϣϯΞοϓ ίϯτϩʔϧϓϨʔϯ w LTͷόʔδϣϯΞοϓ σʔλϓϨʔϯ w JOQMBDFVQHSBEF͢Δʁ/PEFͷ3PMMJOHVQEBUF͢Δʁ w ো֐࣌ͷΦϖϨʔγϣϯࣗಈԽɺΦʔτώʔϧ

,VCFSOFUFTࣗ਎͕෼ࢄγεςϜ FUDE BQJTFSWFS TDIFEVMFS DPOUSPMMFSNBOBHFS LVCFMFU LVCFQSPYZ NBTUFS OPEF

෼ࢄγεςϜͷ؅ཧΛ͏·͘ ΍Γ͍ͨʜ

͋Εɺ෼ࢄγεςϜͷ؅ཧʹ޲ ͍͍ͯΔγεςϜͱ͍͑͹ʜʁ

,VCFSOFUFT͕͋Δ͡ΌΜ

#SFOEBO#VSOT IUUQTXXXJOGPRDPNKQOFXTEJTUTZTUFNQBUUFSOTCVSOT z,VCFSOFUFTͷ࠷ऴతͳ໨ඪ͸෼ࢄγεςϜͷ ͨΊͷࣗ཯γεςϜʹ͋Δɼͱࢲ͸ߟ͍͑ͯ· ͢z

LTʹLTͷ؅ཧΛ೚ͤΔ w LT͕༷࣋ͭʑͳػೳ w એݴతϞσϧʢ%FDMBSBUJWF.PEFMʣ w ௐ੔ϧʔϓʢ3FDPODJMJBUJPO-PPQʣ w ߴ͍֦ுੑʢ&YUFOEBCJMJUZʣ w
LTͰLTΛ؅ཧ͢Δ͜ͱͰɺߏஙɾߋ৽ɾࣗಈ෮چͳͲΛLTͷϫʔΫϩʔυʹ ࡌͤΔ͜ͱ͕Ͱ͖Δ w ͜ΕΛ໨ࢦ͍ͯ͠Δͷ͕$MVTUFS"1*

$MVTUFS"1*ͳΔ΄Ͳͳ͋

Ͱ΋ϚωʔδυαʔϏε࢖ͬͯ Δࣗ͠෼͸࢖Θͳͦ͞͏ͩͳ͋

Θ͔Δ

$MVTUFS"1*Λ஌Δͱ خ͍͜͠ͱ͕͋ΔΜͰ͢ʂ

$MVTUFS"1*͸ ஌ݟͷմ

஌ݟͷմͰ͋Δ w ಛʹ,VCFCVJMEFSDPOUSPMMFSSVOUJNFΛ࢖͍ͬͯΔਓ޲͚ w $3%ɺίϯτϩʔϥʔͷઃܭɾ࣮૷ͷࢀߟʹͳΔ

஌ݟͷմͰ͋Δ ಛʹ,VCFCVJMEFSDPOUSPMMFSSVOUJNFΛ࢖͍ͬͯΔਓ޲͚ w ຊମɺ1SPWJEFSڞʹLVCFCVJMEFSDPOUSPMMFSSVOUJNFΛ࢖͍ͬͯΔ w $-*΍ݸʑͷίϯτϩʔϥʔͷ੹຿͕໌֬Ͱίʔυ͕ಡΈ΍͍͢ w ࣮ࡍʹ੡඼Ͱ࢖ΘΕΔϓϩμΫτͰ͋Δ w 7.XBSF5BO[V,VCFSOFUFT(SJE$MVTUFS
w IUUQTCMPHTWNXBSFDPNWTQIFSFWTQIFSFUBO[VLVCFSOFUFT DMVTUFSTIUNM w 5,(DMVTUFSTJOW4QIFSFVTFUIFPQFOTPVSDF$MVTUFS"1*QSPKFDUGPS MJGFDZDMFNBOBHFNFOU

஌ݟͷմͰ͋Δ $3%ɺίϯτϩʔϥʔͷઃܭɾ࣮૷ͷࢀߟʹͳΔ w $3%ͷઃܭ͸؆୯Ͱ͸ͳ͍ɻσʔλϕʔεͷઃܭʹࣅ͍ͯΔͱࢥ͏ w ͲͷΑ͏ͳϦιʔεʢΦϒδΣΫτʣ͕ඞཁ͔ʁ w ͦͷϦιʔεʹ͸ͲͷΑ͏ͳ߲໨Λ࣋ͨͤΔ͔ʁ w Ϧιʔεಉ࢜ʹͲͷΑ͏ͳؔ࿈Λ࣋ͨͤΔ͔ʁ

஌ݟͷմͰ͋Δ $3%ɺίϯτϩʔϥʔͷઃܭɾ࣮૷ͷࢀߟʹͳΔ w ίϯτϩʔϥʔͷ੹຿͸Ͱ͖ΔݶΓখ͍͜͞ͱ͕๬·͍͠ w Ͳ͏΍ͬͯ࠷খԽ͢Δ͔ w $3%ͷઃܭͱ߹Θͤͯߟ͑Δඞཁ͕͋Δ

஌ݟͷմͰ͋Δ $3%ɺίϯτϩʔϥʔͷઃܭɾ࣮૷ͷࢀߟʹͳΔ w $MVTUFS"1*͸ෳ਺ͷΧελϜϦιʔεɺΧελϜίϯτϩʔϥʔ͕࿈ܞͯ͠ LTΫϥελʔΛ࡞Γ্͛Δ w ݸʑͷϦιʔεͷؔ࿈෇͚ɺίϯτϩʔϥʔͷ੹຿ͷఆٛͳͲ͕ࢀߟʹͳΔͩ Ζ͏

$MVTUFS"1*Λ஌Δ͜ͱͰɺ LTͷ֦ுʹֶ͍ͭͯͿ

Ͱ͸ɺ·ͣ͸$MVTUFS"1*Ͱ ΫϥελΛ࡞ͬͯΈΔ

)PXEPFTB $MVTUFS"1*XPSL

8PSLMPBE$MVTUFS͕Ͱ͖Δ·ͰͷྲྀΕ ΈΜͳ΋IUUQTDMVTUFSBQJTJHTLTJPVTFSRVJDLTUBSUIUNMΛݟͳ͕Β΍ͬͯΈΑ͏ʂ .BOBHFNFOU$MVTUFSΛ༻ҙ͢Δ .BOBHFNFOU$MVTUFSʹ֤छ1SPWJEFSΛΠϯετʔϧ͢Δ DMVTUFSDUM JOJU
8PSLMPBE$MVTUFS༻ͷϚχϑΣετΛ࡞Δ DMVTUFSDUMDPOpHDMVTUFS ϚχϑΣετΛ.BOBHFNFOU$MVTUFSʹ"QQMZ͢Δ 8PSLMPBE$MVTUFS͕׬੒͢Δ

.BOBHFNFOU$MTVUFSΛ༻ҙ͢Δ ࠓճ͸LJOEͰ༻ҙ͠·͢ ~/s/g/t/h/cluster-api $ kind create cluster Creating cluster "kind"
... ✓ Ensuring node image (kindest/node:v1.17.0) ✓ Preparing nodes ✓ Writing configuration ✓ Starting control-plane ✓ Installing CNI ✓ Installing StorageClass Set kubectl context to "kind-kind" You can now use your cluster with: kubectl cluster-info --context kind-kind Have a question, bug, or feature request? Let us know! https://kind.sigs.k8s.io/#community

.BOBHFNFOU$MVTUFSʹ֤छ1SPWJEFSΛΠϯετʔϧ͢Δ "84ͷ৔߹ɺ*".3PMF΍1PMJDZͷ࡞੒͕ඞཁ ~/s/g/t/h/cluster-api $ set -x AWS_REGION ap-northeast-1 ~/s/g/t/h/cluster-api $
set -x AWS_ACCESS_KEY_ID XXXXXXXXXXXXXXXXXX ~/s/g/t/h/cluster-api $ set -x AWS_SECRET_ACCESS_KEY XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ~/s/g/t/h/cluster-api $ set -x AWS_B64ENCODED_CREDENTIALS (clusterawsadm alpha bootstrap encode-aws-credentials) ~/s/g/t/h/cluster-api $ clusterawsadm alpha bootstrap create-stack Attempting to create CloudFormation stack cluster-api-provider-aws-sigs-k8s-io Following resources are in the stack: [snip] ~/s/g/t/h/cluster-api $ clusterctl init --infrastructure aws Fetching providers Installing cert-manager Waiting for cert-manager to be available... Installing Provider="cluster-api" Version="v0.3.6" TargetNamespace="capi-system" Installing Provider="bootstrap-kubeadm" Version="v0.3.6" TargetNamespace="capi-kubeadm-bootstrap-system" Installing Provider="control-plane-kubeadm" Version="v0.3.6" TargetNamespace="capi-kubeadm-control-plane-system" Installing Provider="infrastructure-aws" Version="v0.5.3" TargetNamespace="capa-system" Your management cluster has been initialized successfully! You can now create your first workload cluster by running the following: clusterctl config cluster [name] --kubernetes-version [version] | kubectl apply -f -

8PSLMPBE$MVTUFS༻ͷϚχϑΣετΛ࡞Δ DMVTUFSDUMͰੜ੒Ͱ͖ΔͷͰϚδָ ~/s/g/t/h/cluster-api $ set -x AWS_REGION ap-northeast-1 ~/s/g/t/h/cluster-api $
set -x AWS_SSH_KEY_NAME r_takaishi ~/s/g/t/h/cluster-api $ set -x AWS_CONTROL_PLANE_MACHINE_TYPE t3.large ~/s/g/t/h/cluster-api $ set -x AWS_NODE_MACHINE_TYPE t3.large ~/s/g/t/h/cluster-api $ ~/s/g/t/h/cluster-api $ clusterctl config cluster capi-quickstart \ --kubernetes-version v1.17.3 \ --control-plane-machine-count=3 \ --worker-machine-count=3 \ > capi-quickstart.yaml

ϚχϑΣετΛ.BOBHFNFOU$MVTUFSʹ"QQMZ͢Δ ~/s/g/t/h/cluster-api $ kubectl apply -f ./capi-quickstart.yaml cluster.cluster.x-k8s.io/capi-quickstart created awscluster.infrastructure.cluster.x-k8s.io/capi-quickstart
created kubeadmcontrolplane.controlplane.cluster.x-k8s.io/capi-quickstart-control-plane created awsmachinetemplate.infrastructure.cluster.x-k8s.io/capi-quickstart-control-plane created machinedeployment.cluster.x-k8s.io/capi-quickstart-md-0 created awsmachinetemplate.infrastructure.cluster.x-k8s.io/capi-quickstart-md-0 created kubeadmconfigtemplate.bootstrap.cluster.x-k8s.io/capi-quickstart-md-0 created

ϚχϑΣετΛ.BOBHFNFOU$MVTUFSʹ"QQMZ͢Δ .BDIJOF͕߹ܭ୆ɺ3VOOJOHʹͳΔͷΛ଴ͭ ~/s/g/t/h/cluster-api $ kubectl get machines NAME PROVIDERID PHASE
capi-quickstart-control-plane-2m7ck aws:////i-027f6e66f98403f3f Running capi-quickstart-control-plane-b9gxh aws:////i-016b3f1b2cf5a2373 Running capi-quickstart-control-plane-k5xd6 aws:////i-04148f036ef11291e Running capi-quickstart-md-0-75648fff48-4tbvk aws:////i-003c695ef1fb65f3e Running capi-quickstart-md-0-75648fff48-67fkb aws:////i-03e906e8044db1e33 Running capi-quickstart-md-0-75648fff48-wx7wf aws:////i-0b671868de735956b Running

8PSLMBPE$MVTUFS͕׬੒ ͜ͷ࣌఺Ͱ͸$/*͕Πϯετʔϧ͞Ε͍ͯͳ͍ ~/s/g/t/h/cluster-api $ kubectl --namespace=default get secret/capi-quickstart-kubeconfig -o jsonpath={.data.value}
\ | base64 --decode \ > ./capi-quickstart.kubeconfig ~/s/g/t/h/cluster-api $ kubectl --kubeconfig ./capi-quickstart.kubeconfig get node NAME STATUS ROLES AGE VERSION ip-10-0-0-123.ap-northeast-1.compute.internal NotReady <none> 5m58s v1.17.3 ip-10-0-0-177.ap-northeast-1.compute.internal NotReady <none> 5m54s v1.17.3 ip-10-0-0-185.ap-northeast-1.compute.internal NotReady master 9m13s v1.17.3 ip-10-0-0-190.ap-northeast-1.compute.internal NotReady master 93s v1.17.3 ip-10-0-0-20.ap-northeast-1.compute.internal NotReady master 4m24s v1.17.3 ip-10-0-0-215.ap-northeast-1.compute.internal NotReady <none> 5m57s v1.17.3

8PSLMBPE$MVTUFS͕׬੒ DBMJDPΛΠϯετʔϧͯ͠ɺ/PEFΛ3FBEZʹ͢Δ ~/s/g/t/h/cluster-api $ kubectl --kubeconfig=./capi-quickstart.kubeconfig \ apply -f https://docs.projectcalico.org/v3.12/manifests/calico.yaml
~/s/g/t/h/cluster-api $ kubectl --kubeconfig ./capi-quickstart.kubeconfig get node NAME STATUS ROLES AGE VERSION ip-10-0-0-123.ap-northeast-1.compute.internal Ready <none> 7m44s v1.17.3 ip-10-0-0-177.ap-northeast-1.compute.internal Ready <none> 7m40s v1.17.3 ip-10-0-0-185.ap-northeast-1.compute.internal Ready master 10m v1.17.3 ip-10-0-0-190.ap-northeast-1.compute.internal Ready master 3m19s v1.17.3 ip-10-0-0-20.ap-northeast-1.compute.internal Ready master 6m10s v1.17.3 ip-10-0-0-215.ap-northeast-1.compute.internal Ready <none> 7m43s v1.17.3

8PSLMBPE$MVTUFS͕׬੒ Ϋϥελʔ΍ίϯτϩʔϧϓϨʔϯΛݟͯΈΔͱ͜Μͳײ͡ # クラスターはプロビジョニングされたことがわかる ~/s/g/t/h/cluster-api $ kubectl get clusters NAME
PHASE capi-quickstart Provisioned # コントロールプレーンはレプリカ3台 # なぜかREADY REPLICASが2のまま… ~/s/g/t/h/cluster-api $ kubectl get kubeadmcontrolplane NAME READY INITIALIZED REPLICAS READY REPLICAS UPDATED REPLICAS UNAVAILABLE REPLICAS capi-quickstart-control-plane true true 3 2 3 1 # データプレーンもレプリカ3台 ~/s/g/t/h/cluster-api $ kubectl get machinedeployments NAME PHASE REPLICAS AVAILABLE READY capi-quickstart-md-0 Running 3 3 3

$MVTUFS"1*Λ࢖͏ͱLVCFDUM BQQMZͰΫϥελʔΛ࡞ΕΔʂ

͔͜͜Β͸ $3%΍ίϯτϩʔϥʔपΓʹ͍ͭͯ

%FFQ%JWFJOUPB $MVTUFS"1*

$MVTUFS"1*ͷؔ܎ऀʹ͍ͭͯʢ࠶ܝʣ .BOBHFNFOU$MVTUFS )VNBO 8PSLMPBE$MVTUFS "84 0QFO4UBDL .FUBM DBQBDPOUSPMMFSNBOBHFS DBQPDPOUSPMMFSNBOBHFS DBQNDPOUSPMMFSNBOBHFS
DMVTUFSBQJDPOUSPMMFSNBOBHFS *OGSBTUSVDUVSF1SPWJEFS #PPUTUSBQ1SPWJEFS LVCFBENCPPUTUSBQDPOUSPMMFS $POUSPM1MBOF1SPWJEFS LVCFBENDPOUSPMQMBOFDPOUSPMMFS )BOEMJOHMJGFDZDMFPGB $MVTUFS"1* NBOJGFTUT DMVTUFSDUM )BOEMJOHMJGFDZDMFPGB 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS 8PSLMPBE$MVTUFS

ΧελϜϦιʔεͷؔ܎ Ұ෦ʣ $MVTUFS "84$MVTUFS ,VCFBEN$POUSPM1MBOF "84.BDIJOF5FNQMBUF .BDIJOF "84.BDIJOF ,VCFBEN$POpH .BDIJOF%FQMPZNFOU
"84.BDIJOF5FNQMBUF ,VCFBEN$POpH5FNQMBUF .BDIJOF4FU .BDIJOF "84.BDIJOF ,VCFBEN$POpH 0CKFDU3FGFSFODF 0XOFS3FGFSFODF ⚠0XOFS3FGFSFODF͸෦෼తʹܝࡌ .BDIJOF .BDIJOF .BDIJOF .BDIJOF

֤1SPWJEFSͱ.BDIJOFɺ*OGSBTUSVDUVSFͷؔ܎ "84 *OTUBODF $MVTUFS"1* ,VCFBEN #PPUTUSBQ1SPWJEFS .BDIJOF ,VCFBEN$POpH "84.BDIJOF .BDIJOF
,VCFBEN$POpH "84.BDIJOF DMPVEJOJUεΫϦϓτΛੜ੒ͯ͠ ,VCFBEN$POpHͷTUBUVT#PPUTUSBQ%BUBʹอଘ ࡞੒Λݕ஌ *OTUBODF "84ʹΠϯελϯεΛ࡞੒ $MVTUFS "84$MVTUFS ࡞੒Λݕ஌ ࡞੒Λݕ஌ ࡞੒ ࡞੒ ࡞੒ ࡞੒ ࡞੒ .BOBHFNFOU$MVTUFS 8PSLMPBE$MVTUFS ࡞੒Λݕ஌ ,VCFBEN$POUSPM1MBOF1SPWJEFS ,VCFBEN$POUSPM1MBOF "84.BDIJOF5FNQMBUF .BDIJOF%FQMPZNFOU "84.BDIJOF5FNQMBUF ,VCFBEN$POpH5FNQMBUF ࡞੒Λݕ஌ "84*OGSBTUSVDUVSF1SPWJEFS 71$ 4VCOFU *(8 #BTUJPO "1*4FSWFS&-# FUD ࡞੒ ࡞੒ ࡞੒ ࡞੒

)VNBO͕؅ཧ͢ΔϦιʔε͸͜Ε $MVTUFS "84$MVTUFS ,VCFBEN$POUSPM1MBOF "84.BDIJOF5FNQMBUF .BDIJOF "84.BDIJOF ,VCFBEN$POpH .BDIJOF%FQMPZNFOU "84.BDIJOF5FNQMBUF
,VCFBEN$POpH5FNQMBUF .BDIJOF4FU .BDIJOF "84.BDIJOF ,VCFBEN$POpH 0CKFDU3FGFSFODF 0XOFS3FGFSFODF ⚠0XOFS3FGFSFODF͸෦෼తʹܝࡌ .BDIJOF .BDIJOF .BDIJOF .BDIJOF

$MVTUFSͱ$POUSPM1MBOF $MVTUFS "84$MVTUFS ,VCFBEN$POUSPM1MBOF "84.BDIJOF5FNQMBUF .BDIJOF "84.BDIJOF ,VCFBEN$POpH .BDIJOF%FQMPZNFOU "84.BDIJOF5FNQMBUF
,VCFBEN$POpH5FNQMBUF .BDIJOF4FU .BDIJOF "84.BDIJOF ,VCFBEN$POpH 0CKFDU3FGFSFODF 0XOFS3FGFSFODF ⚠0XOFS3FGFSFODF͸෦෼తʹܝࡌ .BDIJOF .BDIJOF .BDIJOF .BDIJOF

$MVTUFSͱ$POUSPM1MBOF LJOE$MVTUFS apiVersion: cluster.x-k8s.io/v1alpha3 kind: Cluster metadata: name: capi-quickstart namespace:
default spec: clusterNetwork: pods: cidrBlocks: - 192.168.0.0/16 controlPlaneRef: apiVersion: controlplane.cluster.x-k8s.io/v1alpha3 kind: KubeadmControlPlane name: capi-quickstart-control-plane infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3 kind: AWSCluster name: capi-quickstart w 1PEωοτϫʔΫͷઃఆ w ,VCFBEN$POUSPM1MBOF΁ͷࢀর w ίϯτϩʔϧϓϨʔϯΛ؅ཧ͢ΔͨΊͷΦϒδΣΫτ w "84$MVTUFS΁ͷࢀর

$MVTUFSͱ$POUSPM1MBOF LJOE"84$MVTUFS apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3 kind: AWSCluster metadata: name: capi-quickstart namespace:
default spec: region: ap-northeast-1 sshKeyName: r_takaishi w "84ݻ༗ͷઃఆΛهड़ w Ϧʔδϣϯ΍44)Ωʔ

$MVTUFSͱ$POUSPM1MBOF LJOE,VCFBEN$POUSPM1MBOF apiVersion: controlplane.cluster.x-k8s.io/v1alpha3 kind: KubeadmControlPlane metadata: name: capi-quickstart-control-plane namespace:
default spec: infrastructureTemplate: apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3 kind: AWSMachineTemplate name: capi-quickstart-control-plane kubeadmConfigSpec: [snip] replicas: 3 version: v1.17.3 w ίϯτϩʔϧϓϨʔϯͷઃఆΛهड़ w ͜Ε͸,VCFBENͰߏங͢ΔͨΊͷϦιʔε w ϊʔυ୆਺ w "84ʹ࡞੒͢ΔϚγϯͷςϯϓϨʔτ΁ͷࢀর w ,VCFBENͷઃఆ

$MVTUFSͱ$POUSPM1MBOF LJOE"84.BDIJOF5FNQMBUF apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3 kind: AWSMachineTemplate metadata: name: capi-quickstart-control-plane namespace:
default spec: template: spec: iamInstanceProfile: control-plane.cluster-api-provider-aws.sigs.k8s.io instanceType: t3.large sshKeyName: r_takaishi w ίϯτϩʔϧϓϨʔϯ༻Πϯελϯεͷઃఆ w ΠϯελϯελΠϓ΍44)Ωʔ໊ͳͲΛهड़

*OGSBTUSVDUVSF3FG "84.BDIJOF ,VCFBEN$POpH $MVTUFSͱ$POUSPM1MBOF $MVTUFS "84$MVTUFS ,VCFBEN$POUSPM1MBOF "84.BDIJOF5FNQMBUF *OGSBTUSVDUVSF3FG $POUSPM1MBOF3FG
*OGSBTUSVDUVSF5FNQMBUF [email protected] ࡞੒ɾߋ৽Λݕ஌ 71$΍αϒωοτͳͲɺ Ϋϥελʔ͕ඞཁͱ͢Δʮ7.Ҏ֎ͷʯϦιʔεΛ࡞੒ [email protected]@[email protected] .BDIJOF .BDIJOF .BDIJOF ࡞੒ɾߋ৽Λݕ஌ .BDIJOF "84.BDIJOF ,VCFBEN$POpHΛ࡞੒ "84.BDIJOF "84.BDIJOF ,VCFBEN$POpH ,VCFBEN$POpH $POpH3FG [email protected] ࡞੒ɾߋ৽Λݕ஌ ಡΈࠐΈ ΠϯελϯεΛ࡞੒

%BUB1MBOF .BDIJOF%FQMPZNFOU $MVTUFS "84$MVTUFS ,VCFBEN$POUSPM1MBOF "84.BDIJOF5FNQMBUF .BDIJOF "84.BDIJOF ,VCFBEN$POpH .BDIJOF%FQMPZNFOU
"84.BDIJOF5FNQMBUF ,VCFBEN$POpH5FNQMBUF .BDIJOF4FU .BDIJOF "84.BDIJOF ,VCFBEN$POpH 0CKFDU3FGFSFODF 0XOFS3FGFSFODF ⚠0XOFS3FGFSFODF͸෦෼తʹܝࡌ .BDIJOF .BDIJOF .BDIJOF .BDIJOF

%BUB1MBOF .BDIJOF%FQMPZNFOU LJOE.BDIJOF%FQMPZNFOU apiVersion: cluster.x-k8s.io/v1alpha3 kind: MachineDeployment metadata: name: capi-quickstart-md-0
namespace: default spec: clusterName: capi-quickstart replicas: 3 selector: matchLabels: null template: spec: bootstrap: configRef: apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3 kind: KubeadmConfigTemplate name: capi-quickstart-md-0 clusterName: capi-quickstart infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3 kind: AWSMachineTemplate name: capi-quickstart-md-0 version: v1.17.3 w σʔλϓϨʔϯ༻ͷϚγϯΛ؅ཧ͢Δ w ໾ׂͱͯ͠͸%FQMPZNFOUʹࣅ͍ͯΔ w ࡞੒͢ΔΠϯελϯεͷઃఆ΍ىಈ࣌ʹ࣮ߦ͢Δ $MPVE*OJUςϯϓϨʔτ΁ͷࢀরΛอ࣋͢Δ

%BUB1MBOF .BDIJOF%FQMPZNFOU LJOE"84.BDIJOF5FNQMBUF apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3 kind: AWSMachineTemplate metadata: name: capi-quickstart-md-0
namespace: default spec: template: spec: iamInstanceProfile: nodes.cluster-api-provider-aws.sigs.k8s.io instanceType: t3.large sshKeyName: r_takaishi w σʔλϓϨʔϯ༻Πϯελϯεͷઃఆ w ΠϯελϯελΠϓ΍44)Ωʔ໊ͳͲΛهड़

%BUB1MBOF .BDIJOF%FQMPZNFOU ,VCFBEN$POpH5FNQMBUF apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3 kind: KubeadmConfigTemplate metadata: name: capi-quickstart-md-0
namespace: default spec: template: spec: joinConfiguration: nodeRegistration: kubeletExtraArgs: cloud-provider: aws name: '{{ ds.meta_data.local_hostname }}' w σʔλϓϨʔϯ༻ͷΠϯελϯε͕ىಈ͢Δࡍʹ࣮ߦ͢ Δ$MPVE*OJU༻ͷςϯϓϨʔτ

%BUB1MBOF .BDIJOF%FQMPZNFOU .BDIJOF%FQMPZNFOU "84.BDIJOF5FNQMBUF ,VCFBEN$POpH5FNQMBUF .BDIJOF4FU *OGSBTUSVDUVSF3FG $POpH3FG [email protected] ࡞੒ɾߋ৽Λݕ஌
࡞੒ [email protected] ࡞੒ɾߋ৽Λݕ஌ *OGSBTUSVDUVSF3FG "84.BDIJOF ,VCFBEN$POpH .BDIJOF .BDIJOF .BDIJOF .BDIJOF "84.BDIJOF ,VCFBEN$POpHΛ࡞੒ "84.BDIJOF "84.BDIJOF ,VCFBEN$POpH ,VCFBEN$POpH $POpH3FG [email protected] ࡞੒ɾߋ৽Λݕ஌ ಡΈࠐΈ ΠϯελϯεΛ࡞੒

ͲͷΑ͏ʹ3FDPODJMF-PPQ͕࿈ܞ͍ͯ͠Δ͔௫ΊͨͩΖ͏͔ʜʁ w ΧελϜϦιʔεͱίϯτϩʔϥʔͷ࿈ಈʹ͍ͭͯ̍ຕֆΛॻ͘ͷϚδ೉͍͠ w Ϧιʔεͷछྨ͕৭ʑ͋Δ͚Ͳɺͭͣͭ௥͑͹ݟ͑ͯ͘Δ w Ͱ͖Ε͹֤ίϯτϩʔϥʔ಺ͰͲ͏͍͏3FDPODJMFΛ͍ͯ͠Δͷ͔΋ਤղ͠ ͔ͨͬͨʜ

͓·͚ɿ.BDIJOF)FBMUI$IFDL w 8PSLMPBE$MVTUFSͷ֤ϊʔυʹ͍ͭͯɺਖ਼ৗ͔Ͳ͏͔ʢ)FBMUIZ͔Ͳ͏ ͔ʣΛνΣοΫ͢ΔΦϓγϣφϧͳػೳ w ਖ਼ৗͰ͸ͳ͍৔߹ɺ.BDIJOFΛ࡟আ͢Δ w .BDIJOFͷ࣮ମͱͳΔαʔόʔ͸ݸʑͷ*OGSBTUSVDUVSF1SPWJEFS͕࡟আ w ϊʔυͷ୆਺͕ݮΔ͕ɺ.BDIJOF4FUʹΑͬͯ௥Ճ͞Εͯ෮چ׬ྃ͢Δ

$MVTUFS"1*Ԡ༻ࣄྫ

(.0ϖύϘʹ͓͚Δ$MVTUFS"1*ͷԠ༻ࣄྫ લఏ৚݅ͷڞ༗ w ϖύϘͰ͸0QFO4UBDLΛ༻͍ͨϓϥΠϕʔτΫϥ΢υ /ZBI Λ࢖͓ͬͯ Γɺͦͷ্ʹLTΛߏஙͯ͠ӡ༻͍ͯ͠Δ w ߏஙͷͨΊͷιϑτ΢ΣΞΛ࣮૷ͯ͠ར༻͍ͯ͠Δ w
%BUB1MBOF/PEFͷ؅ཧΛLTͰߦ͍͍ͨ w 3PMMJOH6QEBUF΍"VUP)FBMJOHͳͲΛLTʹࡌ͍ͤͨ w $MVTUFS"1*ͩͱͦΕΒ͕࣮ݱͰ͖Δ

OPEFDPOUSPMMFSͱ͍͏ίϯτϩʔϥʔΛ࣮૷ w $MVTUFS"1*ͷϊʔυ؅ཧػೳ͚ͩΛऔΓग़ͯ͠ར༻ w .BDIJOF%FQMPZNFOU .BDIJOF4FU .BDIJOF w /ZBIʹ7.Λ࡞ΔͨΊͷ"1*ͱ$POUSPMMFSΛ௥Ճ࣮૷ w
/ZBI.BDIJOFɺ/ZBI.BDIJOF5FNQMBUF w /ZBI.BDIJOF$POUSPMMFS w ࣮૷౰࣌ɺDMVTUFSBQJQSPWJEFSPQFOTUBDL͸WBMQIB͔ΒWBMQIB΁ϚΠ άϨʔγϣϯ్தͩͬͨͷͰࣗ෼Ͱ࡞ͬͨͱ͍͏ܦҢ͕͋Δ

OPEFDPOUSPMMFSͷॲཧͷྲྀΕ จࣈ͕খͯ͘͞ಡΈʹ͔ͬͨ͘Β͝ΊΜͶ .BDIJOF%FQMPZNFOU 3FDPODJMFS )VNBO .BDIJOF4FU 3FDPODJMFS .BDIJOF 3FDPODJMFS /ZBI.BDIJOF
3FDPODJMFS 0QFO4UBDL ,VCFSOFUFT /ZBI.BDIJOF 5FNQMBUF .BDIJOF %FQMPZNFOU .BDIJOF 4FU .BDIJOF .BDIJOF /ZBI.BDIJOF /ZBI.BDIJOF $SFBUF4FSWFS $SFBUF4FSWFS $SFBUF $SFBUF 0CTFSWF $SFBUF 0CTFSWF $SFBUF $SFBUF 0CTFSWF 0CTFSWF $SFBUF $SFBUF 0CTFSWF 0CTFSWF OPEFDPOUSPMMFS

ਐḿͲ͏Ͱ͔͢ w ·ͩ׬શʹҠߦ͸͓ͯ͠Βͣɺݕূத w ݱ࣌఺ͷ.BDIJOF%FQMPZNFOU͸/PEF͕3FBEZͱͳΔ͔Ͳ͏͔ΛνΣο Ϋ͍ͯ͠ͳ͍ͨΊɺ/PEFͷ3PMMJOH6QEBUFʹෆ͕҆࢒Δ w ࠓͩͱ#PPUTUSBQ1SPWJEFSΛ࣮૷͢Ε͹ɺޙ͸DMVTUFSBQJQSPWJEFS PQFOTUBDLͷίʔυΛ࢖͑Δؾ΋͢ΔͷͰݕূ͍ͨ͠

·ͱΊ

·ͱΊ w $MVTUFS"1*͸,VCFSOFUFTͷػೳΛ࢖ͬͯ,VCFSOFUFTΫϥελʔΛ؅ཧ͢ ΔͨΊͷ࢓૊ΈͰ͋Δ w ΠϯϑϥϨΠϠʔʹ஫ྗ͠ɺෳ਺ͷ؀ڥΛαϙʔτ͢Δ w ෳ਺ͷΧελϜϦιʔεͱΧελϜίϯτϩʔϥʔ͕ڧௐͯ͠ಈ࡞͓ͯ͠Γɺ $3%ΧελϜίϯτϩʔϥʔͷઃܭɾ࣮૷ͷࢀߟʹͳΔ w
ݱࡏ΋׆ൃʹ։ൃ͞Ε͓ͯΓɺࠓޙ΋ػೳ௥Ճ͕ظ଴͞ΕΔ

入門！ClusterAPI 〜 k8s クラスターも k8s API で管理したい 〜 / k8s_meetup_31

入門！ClusterAPI 〜 k8s クラスターも k8s API で管理したい 〜 / k8s_meetup_31

More Decks by Ryo Takaishi

Other Decks in Technology

Featured

Transcript

入門！ClusterAPI 〜 k8s クラスターも k8s API で管理したい〜 / k8s_meetup_31

入門！ClusterAPI 〜 k8s クラスターも k8s API で管理したい〜 / k8s_meetup_31