'controlplane' 태그의 글 목록

controlplane

[K8s] CKA 취득 연습문제#7 (kubeconfig view) 2023.05.30

[K8s] CKA 취득 연습문제#7 (kubeconfig view)

2023. 5. 30. 23:34

2023.05.30

★ kubeconfig 파일에 몇 개의 클러스터가 정의되어 있는가?

-> 1개


controlplane ~ ➜ kubectl config view 
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED

controlplane ~ ➜

★ kubeconfig 파일에 몇명의 사용자가 정의되어 있는가?

-> 1명


controlplane ~ ➜  kubectl config view 
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED

controlplane ~ ➜

★ kubeconfig 파일에는 몇 개의 컨텍스트가 정의되어 있는가?

-> 1개


controlplane ~ ➜  kubectl config view 
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED

controlplane ~ ➜

★ 컨텍스트에서 구성된 사용자 이름이 무엇인가요?

-> kubernetes-admin


controlplane ~ ➜  kubectl config view 
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED

controlplane ~ ➜

★ 컨텍스트에서 구성된 클러스터 이름이 무엇인가요?

-> kubernetes


controlplane ~ ➜  kubectl config view 
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://controlplane:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTED

controlplane ~ ➜

★ my-kube-config 구성된 클러스터는 몇개인가요?

-> 4개

★ my-kube-config 구성된 컨텍스트는 몇개인가요?

-> 4개

★ my-kube-config 구성된 컨텍스트에서 research의 유저는 누구인가요?

-> dev-user

★ my-kube-config 구성된 aws-user의 인증서 파일명은 무엇인가요?

-> aws-user.crt


controlplane ~ ➜  kubectl config view --kubeconfig my-kube-config 
apiVersion: v1
clusters:
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: development
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: kubernetes-on-aws
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: production
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: test-cluster-1
contexts:
- context:
cluster: kubernetes-on-aws
user: aws-user
name: aws-user@kubernetes-on-aws
- context:
cluster: test-cluster-1
user: dev-user
name: research
- context:
cluster: development
user: test-user
name: test-user@development
- context:
cluster: production
user: test-user
name: test-user@production
current-context: test-user@development
kind: Config
preferences: {}
users:
- name: aws-user
user:
client-certificate: /etc/kubernetes/pki/users/aws-user/aws-user.crt
client-key: /etc/kubernetes/pki/users/aws-user/aws-user.key
- name: dev-user
user:
client-certificate: /etc/kubernetes/pki/users/dev-user/developer-user.crt
client-key: /etc/kubernetes/pki/users/dev-user/dev-user.key
- name: test-user
user:
client-certificate: /etc/kubernetes/pki/users/test-user/test-user.crt
client-key: /etc/kubernetes/pki/users/test-user/test-user.key

controlplane ~ ➜

★ my-kube-config 파일에서 현재 컨텍스트가 무엇으로 설정되어 있나요?

-> test-user@development


controlplane ~ ➜  kubectl config current-context --kubeconfig my-kube-config 
test-user@development

controlplane ~ ➜

★ dev-user를 사용하여 test-cluster-1에 접근하려고합니다. 현재 컨텍스트를 올바른 컨텍스트로 설정해주세요.

-> research 컨텍스트로 스위칭


controlplane ~ ➜  kubectl config --kubeconfig=/root/my-kube-config use-context research
Switched to context "research".

controlplane ~ ➜

-> 현재 컨텍스트 확인


controlplane ~ ➜  kubectl config --kubeconfig=/root/my-kube-config current-context 
research

controlplane ~ ➜

★ my-kube-config 파일을 기본 kubeconfig로 설정한다.

-> /.kube/config 파일에다가 복사한다.


controlplane  ➜  mv my-kube-config /root/.kube/config

-> 확인한다.


controlplane ~ ➜  kubectl config view 
apiVersion: v1
clusters:
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: development
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: kubernetes-on-aws
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: production
- cluster:
certificate-authority: /etc/kubernetes/pki/ca.crt
server: https://controlplane:6443
name: test-cluster-1
contexts:
- context:
cluster: kubernetes-on-aws
user: aws-user
name: aws-user@kubernetes-on-aws
- context:
cluster: test-cluster-1
user: dev-user
name: research
- context:
cluster: development
user: test-user
name: test-user@development
- context:
cluster: production
user: test-user
name: test-user@production
current-context: research
kind: Config
preferences: {}
users:
- name: aws-user
user:
client-certificate: /etc/kubernetes/pki/users/aws-user/aws-user.crt
client-key: /etc/kubernetes/pki/users/aws-user/aws-user.key
- name: dev-user
user:
client-certificate: /etc/kubernetes/pki/users/dev-user/developer-user.crt
client-key: /etc/kubernetes/pki/users/dev-user/dev-user.key
- name: test-user
user:
client-certificate: /etc/kubernetes/pki/users/test-user/test-user.crt
client-key: /etc/kubernetes/pki/users/test-user/test-user.key

controlplane ~ ➜

★ 현재 컨텍스트를 연구로 설정한 상태에서 클러스터에 액세스하려고 합니다. 그러나 뭔가 잘못된 것 같습니다. 문제를 식별하고 수정하세요.

-> pod를 확인하려는데 오류 발생 (사용자 인증서를 읽을 수 없음)


controlplane ~ ➜  kubectl get pods
error: unable to read client-cert /etc/kubernetes/pki/users/dev-user/developer-user.crt for dev-user due to open /etc/kubernetes/pki/users/dev-user/developer-user.crt: no such file or directory

controlplane ~ ✖

-> config를 보고 user항목에 키 경로 확인해보기


controlplane ~ ✖ kubectl config view 
users:
- name: aws-user
user:
client-certificate: /etc/kubernetes/pki/users/aws-user/aws-user.crt
client-key: /etc/kubernetes/pki/users/aws-user/aws-user.key
- name: dev-user
user:
client-certificate: /etc/kubernetes/pki/users/dev-user/developer-user.crt
client-key: /etc/kubernetes/pki/users/dev-user/dev-user.key
- name: test-user
user:
client-certificate: /etc/kubernetes/pki/users/test-user/test-user.crt
client-key: /etc/kubernetes/pki/users/test-user/test-user.key

controlplane ~ ➜

-> client-certificate: /etc/kubernetes/pki/users/dev-user/developer-user.crt 고치기


controlplane ~ ➜ kubectl config view

users:
- name: aws-user
user:
client-certificate: /etc/kubernetes/pki/users/aws-user/aws-user.crt
client-key: /etc/kubernetes/pki/users/aws-user/aws-user.key
- name: dev-user
user:
client-certificate: /etc/kubernetes/pki/users/dev-user/dev-user.crt
client-key: /etc/kubernetes/pki/users/dev-user/dev-user.key
- name: test-user
user:
client-certificate: /etc/kubernetes/pki/users/test-user/test-user.crt
client-key: /etc/kubernetes/pki/users/test-user/test-user.key

controlplane ~ ➜

-> pod 확인


controlplane ~ ➜  kubectl get pods -A
NAMESPACE      NAME                                   READY   STATUS    RESTARTS   AGE
kube-flannel   kube-flannel-ds-2mr4z                  1/1     Running   0          54m
kube-system    coredns-787d4945fb-bxctq               1/1     Running   0          54m
kube-system    coredns-787d4945fb-r7hz5               1/1     Running   0          54m
kube-system    etcd-controlplane                      1/1     Running   0          54m
kube-system    kube-apiserver-controlplane            1/1     Running   0          54m
kube-system    kube-controller-manager-controlplane   1/1     Running   0          54m
kube-system    kube-proxy-f27wr                       1/1     Running   0          54m
kube-system    kube-scheduler-controlplane            1/1     Running   0          54m

controlplane ~ ➜

저작자표시

'Kubernetes > Kubernetes Exam' 카테고리의 다른 글

[K8s] CKA 취득 연습문제#9 (clusterrole, clusterrolebinding) (0)	2023.06.06
[K8s] CKA 취득 연습문제#8 (role, rolebinding) (0)	2023.06.06
[K8s] CKA 취득 연습문제#6 (csr approve, reject) (0)	2023.05.30
[K8s] CKA 취득 연습문제#5 (etcd, apiserver 인증서) (0)	2023.05.29
[K8s] CKA 취득 연습문제#4 (etcd backup, recovery) (0)	2023.05.24

PREV 1 NEXT

내 블로그 - 관리자 홈 전환	`Q` `Q`
새 글 쓰기	`W` `W`

글 수정 (권한 있는 경우)	`E` `E`
댓글 영역으로 이동	`C` `C`

이 페이지의 URL 복사	`S` `S`
맨 위로 이동	`T` `T`
티스토리 홈 이동	`H` `H`
단축키 안내	`Shift` + `/` `⇧` + `/`

IT 끄적이는 물고기