Kubernetes/CKA
Scheduling - Static PODs
Ju Young Pang
2025. 3. 17. 11:33
Static Pod이란?
Static Pod은 Kubernetes API 서버와 상관없이 Kubelet이 직접 관리하는 파드다.
/etc/kubernetes/manifests/ 경로에서 YAML 파일을 통해 정의됨
Q) How many static pods exist in this cluster in all namespaces?
A) 4
controlplane ~ ✖ cd /etc/kubernetes/manifests/
controlplane /etc/kubernetes/manifests ➜ ls -alt
total 28
drwxrwxr-x 1 root root 4096 Mar 17 02:01 .
-rw------- 1 root root 2559 Mar 17 02:01 etcd.yaml
-rw------- 1 root root 3893 Mar 17 02:01 kube-apiserver.yaml
-rw------- 1 root root 3394 Mar 17 02:01 kube-controller-manager.yaml
-rw------- 1 root root 1656 Mar 17 02:01 kube-scheduler.yaml
drwxrwxr-x 1 root root 4096 Mar 17 02:01 ..
-rw-r--r-- 1 root root 0 Dec 11 18:39 .kubelet-keep
Q) Which of the below components is NOT deployed as a static pod?
A) coredns
Q) Which of the below components is NOT deployed as a static POD?
A) kube-proxy
Q) On which nodes are the static pods created currently?
A)
k get po -A -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-flannel kube-flannel-ds-ddg4c 1/1 Running 0 10m 192.168.129.241 node01 <none> <none>
kube-flannel kube-flannel-ds-mnrzf 1/1 Running 0 10m 192.168.58.183 controlplane <none> <none>
kube-system coredns-7484cd47db-qtqnr 1/1 Running 0 10m 172.17.0.3 controlplane <none> <none>
kube-system coredns-7484cd47db-xmr7j 1/1 Running 0 10m 172.17.0.2 controlplane <none> <none>
kube-system etcd-controlplane 1/1 Running 0 10m 192.168.58.183 controlplane <none> <none>
kube-system kube-apiserver-controlplane 1/1 Running 0 10m 192.168.58.183 controlplane <none> <none>
kube-system kube-controller-manager-controlplane 1/1 Running 0 10m 192.168.58.183 controlplane <none> <none>
kube-system kube-proxy-94jr7 1/1 Running 0 10m 192.168.129.241 node01 <none> <none>
kube-system kube-proxy-hwv8b 1/1 Running 0 10m 192.168.58.183 controlplane <none> <none>
kube-system kube-scheduler-controlplane 1/1 Running 0 10m 192.168.58.183 controlplane <none> <none>
Q) What is the path of the directory holding the static pod definition files?
A) /etc/kubernetes/manifests
Q) What is the path of the directory holding the static pod definition files?
A) 4
Q) What is the docker image used to deploy the kube-api server as a static pod?
A) registry.k8s.io/kube-apiserver:v1.32.0
controlplane /etc/kubernetes/manifests ➜ vi kube-apiserver.yamlapiVersion: v1
kind: Pod
metadata:
annotations:
kubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint: 192.168.28.34:6443
creationTimestamp: null
labels:
component: kube-apiserver
tier: control-plane
name: kube-apiserver
namespace: kube-system
spec:
containers:
- command:
- kube-apiserver
- --advertise-address=192.168.28.34
- --allow-privileged=true
- --authorization-mode=Node,RBAC
- --client-ca-file=/etc/kubernetes/pki/ca.crt
- --enable-admission-plugins=NodeRestriction
- --enable-bootstrap-token-auth=true
- --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt
- --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt
- --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
- --etcd-servers=https://127.0.0.1:2379
- --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
- --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key
- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
- --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt
- --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key
- --requestheader-allowed-names=front-proxy-client
- --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
- --requestheader-extra-headers-prefix=X-Remote-Extra-
- --requestheader-group-headers=X-Remote-Group
- --requestheader-username-headers=X-Remote-User
- --secure-port=6443
- --service-account-issuer=https://kubernetes.default.svc.cluster.local
- --service-account-key-file=/etc/kubernetes/pki/sa.pub
- --service-account-signing-key-file=/etc/kubernetes/pki/sa.key
- --service-cluster-ip-range=172.20.0.0/16
- --tls-cert-file=/etc/kubernetes/pki/apiserver.crt
- --tls-private-key-file=/etc/kubernetes/pki/apiserver.key
image: registry.k8s.io/kube-apiserver:v1.32.0
imagePullPolicy: IfNotPresent
# 생략
Q) Create a static pod named static-busybox that uses the busybox image and the command sleep 1000
A)
controlplane /etc/kubernetes/manifests ➜ k run static-busybox --image=busybox --dry-run=client -o yaml --command -- sleep 1000 > busybox.yamlp.s. yaml만 만들면 자동으로 생성됨
Q) Edit the image on the static pod to use busybox:1.28.4
A)
controlplane /etc/kubernetes/manifests ➜ vi busybox.yamlapiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: static-busybox
name: static-busybox
spec:
containers:
- command:
- sleep
- "1000"
# image: busybox
image: busybox:1.28.4
name: static-busybox
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}controlplane /etc/kubernetes/manifests ➜ k get po | grep busybox
static-busybox-controlplane 1/1 Running 0 2m31s
controlplane /etc/kubernetes/manifests ➜ k delete po static-busybox-controlplane
pod "static-busybox-controlplane" deleted
Q) We just created a new static pod named static-greenbox. Find it and delete it.
This question is a bit tricky. But if you use the knowledge you gained in the previous questions in this lab, you should be able to find the answer to it.
A)
중요: controlplane이 아니면 /etc/kubernetes/manifests가 아닐수도 있음
kubelet configuration file 확인 필요
# static pod의 node 찾기
controlplane ~ ➜ k get po -A -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
default static-busybox-controlplane 1/1 Running 0 2m36s 172.17.0.5 controlplane <none> <none>
default static-greenbox-node01 1/1 Running 0 2m20s 172.17.1.2 node01 <none> <none>
kube-flannel kube-flannel-ds-5xvzb 1/1 Running 0 17m 192.168.129.222 node01 <none> <none>
kube-flannel kube-flannel-ds-n2xnv 1/1 Running 0 17m 192.168.28.34 controlplane <none> <none>
kube-system coredns-7484cd47db-q6rrr 1/1 Running 0 17m 172.17.0.2 controlplane <none> <none>
kube-system coredns-7484cd47db-wp86f 1/1 Running 0 17m 172.17.0.3 controlplane <none> <none>
kube-system etcd-controlplane 1/1 Running 0 18m 192.168.28.34 controlplane <none> <none>
kube-system kube-apiserver-controlplane 1/1 Running 0 18m 192.168.28.34 controlplane <none> <none>
kube-system kube-controller-manager-controlplane 1/1 Running 0 18m 192.168.28.34 controlplane <none> <none>
kube-system kube-proxy-8hc6f 1/1 Running 0 17m 192.168.129.222 node01 <none> <none>
kube-system kube-proxy-sf9kw 1/1 Running 0 17m 192.168.28.34 controlplane <none> <none>
kube-system kube-scheduler-controlplane 1/1 Running 0 18m 192.168.28.34 controlplane <none> <none>
# node01임
controlplane ~ ➜ ssh node01
Welcome to Ubuntu 22.04.4 LTS (GNU/Linux 5.15.0-1075-gcp x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/pro
This system has been minimized by removing packages and content that are
not required on a system that users do not log into.
To restore this content, you can run the 'unminimize' command.
Last login: Mon Mar 17 02:28:05 2025 from 192.168.28.34
# 무조건 /etc/kubernetes/manifests 가 아닐수도 있음. kubelet configuration 파일 확인 필요
node01 ~ ➜ ps -ef | grep kubelet
root 10116 1 0 02:24 ? 00:00:03 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --container-runtime-endpoint=unix:///var/run/containerd/containerd.sock --pod-infra-container-image=registry.k8s.io/pause:3.10
root 13387 12910 0 02:29 pts/0 00:00:00 grep kubelet
node01 ~ ➜ grep -i staticpod /var/lib/kubelet/config.yaml
staticPodPath: /etc/just-to-mess-with-you
# grep -i : 대소문자 구문 없이 찾는 옵션
# static pod path - /etc/just-to-mess-with-you
node01 ~ ➜ cd /etc/just-to-mess-with-you/
node01 /etc/just-to-mess-with-you ➜ ls -alt
total 16
drwxr-xr-x 2 root root 4096 Mar 17 02:24 .
-rw-r--r-- 1 root root 301 Mar 17 02:24 greenbox.yaml
drwxr-xr-x 1 root root 4096 Mar 17 02:24 ..
node01 /etc/just-to-mess-with-you ➜ rm greenbox.yamlp.s. yaml만 지우면 없어짐