0. Master Node + Worker Node cần bao nhiêu RAM?
Master Node = 1500 MB RAM
Worker Node = 1024 MB RAM
→ kiểm tra thì nằm ở đây
1. Chạy LAB
Copy 6 lệnh dưới → dán trên PowerShell bằng cách click chuột phải
→ không phải gõ gõ từng lệnh mất thời gian
Chạy 6 lệnh sau trên Powershell quyền Administrator → dấu # là giải thích (comment)
# Giả sử có ổ đĩa D:
# Tạo thư mục D:\k8s-vmw + chuyển vào thư mục
mkdir D:\k8s-vmw > $null ; cd D:\k8s-vmw
# Khai báo biến là link tới file cần download
$URL="https://devsecops.edu.vn/wp-content/uploads/2023/11/k8s-vmw-jjwjMAD3Qs2BsGjPOxTO3byhT5vAjK.zip"
# Download file zìa
Invoke-WebRequest -URI $URL -OutFile k8s-vmw.zip
# Giải nén file + đổi tên
Expand-Archive k8s-vmw.zip -DestinationPath .
# Coi trong thư mục đang đứng có gì
dir
# Tạo máy ảo + chạy LAB từ A tới Á
vagrant up
Móc vào K8S dashboard bằng Nodeport → sinh ra port ngẫu nhiên 31808 → bạn chạy sẽ sinh ra port khác
Truy cập web trên máy Host là Windows 10/11
2. Các file nội dung mới nhất ở đây
Vagrantfile
Vagrant.configure("2") do |config|
config.vm.define "worker1" do |worker1|
worker1.vm.box = "rockylinux/9"
worker1.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
worker1.vm.hostname = "worker1"
worker1.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "2048"
v.vmx["displayname"] = "K8S Worker Node 1"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
worker1.vm.provision "shell", path: "prepare.sh"
worker1.vm.provision "shell", path: "gen-key-pair.sh"
worker1.vm.provision "shell", path: "import-pub-key.sh"
end
config.vm.define "worker2" do |worker2|
worker2.vm.box = "rockylinux/9"
worker2.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
worker2.vm.hostname = "worker2"
worker2.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "2048"
v.vmx["displayname"] = "K8S Worker Node 2"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
worker2.vm.provision "shell", path: "prepare.sh"
worker2.vm.provision "shell", path: "import-pub-key.sh"
end
config.vm.define "master1" do |master1|
master1.vm.box = "rockylinux/9"
master1.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
master1.vm.hostname = "master1"
master1.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "4096"
v.vmx["displayname"] = "K8S Master Node 1"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
master1.vm.provision "shell", path: "prepare.sh"
master1.vm.provision "shell", path: "import-pub-key.sh"
master1.vm.provision "shell", path: "import-private-key.sh"
master1.vm.provision "shell", path: "k8s-master-config.sh"
master1.vm.provision "shell", path: "k8s-kubespray-deploy.sh"
master1.vm.provision "shell", path: "k8s-dashboard-config.sh"
end
end
prepare.sh
#!/bin/bash
echo -e "\n1. Set IP tĩnh\n"
# Lấy tên Card mạng
NIC=$(ip a | grep ^2 | cut -f2 -d' ' | cut -f1 -d':')
# Lấy tên Connection
CONN=$(nmcli -g GENERAL.CONNECTION device show $NIC)
# Lấy địa chỉ IP
IP=$(hostname -I | cut -f1 -d' ')
# Lấy Subnet
SUBNET=$(ip -o -f inet addr show | awk '/scope global/ {print $4}' | cut -f2 -d'/')
# Lấy IP Gateway
GW=$(ip route | grep ^default | cut -f3 -d' ')
# Set IP tĩnh
nmcli connection modify "$CONN" ipv4.addresses ${IP}/${SUBNET}
nmcli connection modify "$CONN" ipv4.gateway $GW
# VMware Workstation chạy card mạng NAT --> DNS Server = Gateway IP
nmcli connection modify "$CONN" ipv4.dns $GW
nmcli connection modify "$CONN" ipv4.method manual
nmcli connection down "$CONN"
nmcli connection up "$CONN"
echo -e "\n2. Ghi IP vào Ansible Inventory\n"
# Thêm IP vào Ansible Inventory
sed -i "s/${HOSTNAME}_ip/${IP}/g" /vagrant/inventory_template/3hosts.yml
sed -i "s/${HOSTNAME}_ip/${IP}/g" /vagrant/inventory_template/4hosts.yml
sed -i "s/${HOSTNAME}_ip/${IP}/g" /vagrant/inventory_template/5hosts.yml
echo -e "\n3. Ghi IP để gán vào URL K8S Dashboard + show thông tin Deploy app\n"
echo "$HOSTNAME=$IP" >> /vagrant/ip_list.txt
echo -e "\n4. Tắt SELinux\n"
setenforce 0
grubby --update-kernel ALL --args selinux=0
# END
gen-key-pair.sh
#!/bin/bash
echo -e "\nSinh ra 1 cặp khóa riêng/chung (private/public key)\n"
ssh-keygen -q -t rsa -b 2048 -N '' -C 'DevSecOps.EDU.VN' -f /vagrant/private_key_rsa
import-pub-key.sh
#!/bin/bash
echo -e "\nGhi pub key vào user root\n"
cat /vagrant/private_key_rsa.pub > ~/.ssh/authorized_keys
import-private-key.sh
#!/bin/bash
echo -e "\nGhi private key vào user root\n"
cp /vagrant/private_key_rsa ~/.ssh/
chmod 600 ~/.ssh/private_key_rsa
cat /vagrant/private_key_rsa.pub > ~/.ssh/authorized_keys
k8s-master-config.sh
#!/bin/bash
echo -e "\nCài các gói cần thiết\n"
dnf -y install ansible-core python3-pip git
echo -e "\nCài các thư viện Python cần thiết cho Kubespray\n"
cd
git clone https://github.com/kubernetes-sigs/kubespray.git
cd kubespray
pip install -r requirements.txt
ansible --version
echo -e "\nChép các file config mẫu vào\n"
cp -r inventory/sample inventory/mycluster
echo -e "\nChép file Ansible Inventory vào\n"
cp -f /vagrant/inventory_template/3hosts.yml inventory/mycluster/
echo -e "\nBật các chức năng của K8S\n"
# https://github.com/kubernetes-sigs/kubespray/blob/master/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
sed -i 's/^kube_version:.*/kube_version: v1.28.4/' inventory/mycluster/group_vars/k8s_cluster/k8s-cluster.yml
sed -i 's/^kubernetes_audit.*/kubernetes_audit: true/' inventory/mycluster/group_vars/k8s_cluster/k8s-cluster.yml
sed -i 's/^#.*kubectl_localhost:.*/kubectl_localhost: true/' inventory/mycluster/group_vars/k8s_cluster/k8s-cluster.yml
sed -i 's/^#.*dashboard_enabled.*/dashboard_enabled: true/' inventory/mycluster/group_vars/k8s_cluster/addons.yml
sed -i 's/^ingress_nginx_enabled.*/ingress_nginx_enabled: true/' inventory/mycluster/group_vars/k8s_cluster/addons.yml
sed -i 's/^helm_enabled.*/helm_enabled: true/' inventory/mycluster/group_vars/k8s_cluster/addons.yml
sed -i 's/^metrics_server_enabled:.*/metrics_server_enabled: true/' inventory/mycluster/group_vars/k8s_cluster/addons.yml
# END
k8s-kubespray-deploy.sh
#!/bin/bash
echo -e "\nBuild K8S Cluster = Kubespray\n"
# Cài kubectl vào /usr/local/bin --> k có trong PATH --> thêm vào
echo 'export PATH=$PATH:/usr/local/bin' >> ~/.bash_profile
source ~/.bash_profile
cd /root/kubespray
ansible-playbook -i inventory/mycluster/3hosts.yml cluster.yml --private-key=~/.ssh/private_key_rsa
# END
k8s-dashboard-config.sh
#!/bin/bash
echo -e "\nBật K8S Dashboard\n"
kubectl apply -f /vagrant/dashboard/dashboard-adminuser.yaml
kubectl apply -f /vagrant/dashboard/admin-role-binding.yaml
echo -e "\nTruy cập K8S Dashboard = Nodeport\n"
kubectl patch service kubernetes-dashboard -n kube-system -p '{"spec":{"type":"NodePort"}}'
# Lấy số port
port=$(kubectl get svc kubernetes-dashboard -n kube-system | grep NodePort | awk '{print $5}' | cut -f2 -d':' | cut -f1 -d'/')
source /vagrant/ip_list.txt
echo -e "\n\nK8S Dashboard: https://${master1}:$port\n"
kubectl -n kube-system create token admin-user > /vagrant/token.txt
echo -e "\nToken nằm ở /vagrant/token.txt\n"
cat /vagrant/token.txt ; echo
echo -e "\n--- Hết òi ---"
echo -e "\n--- DevSecOps.Edu.VN mần cái này ---\n"
dashboard\admin-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
dashboard\dashboard-adminuser.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
add-worker-node\Vagrantfile
Vagrant.configure("2") do |config|
config.vm.define "worker1" do |worker1|
worker1.vm.box = "rockylinux/9"
worker1.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
worker1.vm.hostname = "worker1"
worker1.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "2048"
v.vmx["displayname"] = "K8S Worker Node 1"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
worker1.vm.provision "shell", path: "prepare.sh"
worker1.vm.provision "shell", path: "gen-key-pair.sh"
worker1.vm.provision "shell", path: "import-pub-key.sh"
end
config.vm.define "worker2" do |worker2|
worker2.vm.box = "rockylinux/9"
worker2.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
worker2.vm.hostname = "worker2"
worker2.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "2048"
v.vmx["displayname"] = "K8S Worker Node 2"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
worker2.vm.provision "shell", path: "prepare.sh"
worker2.vm.provision "shell", path: "import-pub-key.sh"
end
config.vm.define "worker3" do |worker3|
worker3.vm.box = "rockylinux/9"
worker3.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
worker3.vm.hostname = "worker3"
worker3.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "2048"
v.vmx["displayname"] = "K8S Worker Node 3"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
worker3.vm.provision "shell", path: "add-worker-node/prepare-add-worker.sh"
worker3.vm.provision "shell", path: "import-pub-key.sh"
end
config.vm.define "master1" do |master1|
master1.vm.box = "rockylinux/9"
master1.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
master1.vm.hostname = "master1"
master1.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "4096"
v.vmx["displayname"] = "K8S Master Node 1"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
master1.vm.provision "shell", path: "prepare.sh"
master1.vm.provision "shell", path: "import-pub-key.sh"
master1.vm.provision "shell", path: "import-private-key.sh"
master1.vm.provision "shell", path: "k8s-master-config.sh"
master1.vm.provision "shell", path: "k8s-kubespray-deploy.sh"
master1.vm.provision "shell", path: "k8s-dashboard-config.sh"
master1.vm.provision "add-worker-node", type: "shell", path: "add-worker-node/k8s-add-worker-node.sh", run: "never"
end
end
add-worker-node\prepare-add-worker.sh
#!/bin/bash
echo -e "\n1. Set IP tĩnh\n"
# Lấy tên Card mạng
NIC=$(ip a | grep ^2 | cut -f2 -d' ' | cut -f1 -d':')
# Lấy tên Connection
CONN=$(nmcli -g GENERAL.CONNECTION device show $NIC)
# Lấy địa chỉ IP
IP=$(hostname -I | cut -f1 -d' ')
# Lấy Subnet
SUBNET=$(ip -o -f inet addr show | awk '/scope global/ {print $4}' | cut -f2 -d'/')
# Lấy IP Gateway
GW=$(ip route | grep ^default | cut -f3 -d' ')
# Set IP tĩnh
nmcli connection modify "$CONN" ipv4.addresses ${IP}/${SUBNET}
nmcli connection modify "$CONN" ipv4.gateway $GW
# VMware Workstation chạy card mạng NAT --> DNS Server = Gateway IP
nmcli connection modify "$CONN" ipv4.dns $GW
nmcli connection modify "$CONN" ipv4.method manual
nmcli connection down "$CONN"
nmcli connection up "$CONN"
echo -e "\n2. Ghi IP vào Ansible Inventory\n"
# Thêm IP vào Ansible Inventory
sed -i "s/${HOSTNAME}_ip/${IP}/g" /vagrant/inventory_template/4hosts.yml
sed -i "s/${HOSTNAME}_ip/${IP}/g" /vagrant/inventory_template/5hosts.yml
echo -e "\n3. Ghi IP để gán vào URL K8S Dashboard + show thông tin Deploy app\n"
echo "$HOSTNAME=$IP" >> /vagrant/ip_list.txt
echo -e "\n4. Tắt SELinux\n"
setenforce 0
grubby --update-kernel ALL --args selinux=0
# END
add-worker-node\k8s-add-worker-node.sh
#!/bin/bash
cd ~/kubespray
cp /vagrant/inventory_template/4hosts.yml inventory/mycluster/
ansible-playbook -i inventory/mycluster/4hosts.yml cluster.yml --limit worker3 --private-key=~/.ssh/private_key_rsa
# END
add-master-node\Vagrantfile
Vagrant.configure("2") do |config|
config.vm.define "worker1" do |worker1|
worker1.vm.box = "rockylinux/9"
worker1.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
worker1.vm.hostname = "worker1"
worker1.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "2048"
v.vmx["displayname"] = "K8S Worker Node 1"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
worker1.vm.provision "shell", path: "prepare.sh"
worker1.vm.provision "shell", path: "gen-key-pair.sh"
worker1.vm.provision "shell", path: "import-pub-key.sh"
end
config.vm.define "worker2" do |worker2|
worker2.vm.box = "rockylinux/9"
worker2.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
worker2.vm.hostname = "worker2"
worker2.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "2048"
v.vmx["displayname"] = "K8S Worker Node 2"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
worker2.vm.provision "shell", path: "prepare.sh"
worker2.vm.provision "shell", path: "import-pub-key.sh"
end
config.vm.define "worker3" do |worker3|
worker3.vm.box = "rockylinux/9"
worker3.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
worker3.vm.hostname = "worker3"
worker3.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "2048"
v.vmx["displayname"] = "K8S Worker Node 3"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
worker3.vm.provision "shell", path: "add-worker-node/prepare-add-worker.sh"
worker3.vm.provision "shell", path: "import-pub-key.sh"
end
config.vm.define "master2" do |master2|
master2.vm.box = "rockylinux/9"
master2.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
master2.vm.hostname = "master2"
master2.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "4096"
v.vmx["displayname"] = "K8S Master Node 2"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
master2.vm.provision "shell", path: "add-master-node/prepare-add-master.sh"
master2.vm.provision "shell", path: "import-pub-key.sh"
end
config.vm.define "master1" do |master1|
master1.vm.box = "rockylinux/9"
master1.vm.box_url = "https://app.vagrantup.com/rockylinux/boxes/9/versions/3.0.0/providers/vmware_desktop/amd64/vagrant.box"
master1.vm.hostname = "master1"
master1.vm.provider :vmware_workstation do |v|
v.gui = true
v.vmx["numvcpus"] = "2"
v.vmx["cpuid.coresPerSocket"] = "2"
v.vmx["memsize"] = "4096"
v.vmx["displayname"] = "K8S Master Node 1"
v.vmx["guestOS"] = "rhel9-64"
v.vmx['ethernet0.connectionType'] = 'nat'
end
master1.vm.provision "shell", path: "prepare.sh"
master1.vm.provision "shell", path: "import-pub-key.sh"
master1.vm.provision "shell", path: "import-private-key.sh"
master1.vm.provision "shell", path: "k8s-master-config.sh"
master1.vm.provision "shell", path: "k8s-kubespray-deploy.sh"
master1.vm.provision "shell", path: "k8s-dashboard-config.sh"
master1.vm.provision "add-worker-node", type: "shell", path: "add-worker-node/k8s-add-worker-node.sh", run: "never"
master1.vm.provision "add-master-node", type: "shell", path: "add-master-node/k8s-add-master-node.sh", run: "never"
master1.vm.provision "deploy-app-cli", type: "shell", path: "deploy-app-cli/deploy-cli.sh", run: "never"
master1.vm.provision "connect-app-deployed-cli", type: "shell", path: "deploy-app-cli/connect-web-deployed-cli.sh", run: "never"
master1.vm.provision "deploy-app-yaml", type: "shell", path: "deploy-app-yaml/deploy-yaml-cli.sh", run: "never"
master1.vm.provision "connect-app-deployed-yaml", type: "shell", path: "deploy-app-yaml/connect-web-deployed-yaml.sh", run: "never"
end
end
add-master-node\prepare-add-master.sh
#!/bin/bash
echo -e "\n1. Set IP tĩnh\n"
# Lấy tên Card mạng
NIC=$(ip a | grep ^2 | cut -f2 -d' ' | cut -f1 -d':')
# Lấy tên Connection
CONN=$(nmcli -g GENERAL.CONNECTION device show $NIC)
# Lấy địa chỉ IP
IP=$(hostname -I | cut -f1 -d' ')
# Lấy Subnet
SUBNET=$(ip -o -f inet addr show | awk '/scope global/ {print $4}' | cut -f2 -d'/')
# Lấy IP Gateway
GW=$(ip route | grep ^default | cut -f3 -d' ')
# Set IP tĩnh
nmcli connection modify "$CONN" ipv4.addresses ${IP}/${SUBNET}
nmcli connection modify "$CONN" ipv4.gateway $GW
# VMware Workstation chạy card mạng NAT --> DNS Server = Gateway IP
nmcli connection modify "$CONN" ipv4.dns $GW
nmcli connection modify "$CONN" ipv4.method manual
nmcli connection down "$CONN"
nmcli connection up "$CONN"
echo -e "\n2. Ghi IP vào Ansible Inventory\n"
# Thêm IP vào Ansible Inventory
sed -i "s/${HOSTNAME}_ip/${IP}/g" /vagrant/inventory_template/5hosts.yml
echo -e "\n3. Tắt SELinux\n"
setenforce 0
grubby --update-kernel ALL --args selinux=0
# END
add-master-node\k8s-add-master-node.sh
#!/bin/bash
cd ~/kubespray
cp /vagrant/inventory_template/5hosts.yml inventory/mycluster/
ansible-playbook -i inventory/mycluster/5hosts.yml cluster.yml --private-key=~/.ssh/private_key_rsa
inventory_template\3hosts.yml
all:
hosts:
master1:
ansible_host: master1_ip
ip: master1_ip
access_ip: master1_ip
worker1:
ansible_host: worker1_ip
ip: worker1_ip
access_ip: worker1_ip
worker2:
ansible_host: worker2_ip
ip: worker2_ip
access_ip: worker2_ip
children:
kube_control_plane:
hosts:
master1:
kube_node:
hosts:
worker1:
worker2:
etcd:
hosts:
master1:
k8s_cluster:
children:
kube_control_plane:
kube_node:
calico_rr:
hosts: {}
inventory_template\4hosts.yml
all:
hosts:
master1:
ansible_host: master1_ip
ip: master1_ip
access_ip: master1_ip
worker1:
ansible_host: worker1_ip
ip: worker1_ip
access_ip: worker1_ip
worker2:
ansible_host: worker2_ip
ip: worker2_ip
access_ip: worker2_ip
worker3:
ansible_host: worker3_ip
ip: worker3_ip
access_ip: worker3_ip
children:
kube_control_plane:
hosts:
master1:
kube_node:
hosts:
worker1:
worker2:
worker3:
etcd:
hosts:
master1:
k8s_cluster:
children:
kube_control_plane:
kube_node:
calico_rr:
hosts: {}
inventory_template\5hosts.yml
all:
hosts:
master1:
ansible_host: master1_ip
ip: master1_ip
access_ip: master1_ip
master2:
ansible_host: master2_ip
ip: master2_ip
access_ip: master2_ip
worker1:
ansible_host: worker1_ip
ip: worker1_ip
access_ip: worker1_ip
worker2:
ansible_host: worker2_ip
ip: worker2_ip
access_ip: worker2_ip
worker3:
ansible_host: worker3_ip
ip: worker3_ip
access_ip: worker3_ip
children:
kube_control_plane:
hosts:
master1:
master2:
kube_node:
hosts:
worker1:
worker2:
worker3:
etcd:
hosts:
master1:
k8s_cluster:
children:
kube_control_plane:
kube_node:
calico_rr:
hosts: {}
deploy-app-cli\deploy-cli.sh
#!/bin/bash
kubectl create deployment nginx-webserver --image=nginx --replicas=3
kubectl expose deployment nginx-webserver --type NodePort --port=80
kubectl get deployments.apps
kubectl get pods
kubectl get svc nginx-webserver
# END
deploy-app-cli\connect-web-deployed-cli.sh
#!/bin/bash
echo -e "\nCoi App đã Deploy = CLI trên 3 Worker Node\n"
port=$(kubectl describe service nginx-webserver | grep ^NodePort | awk '{ print $3 }' | cut -f1 -d'/')
. /vagrant/ip_list.txt
# Coi Nginx web server chạy dạng NodePort trên Worker 1
echo -e "$worker1:$port\n"
curl -s "$worker1:$port" | head -4
echo -e "\n------\n";
# Coi Nginx web server chạy dạng NodePort trên Worker 2
echo -e "$worker2:$port\n";
curl -s "$worker2:$port" | head -4
echo -e "\n------\n";
# Coi Nginx web server chạy dạng NodePort trên Worker 3
echo -e "$worker3:$port\n";
curl -s "$worker1:$port" | head -4
echo -e "\n------\n";
# END
deploy-app-yaml\deploy-yaml-cli.sh
#!/bin/bash
kubectl apply -f /vagrant/deploy-app-yaml/apache-webserver.yaml
kubectl get svc apache-webserver
# END
deploy-app-yaml\connect-web-deployed-yaml.sh
#!/bin/bash
echo -e "\nCoi App đã Deploy = YAML trên 3 Worker Node\n"
source /vagrant/ip_list.txt
echo -e "$worker1:30409\n";
curl -s $worker1:30409 | head -4;
echo -e "\n------\n";
echo -e "$worker2:30409\n";
curl -s $worker2:30409 | head -4;
echo -e "\n------\n";
echo -e "$worker3:30409\n";
curl -s $worker3:30409 | head -4;
echo -e "\n------\n";
# END
deploy-app-yaml\apache-webserver.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: apache-webserver
labels:
app: web
spec:
selector:
matchLabels:
app: web
replicas: 3
template:
metadata:
labels:
app: web
spec:
containers:
- name: apache-webserver
image: httpd
ports:
- containerPort: 80
---
kind: Service
apiVersion: v1
metadata:
name: apache-webserver
labels:
app: apache-webserver
spec:
type: NodePort
selector:
app: web
ports:
- nodePort: 30409
port: 8080
targetPort: 80