반응형
Mac 기준
설정은
HA Proxy
- 192.168.1.200 (192.168.1.201~203 LB)
Control Plane
- 192.168.1.201
- 192.168.1.202
- 192.168.1.203
Data Plane
- 192.168.1.211
- 192.168.1.212
- 192.168.1.213
talosctl 설치
brew install siderolabs/tap/talosctl
작업용 디렉토리 생성
mkdir -p ~/talos/prod-cluster
cd ~/talos/prod-cluster
secrets 생성
talosctl gen secrets -o secrets.yaml
클러스터 config 생성
talosctl gen config prod https://192.168.1.200:6443 \
--with-secrets secrets.yaml
controlplane.yaml
worker.yaml
talosconfig
contorlplane로 사용할 yaml을 control plane쪽에서 복사해 다음 부분 수정
- controlplane-1.yaml, controlplane-2yaml controlplane-3.yaml 으로 저장
machine:
network:
hostname: talos-cluster-controlplane-1
interfaces:
- interface: eth0
dhcp: false
addresses:
- 192.168.1.201/24
routes:
- network: 0.0.0.0/0
gateway: 192.168.1.1
nameservers:
- 8.8.8.8
cluster:
proxy:
image: registry.k8s.io/kube-proxy:v1.34.1 # The container image used in the kube-proxy manifest.
disabled: true
work부분도 복사해 수정
- work-1.yaml, work-2.yaml, work-3.yaml 으로 저장
machine:
network:
hostname: talos-cluster-dataplane-1
interfaces:
- interface: eth0
dhcp: false
addresses:
- 192.168.1.212/24
routes:
- network: 0.0.0.0/0
gateway: 192.168.1.1
nameservers:
- 8.8.8.8
control plane 적용
talosctl apply-config --insecure -n 192.168.1.202 -f controlplane-1.yaml
talosctl apply-config --insecure -n 192.168.1.202 -f controlplane-2.yaml
talosctl apply-config --insecure -n 192.168.1.203 -f controlplane-3.yaml
data plane 적용
talosctl apply-config --insecure -n 192.168.1.211 -f worker-1.yaml
talosctl apply-config --insecure -n 192.168.1.212 -f worker-2.yaml
talosctl apply-config --insecure -n 192.168.1.213 -f worker-3.yaml
bootstrap
1번만 진행
talosctl --talosconfig talosconfig bootstrap -n 192.168.1.201
kubeconfig 받아서 kubectl 연결
talosctl --talosconfig talosconfig kubeconfig -n 192.168.1.201
kubectl get nodes -o wide
마지막으로 cilium 설치
(- talos 설정시 kube proxy를 제거)
helm install \
cilium \
cilium/cilium \
--version 1.18.4 \
--namespace kube-system \
--set ipam.mode=kubernetes \
--set kubeProxyReplacement=true \
--set securityContext.capabilities.ciliumAgent="{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}" \
--set securityContext.capabilities.cleanCiliumState="{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}" \
--set cgroup.autoMount.enabled=false \
--set cgroup.hostRoot=/sys/fs/cgroup \
--set k8sServiceHost=localhost \
--set k8sServicePort=7445 \
--set=gatewayAPI.enabled=true \
--set=gatewayAPI.enableAlpn=true \
--set=gatewayAPI.enableAppProtocol=true
cilium status
이후 워커 노드 3대 더 추가 (dataplane 4~6)
반응형
'IT 관련 끄적끄적' 카테고리의 다른 글
| [Kubernetes] helm install command (0) | 2025.12.10 |
|---|---|
| Kubernetes Control Plane을 구성하는 관리 컴포넌트 (0) | 2025.12.09 |
| Kubernetes 리소스 (0) | 2025.12.03 |