https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/13-smoke-test.md
### Kubernetes Secret Data 암호화 검증
[root@master01 ~]# kubectl create secret generic kubernetes-the-hard-way \
> --from-literal="mykey=mydata"
secret/kubernetes-the-hard-way created
[root@master01 ~]# etcdctl get \
> --endpoints=https://127.0.0.1:2379 \
> --cacert=/etc/etcd/ca.pem \
> --cert=/etc/etcd/kubernetes.pem \
> --key=/etc/etcd/kubernetes-key.pem\
> /registry/secrets/default/kubernetes-the-hard-way | hexdump -C
00000000 2f 72 65 67 69 73 74 72 79 2f 73 65 63 72 65 74 |/registry/secret|
00000010 73 2f 64 65 66 61 75 6c 74 2f 6b 75 62 65 72 6e |s/default/kubern|
00000020 65 74 65 73 2d 74 68 65 2d 68 61 72 64 2d 77 61 |etes-the-hard-wa|
00000030 79 0a 6b 38 73 3a 65 6e 63 3a 61 65 73 63 62 63 |y.k8s:enc:aescbc|
00000040 3a 76 31 3a 6b 65 79 31 3a c2 ae 58 49 5f c0 60 |:v1:key1:..XI_.`|
00000050 98 52 10 83 c8 40 ab b3 f6 cd fa d9 30 f7 c1 bc |.R...@......0...|
00000060 89 6c 43 12 7b 75 8f 93 75 60 dc 83 68 14 4c 25 |.lC.{u..u`..h.L%|
00000070 e6 bf b1 b3 3b 0c cd 09 88 db ac d2 bd 1e 9f e6 |....;...........|
00000080 4b e4 5d fd ab 00 88 47 48 67 32 b6 f7 e5 fc 4a |K.]....GHg2....J|
00000090 26 f8 73 46 aa 31 3a c8 4d fb bc dc 9a 69 55 63 |&.sF.1:.M....iUc|
000000a0 6a 13 17 cc f0 36 27 4b 23 d5 7e c4 a5 4a fb 6b |j....6'K#.~..J.k|
000000b0 67 10 e6 83 54 46 26 80 72 7f ab c5 01 f4 f8 e3 |g...TF&.r.......|
000000c0 ba da ce 12 2c 2d ec 47 ad bf 64 cf fb 9a 57 ce |....,-.G..d...W.|
000000d0 c4 57 91 54 09 1c 72 13 cd 84 6a eb 0a 40 28 bb |.W.T..r...j..@(.|
000000e0 45 48 1f 10 16 d5 33 03 2f a3 78 ca 56 71 78 d9 |EH....3./.x.Vqx.|
000000f0 73 a6 67 38 6d 31 b8 66 f6 c8 c6 7f b8 b2 32 be |s.g8m1.f......2.|
00000100 d8 82 fe b1 c3 dd b4 6d ba 47 9b 85 18 0c f8 48 |.......m.G.....H|
00000110 84 24 a0 10 f5 54 6a b0 0e dd f7 37 d0 9c fa 6a |.$...Tj....7...j|
00000120 a2 eb a6 58 b6 fa 65 72 44 ae bc d3 46 e1 cd 1e |...X..erD...F...|
00000130 29 bc fc 05 dc e4 f0 48 af 32 18 29 a5 25 30 13 |)......H.2.).%0.|
00000140 28 e8 1c b5 6e bb b8 25 3d 0a |(...n..%=.|
0000014a
[root@master01 ~]#
### 배포 검증
[root@master01 ~]# kubectl create deployment nginx --image=nginx
deployment.apps/nginx created
[root@master01 ~]# kubectl get pods -l app=nginx
NAME READY STATUS RESTARTS AGE
nginx-f89759699-pn6sw 1/1 Running 0 6s
[root@master01 ~]#
### Port Forwarding 검증
[root@master01 ~]# POD_NAME=$(kubectl get pods -l app=nginx -o jsonpath="{.items[0].metadata.name}")
[root@master01 ~]#
[root@master01 ~]# kubectl port-forward $POD_NAME 8080:80
Forwarding from [::1]:8080 -> 80
### New Terminal
[root@master01 ~]# curl --head http://127.0.0.1:8080
HTTP/1.1 200 OK
Cache-Control: no-cache, private
Content-Type: application/json
Date: Wed, 02 Dec 2020 09:57:06 GMT
[root@master01 ~]#
### 기존 Terminal
^C[root@master01 ~]#
### 로그 확인
[root@master01 ~]# kubectl logs $POD_NAME
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
### Pod EXEC 확인
[root@master01 ~]# kubectl exec -ti $POD_NAME -- nginx -v
nginx version: nginx/1.19.5
[root@master01 ~]#
### SERVICE 확인
[root@master01 ~]# kubectl expose deployment nginx --port 80 --type NodePort
service/nginx exposed
[root@master01 ~]# NODE_PORT=$(kubectl get svc nginx \
> --output=jsonpath='{range .spec.ports[0]}{.nodePort}')
[root@master01 ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
busybox 1/1 Running 0 15m
nginx-f89759699-pn6sw 1/1 Running 0 8m29s
[root@master01 ~]# kubectl describe pod nginx-f89759699-pn6sw | grep Node:
Node: worker01/192.168.1.57
[root@master01 ~]# curl -I http://192.168.1.57:${NODE_PORT}
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 02 Dec 2020 10:04:38 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 24 Nov 2020 13:02:03 GMT
Connection: keep-alive
ETag: "5fbd044b-264"
Accept-Ranges: bytes
'kubernetes > Install hardway' 카테고리의 다른 글
| [HARDWAY] 99.Deploying the DNS Cluster Add-on (0) | 2020.12.02 |
|---|---|
| [HARDWAY] 10. Configuring kubectl for Remote Access (0) | 2020.12.02 |
| [HARDWAY] 09.Bootstrapping the Kubernetes Worker Nodes (0) | 2020.12.02 |
| [HARDWAY] 08.Bootstrapping the Kubernetes Control Plane (0) | 2020.12.02 |
| [HARDWAY] 07.Bootstrapping the etcd Cluster (0) | 2020.12.02 |