반응형
2023.05.30
★ kubeconfig 파일에 몇 개의 클러스터가 정의되어 있는가?
-> 1개
controlplane ~ ➜ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED
controlplane ~ ➜
★ kubeconfig 파일에 몇명의 사용자가 정의되어 있는가?
-> 1명
controlplane ~ ➜ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED
controlplane ~ ➜
★ kubeconfig 파일에는 몇 개의 컨텍스트가 정의되어 있는가?
-> 1개
controlplane ~ ➜ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED
controlplane ~ ➜
★ 컨텍스트에서 구성된 사용자 이름이 무엇인가요?
-> kubernetes-admin
controlplane ~ ➜ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED
controlplane ~ ➜
★ 컨텍스트에서 구성된 클러스터 이름이 무엇인가요?
-> kubernetes
controlplane ~ ➜ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED
controlplane ~ ➜
★ my-kube-config 구성된 클러스터는 몇개인가요?
-> 4개
★ my-kube-config 구성된 컨텍스트는 몇개인가요?
-> 4개
★ my-kube-config 구성된 컨텍스트에서 research의 유저는 누구인가요?
-> dev-user
★ my-kube-config 구성된 aws-user의 인증서 파일명은 무엇인가요?
-> aws-user.crt
controlplane ~ ➜ kubectl config view --kubeconfig my-kube-config
apiVersion: v1
clusters:
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: development
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: kubernetes-on-aws
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: production
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: test-cluster-1
contexts:
- context:
cluster: kubernetes-on-aws
user: aws-user
name: aws-user@kubernetes-on-aws
- context:
cluster: test-cluster-1
user: dev-user
name: research
- context:
cluster: development
user: test-user
name: test-user@development
- context:
cluster: production
user: test-user
name: test-user@production
current-context: test-user@development
kind: Config
preferences: {}
users:
- name: aws-user
user:
client-certificate: /etc/kubernetes/pki/users/aws-user/aws-user.crt
client-key: /etc/kubernetes/pki/users/aws-user/aws-user.key
- name: dev-user
user:
client-certificate: /etc/kubernetes/pki/users/dev-user/developer-user.crt
client-key: /etc/kubernetes/pki/users/dev-user/dev-user.key
- name: test-user
user:
client-certificate: /etc/kubernetes/pki/users/test-user/test-user.crt
client-key: /etc/kubernetes/pki/users/test-user/test-user.key
controlplane ~ ➜
★ my-kube-config 파일에서 현재 컨텍스트가 무엇으로 설정되어 있나요?
-> test-user@development
controlplane ~ ➜ kubectl config current-context --kubeconfig my-kube-config
test-user@development
controlplane ~ ➜
★ dev-user를 사용하여 test-cluster-1에 접근하려고합니다. 현재 컨텍스트를 올바른 컨텍스트로 설정해주세요.
-> research 컨텍스트로 스위칭
controlplane ~ ➜ kubectl config --kubeconfig=/root/my-kube-config use-context research
Switched to context "research".
controlplane ~ ➜-> 현재 컨텍스트 확인
controlplane ~ ➜ kubectl config --kubeconfig=/root/my-kube-config current-context
research
controlplane ~ ➜
★ my-kube-config 파일을 기본 kubeconfig로 설정한다.
-> /.kube/config 파일에다가 복사한다.
controlplane ➜ mv my-kube-config /root/.kube/config-> 확인한다.
controlplane ~ ➜ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: development
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: kubernetes-on-aws
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: production
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: test-cluster-1
contexts:
- context:
cluster: kubernetes-on-aws
user: aws-user
name: aws-user@kubernetes-on-aws
- context:
cluster: test-cluster-1
user: dev-user
name: research
- context:
cluster: development
user: test-user
name: test-user@development
- context:
cluster: production
user: test-user
name: test-user@production
current-context: research
kind: Config
preferences: {}
users:
- name: aws-user
user:
client-certificate: /etc/kubernetes/pki/users/aws-user/aws-user.crt
client-key: /etc/kubernetes/pki/users/aws-user/aws-user.key
- name: dev-user
user:
client-certificate: /etc/kubernetes/pki/users/dev-user/developer-user.crt
client-key: /etc/kubernetes/pki/users/dev-user/dev-user.key
- name: test-user
user:
client-certificate: /etc/kubernetes/pki/users/test-user/test-user.crt
client-key: /etc/kubernetes/pki/users/test-user/test-user.key
controlplane ~ ➜
★ 현재 컨텍스트를 연구로 설정한 상태에서 클러스터에 액세스하려고 합니다. 그러나 뭔가 잘못된 것 같습니다. 문제를 식별하고 수정하세요.
-> pod를 확인하려는데 오류 발생 (사용자 인증서를 읽을 수 없음)
controlplane ~ ➜ kubectl get pods
error: unable to read client-cert /etc/kubernetes/pki/users/dev-user/developer-user.crt for dev-user due to open /etc/kubernetes/pki/users/dev-user/developer-user.crt: no such file or directory
controlplane ~ ✖-> config를 보고 user항목에 키 경로 확인해보기
controlplane ~ ✖ kubectl config view
users:
- name: aws-user
user:
client-certificate: /etc/kubernetes/pki/users/aws-user/aws-user.crt
client-key: /etc/kubernetes/pki/users/aws-user/aws-user.key
- name: dev-user
user:
client-certificate: /etc/kubernetes/pki/users/dev-user/developer-user.crt
client-key: /etc/kubernetes/pki/users/dev-user/dev-user.key
- name: test-user
user:
client-certificate: /etc/kubernetes/pki/users/test-user/test-user.crt
client-key: /etc/kubernetes/pki/users/test-user/test-user.key
controlplane ~ ➜-> client-certificate: /etc/kubernetes/pki/users/dev-user/developer-user.crt 고치기
controlplane ~ ➜ kubectl config view
users:
- name: aws-user
user:
client-certificate: /etc/kubernetes/pki/users/aws-user/aws-user.crt
client-key: /etc/kubernetes/pki/users/aws-user/aws-user.key
- name: dev-user
user:
client-certificate: /etc/kubernetes/pki/users/dev-user/dev-user.crt
client-key: /etc/kubernetes/pki/users/dev-user/dev-user.key
- name: test-user
user:
client-certificate: /etc/kubernetes/pki/users/test-user/test-user.crt
client-key: /etc/kubernetes/pki/users/test-user/test-user.key
controlplane ~ ➜-> pod 확인
controlplane ~ ➜ kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-2mr4z 1/1 Running 0 54m
kube-system coredns-787d4945fb-bxctq 1/1 Running 0 54m
kube-system coredns-787d4945fb-r7hz5 1/1 Running 0 54m
kube-system etcd-controlplane 1/1 Running 0 54m
kube-system kube-apiserver-controlplane 1/1 Running 0 54m
kube-system kube-controller-manager-controlplane 1/1 Running 0 54m
kube-system kube-proxy-f27wr 1/1 Running 0 54m
kube-system kube-scheduler-controlplane 1/1 Running 0 54m
controlplane ~ ➜
반응형
'Kubernetes > Kubernetes Exam' 카테고리의 다른 글
| [K8s] CKA 취득 연습문제#9 (clusterrole, clusterrolebinding) (0) | 2023.06.06 |
|---|---|
| [K8s] CKA 취득 연습문제#8 (role, rolebinding) (0) | 2023.06.06 |
| [K8s] CKA 취득 연습문제#6 (csr approve, reject) (0) | 2023.05.30 |
| [K8s] CKA 취득 연습문제#5 (etcd, apiserver 인증서) (0) | 2023.05.29 |
| [K8s] CKA 취득 연습문제#4 (etcd backup, recovery) (0) | 2023.05.24 |