[태그:] 가상화

작성일자

Kubernetes #2-2. 사전작업 – docker 설정 (offline, 폐쇄망)

[Kubernetes #1. 사전작업 (offline, 폐쇄망)]
[Kubernetes #2-2. 사전작업 – 컨테이너 런타임 (offline, 폐쇄망)]
[Kubernetes #2-2. 사전작업 – docker 설정 (offline, 폐쇄망)]
[Kubernetes #3. Kubernetes 바이너리 설치 (offline, 폐쇄망)]
[Kubernetes #4. Kubernetes 클러스터 구축 – image pull (offline, 폐쇄망)]
[Kubernetes #4-2. Kubernetes 클러스터 구축 – 단일 마스터노드 생성 (offline, 폐쇄망)]
[Kubernetes #4-3. Kubernetes 클러스터 구축 – worker node join (offline, 폐쇄망)]

망분리 환경에서 proxy등을 통한 외부 연결이 가능하거나, 망 내부적으로 proxy를 통해 통신하는 경우 proxy 설정이 필요하다.
linux OS 레벨에서는 .bash_profile 등에 proxy 변수를 등록하는 것으로 처리가 가능하지만 docker 런타임은 별도로 proxy 정보를 정의해 줘야 한다

이 포스트의 작업은 쿠버네티스 클러스터에 포함하는 모든 노드에서 수행해야 한다.

     

Docker Proxy 설정

서비스 설정 (docker login 등의 작업 에 사용된다.)

[haedong@haedong:~:]$ sudo /lib/systemd/system/docker.service
전략...
# [service] 섹션에 아래 추가
Environment="HTTP_PROXY=http://120.121.122.123:8080" 
Environment="HTTPS_PROXY=https://120.121.122.123:8080" 
Environment="NO_PROXY=.haedong.net,localhost,127.0.0.1/8,192.168.0.0/16,.local" 
[haedong@haedong:~:]$ sudo systemctl daemon-reload
[haedong@haedong:~:]$ sudo systemctl restart docker.service

컨테이너 설행 시 변수로 전달

[haedong@haedong:~]$ docker run \
-e http_proxy=http://120.121.122.123:8080 \
-e https_proxy https://120.121.122.123:8080 \
-e no_proxy .haedong.net,localhost,127.0.0.1/8,192.168.0.0/16,.local \
CONTAINER_NAME

이미지 빌드 시 포함

ENV PATH /home/haedong/bin:$PATH
ENV LD_LIBRARY_PATH /lib:/lib64:$LD_LIBRARY_PATH
...중략...
# 아래 내용 추가
ENV http_proxy http://120.121.122.123:8080
ENV https_proxy https://120.121.122.123:8080
ENV no_proxy .haedong.net,localhost,127.0.0.1/8,192.168.0.0/16,.local

     

Docker root directory 변경

pull 한 image나 컨테이너 임시 데이터 등이 저장되는 디렉토리이다. 기본 값은 /var/lib/docker 인데, /var directory가 포함된 파티션의 크기가 작거나 하는 경우 disk full 로 인해 문제를 야기할 수 있다.

현재 docker root 확인

docker info | grep "Docker Root Dir" 

 Docker Root Dir: /var/lib/docker

#docker volume inspect my-vol

준비

docker root dirctory로 사용할 디스크를 확정하고 파티션 생성, 마운트 등의 작업을 마친다.
sudo systemctl stop docker.service 명령으로 서비스를 중지하고(시간이 걸릴 수 있다. 프로세스가 완전히 사라졌는지 확인하도록 하자) 이전의 docker 파일들을 대상 디렉토리로 복사한다.

mkdir /data
cp -rp /var/lib/docker /data

     

서비스 수정

sudo vi /usr/lib/systemd/system/docker.service
# Service 섹션에 ExecStart= 로 시작하는 줄을 수정한다.
# ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --data-root=/data
sudo systemctl daemon-reload
sudo systemctl restart docker.service

     

cgroup driver 변경

현재 상태 확인

sudo docker info | grep cgroup
 Cgroup Driver: cgroupfs

서비스 수정

sudo vi /etc/systemd/system/docker.service

# ExecStart 로 시작하는 줄에  --exec-opt native.cgroupdriver=systemd 추가
# ExecStart=/usr/bin/dockerd -g /home/data/ -H fd:// --containerd=/run/containerd/containerd.sock
ExecStart=/usr/bin/dockerd -g /home/data/ -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd

sudo systemctl daemon-reload
sudo systemctl restart docker.service
작성일자

Kubernetes #2-2. 사전작업 – 컨테이너 런타임 (offline, 폐쇄망)

[Kubernetes #1. 사전작업 (offline, 폐쇄망)]
[Kubernetes #2-2. 사전작업 – 컨테이너 런타임 (offline, 폐쇄망)]
[Kubernetes #2-2. 사전작업 – docker 설정 (offline, 폐쇄망)]
[Kubernetes #3. Kubernetes 바이너리 설치 (offline, 폐쇄망)]
[Kubernetes #4. Kubernetes 클러스터 구축 – image pull (offline, 폐쇄망)]
[Kubernetes #4-2. Kubernetes 클러스터 구축 – 단일 마스터노드 생성 (offline, 폐쇄망)]
[Kubernetes #4-3. Kubernetes 클러스터 구축 – worker node join (offline, 폐쇄망)]

쿠버네티스는 ‘컨테이너를 관리’ 하는 녀석이다. 즉, 쿠버네티스만으로는 아무 것도 할 수 없다는 이야기. 컨테이너 실행을 위해 런타임이 필요하다. Docker, Containerd, CRI-O 등이 있다.
이 포스트에서는 docker를 기준으로 설명한다.

외부에서 repo 파일을 다운로드 받아서 폐쇄망의 클러스터에 복사하거나, –downloadonly 등의 옵션으로 패키지를 다운로드 해서 복사 한다음 설치해야 한다.

이 포스트의 작업은 쿠버네티스 클러스터에 포함하는 모든 노드에서 수행해야 한다.

 

이전 버전의 docker 제거

CentOS (CentOS7 기준)

sudo yum remove docker docker-client docker-client-latest docker-common \
                  docker-latest docker-latest-logrotate docker-logrotate docker-engine

Ubuntu (Ubuntu18 기준)

sudo apt-get remove docker docker-engine docker.io containerd runc

 

설치를 위한 패키지와 repository 등록

CentOS

sudo yum install -y yum-utils
# yum-config-manager를 위한 패키지

sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
# yum-utils 패키지 설치를 생략하고 docker-ce.repo 파일을 다운로드 받아서 /etc/yum.repos.d/에 복사해도 된다.

sudo yum clean all
# yum 캐시 정리 캐시 파일이 너무 크거나 문제가 있는 경우 sudo rm -rf /var/cache/yum 명령 수행

sudo yum repolist
# 패키지 목록 업데이트

Ubuntu

sudo apt-get update
# apt 패키지 목록 업데이트

sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
# 패키지 설치 및 rpository 업데이트 등을 위한 패키지 설치

sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
# gpg key 등록

sudo echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# docker repository 등록

sudo apt-get update

 

Docker 엔진설치

CentOS

sudo yum -y install docker-ce docker-ce-cli containerd.io

Ubuntu

sudo apt-get install docker-ce docker-ce-cli containerd.io

 

서비스 시작 및 활성화

CentOS / Ubuntu 동일

sudo systemctl enable docker.service
# 서비스 활성화 (부팅 시 자동 시작)

sudo systemctl start docker.service
# 서비스 시작

 

특정 버전을 설치하자 하는 경우

# CentOS
yum list docker-ce --showduplicates | sort -r
 sudo yum install docker-ce-<VERSION_STRING> docker-ce-cli- containerd.io

	
#Ubuntu
apt-cache madison docker-ce
 docker-ce | 5:20.10.8~3-0~ubuntu-bionic | https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
 docker-ce | 5:20.10.7~3-0~ubuntu-bionic | https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
 docker-ce | 5:20.10.6~3-0~ubuntu-bionic | https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
 docker-ce | 5:20.10.5~3-0~ubuntu-bionic | https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
 docker-ce | 5:20.10.4~3-0~ubuntu-bionic | https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
 docker-ce | 5:20.10.3~3-0~ubuntu-bionic | https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
 docker-ce | 5:20.10.2~3-0~ubuntu-bionic | https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
 docker-ce | 5:20.10.1~3-0~ubuntu-bionic | https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
 docker-ce | 5:20.10.0~3-0~ubuntu-bionic | https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages
...후략
출력되는 목록에서 버전 확인 후 설치
sudo apt-get install docker-ce= docker-ce-cli= containerd.io
작성일자

kubernetes #4. docker compse 설치

Compose는 다중 컨테이너 Docker 애플리케이션을 정의하고 실행하기 위한 도구로써 Compose에서는 YAML 파일을 사용하여 애플리케이션 서비스를 구성하고 단일 명령으로 구성에서 모든 서비스를 만들고 시작할 수 있도록 한다.

“For alpine, the following dependency packages are needed: py-pippython3-devlibffi-devopenssl-devgcclibc-devrustcargo and make. “1 yum을 이용할 경우 패키지의 이름이 다르다. 아래 명령줄을 참고하자.라고 한다. 관련 패키지를 설치한다. 

haedong@kubesphere-01:~:]$ sudo yum install python-pip python3-devel libffi-devel openssl-devel gcc libc-devel rust cargo  make
...중략...
  Verifying  : redhat-rpm-config-9.1.0-88.el7.centos.noarch                                                                                                                                                                                                                                29/29

Installed:
  cargo.x86_64 0:1.53.0-1.el7                libffi-devel.x86_64 0:3.0.13-19.el7                openssl-devel.x86_64 1:1.0.2k-19.el7                python2-pip.noarch 0:8.1.2-14.el7                python3-devel.x86_64 0:3.6.8-17.el7                rust.x86_64 0:1.53.0-1.el7
Dependency Installed:
  dwz.x86_64 0:0.11-3.el7             keyutils-libs-devel.x86_64 0:1.5.8-3.el7 krb5-devel.x86_64 0:1.15.1-50.el7       libcom_err-devel.x86_64 0:1.42.9-19.el7 libkadm5.x86_64 0:1.15.1-50.el7           libselinux-devel.x86_64 0:2.5-15.el7 
...중략...
Complete!

설치
공식 홈페이지의 가이드는 

haedong@kubesphere-01:~:]$ sudo curl -k -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (35) TCP connection reset by peer

이지만…… 왜인지 안된다. 그냥 다운로드 하자. 2여기에서 버전 정보를 확인할 수 있다.

haedong@kubesphere-01:~:]$ wget --no-check-certificate https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64
--2021-08-26 15:52:24--  https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64
Saving to: ‘docker-compose-Linux-x86_64’
100%[=======================================================================================================================================================================================================================================================>] 12,737,304  3.61MB/s   in 3.7s
2021-08-26 15:52:29 (3.29 MB/s) - ‘docker-compose-Linux-x86_64’ saved [12737304/12737304]

/usr/local/bin 경로로 파일 이동 후 권한 변경

haedong@kubesphere-01:~:]$ sudo mv docker-compose-Linux-x86_64 /usr/local/bin/docker-compose
haedong@kubesphere-01:~:]$ sudo chmod +x /usr/local/bin/docker-compose
haedong@kubesphere-01:~:]$ docker-compose
Define and run multi-container applications with Docker.
Usage:
  docker-compose [-f <arg>...] [--profile <name>...] [options] [--] [COMMAND] [ARGS...]
  docker-compose -h|--help
Options:
...후략

※ /usr/local/bin 디렉토리가 $PATH 에 포함되어있지 않다면 추가 해야 한다. /etc/profile (모든 사용자에 적용) ~/.bash_profile의 $PATH 에 위 경로를 추가하자.

haedong@kubesphere-01:~:]$ sudo echo export PATH=$PATH:/usr/local/bin >> ~/.bash_profile
haedong@kubesphere-01:~:]$ source ~/.bash_profile
작성일자

kubernetes #3. 일반 사용자 계정으로 docker 관리

docker 그룹 생성

haedong@kubesphere-02:~:]$ sudo groupadd docker

docker 그룹에 속하는 사용자 생성

haedong@kubesphere-02:~:]$ sudo usermod -aG docker haedong

자동으로 생성되는 .docker 디렉토리 권한 변경

그룹 조정 이후 docker run $DOCKER_NAME 을 수행하면 에러메시지가 발생된다. 자동으로 생성되는 디렉토리 권한 문제로써 다음 명령으로 권한을 조정한다.

 haedong@kubesphere-02:~:]$  sudo chown "$USER":"$USER" /home/"$USER"/.docker -R
 haedong@kubesphere-02:~:]$  sudo chmod g+rwx "$HOME/.docker" -R
작성일자

kubernetes #1. container runtime 설치

kubernetes1그리스어로 조타수(키잡이)를 의미한다.
오픈소스 기반의 컨테이너화 된 애플리케이션의 자동 디플로이, 스케일링 등을 제공하는 관리 시스템이다. 궁극적 목적은 여러 클러스터의 호스트 간 애플리케이션 컨테이너의 배치, 스케일링, 운영자동화 등을 위한 플랫폼 제공이다. 2위키백과 발췌

쿠버네티스 관리를 위한 도구이므로 쿠버네티스가 필요하다.

kubernetes 설치
https://dl.k8s.io/release/stable.txt에 최근 안정 버전 정보가 적혀있다.
글 작성일 기준으로 v1.22.1 이다. 아래 명령줄의 괄호 안 curl 명령을 v1.22.1로 치환해도 무방하다. (-k 옵션은 인증서 검증 생략 옵션이다.)

haedong@haedong:~:]$ curl -LO -k "https://dl.k8s.io/release/$(curl -L -s -k https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0   154    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
100 44.7M  100 44.7M    0     0  4892k      0  0:00:09  0:00:09 --:--:-- 10.3M
또는
haedong@haedong:~:]$ curl -LO -k "https://dl.k8s.io/release/v1.22.1/bin/linux/amd64/kubectl"
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0   154    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
100 44.7M  100 44.7M    0     0  4004k      0  0:00:11  0:00:11 --:--:-- 6095k

다운로드한 파일 검증 

haedong@haedong:~:]$ curl -LO "https://dl.k8s.io/$(curl -L -s   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0   154    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100    64  100    64    0     0     52      0  0:00:01  0:00:01 --:--:--    52
haedong@haedong:~:]$ echo "$(<kubectl.sha256) kubectl" | sha256sum --check
kubectl: 성공

kubectl 설치

haedong@haedong:~:]$ sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
[sudo] haedong의 암호:
haedong@haedong:~:]$ ll /usr/local/bin/ | grep kubectl
-rwxr-xr-x 1 root root 46907392  8월 24 15:06 kubectl
haedong@haedong:~:]$ kubectl version --client
Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.1", GitCommit:"632ed300f2c34f6d6d15ca4cef3d3c7073412212", GitTreeState:"clean", BuildDate:"2021-08-19T15:45:37Z", GoVersion:"go1.16.7", Compiler:"gc", Platform:"linux/amd64"}

컨테이너 런타임 설치

containerd

haedong@haedong:~:]$ sudo vi /etc/modules-load.d/containerd.conf
# 아래 내용을 붙여 넣는다.
overlay
br_netfilter
haedong@haedong:~:]$ sudo modprobe overlay
haedong@haedong:~:]$ sudo modprobe br_netfilter
haedong@haedong:~:]$ sudo vi /etc/sysctl.d/99-kubernetes-cri.conf
# 아래 내용을 붙여 넣는다.
net.bridge.bridge-nf-call-iptables  = 1
net.ipv4.ip_forward                 = 1
net.bridge.bridge-nf-call-ip6tables = 1
haedong@haedong:~:]$ sudo sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-kubernetes-cri.conf ...
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
net.ipv4.conf.all.arp_notify = 1
* Applying /etc/sysctl.conf ...
net.ipv4.conf.all.arp_notify = 1

설치

Centos-Base repository 활성화
기본적으로 활성화 되어있지만, local repository를 구축했거나, 비활성화 했다면 활성화 해야 한다.

haedong@haedong:~:]$ sudo vi /etc/yum.repos.d/bak/CentOS-Base.repo
# [extras] 꼭지의 enabled 값이 0이라면 1로 수정한다.
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

#released updates
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7


Docker 리포지터리 추가
rpm 파일들을 다운로드한 뒤 여기여기를 참고하여 로컬 리포지터리를 구축해도 된다.

haedong@haedong:~:]$ sudo sudo yum install -y yum-utils
haedong@haedong:~:]$ sudo sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

오래된 버전의 docker 관련 패키지 삭제

haedong@haedong:~:]$ sudo sudo sudo yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine

Docker engine 설치 3자세한 설치 관련 내용은 docker 홈페이지를 참고.

haedong@haedong:/home:]$ sudo yum install docker-ce docker-ce-cli containerd.io
Loaded plugins: fastestmirror
...중략...
---> Package fuse3-libs.x86_64 0:3.6.1-4.el7 will be installed
---> Package libsemanage-python.x86_64 0:2.5-14.el7 will be installed
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
---> Package setools-libs.x86_64 0:3.3.8-4.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================================================================================================================================
 Package                                            Arch                            Version                                             Repository                                   Size
==========================================================================================================================================================================================
Installing:
 containerd.io                                      x86_64                          1.4.9-3.1.el7                                       docker                                       30 M
 docker-ce                                          x86_64                          3:20.10.8-3.el7                                     docker                                       23 M
 docker-ce-cli                                      x86_64                          1:20.10.8-3.el7                                     docker                                       29 M
...중략...
 slirp4netns                                        x86_64                          0.4.3-4.el7_8                                       local_centos-extra                           81 k
Transaction Summary
==========================================================================================================================================================================================
Install  3 Packages (+13 Dependent packages)
Total download size: 96 M
...중략...
(16/16): setools-libs-3.3.8-4.el7.x86_64.rpm                                                                                                                       | 620 kB  00:00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
...중략...
  Verifying  : libcgroup-0.41-21.el7.x86_64                                                                                                                                         16/16
Installed:
  containerd.io.x86_64 0:1.4.9-3.1.el7                           docker-ce.x86_64 3:20.10.8-3.el7                           docker-ce-cli.x86_64 1:20.10.8-3.el7
...중략...
Complete!

Docker 서비스 시작

haedong@haedong:/home:]$ sudo systemctl start docker.service

컨테이너 런타임 설치

containerd 설치

haedong@haedong:/home:]$ sudo mkdir -p /etc/containerd
haedong@haedong:/home:]$ containerd config default | sudo tee /etc/containerd/config.toml
version = 2
root = "/var/lib/containerd"
state = "/run/containerd"
plugin_dir = ""
disabled_plugins = []
required_plugins = []
oom_score = 0

[grpc]
  address = "/run/containerd/containerd.sock"
  tcp_address = ""
  tcp_tls_cert = ""
  tcp_tls_key = ""
  uid = 0
  gid = 0
  max_recv_message_size = 16777216
  max_send_message_size = 16777216

[ttrpc]
  address = ""
  uid = 0
  gid = 0

[debug]
  address = ""
  uid = 0
  gid = 0
  level = ""

[metrics]
  address = ""
  grpc_histogram = false

[cgroup]
  path = ""

[timeouts]
  "io.containerd.timeout.shim.cleanup" = "5s"
  "io.containerd.timeout.shim.load" = "5s"
  "io.containerd.timeout.shim.shutdown" = "3s"
  "io.containerd.timeout.task.state" = "2s"

[plugins]
  [plugins."io.containerd.gc.v1.scheduler"]
    pause_threshold = 0.02
    deletion_threshold = 0
    mutation_threshold = 100
    schedule_delay = "0s"
    startup_delay = "100ms"
  [plugins."io.containerd.grpc.v1.cri"]
    disable_tcp_service = true
    stream_server_address = "127.0.0.1"
    stream_server_port = "0"
    stream_idle_timeout = "4h0m0s"
    enable_selinux = false
    selinux_category_range = 1024
    sandbox_image = "k8s.gcr.io/pause:3.2"
    stats_collect_period = 10
    systemd_cgroup = false
    enable_tls_streaming = false
    max_container_log_line_size = 16384
    disable_cgroup = false
    disable_apparmor = false
    restrict_oom_score_adj = false
    max_concurrent_downloads = 3
    disable_proc_mount = false
    unset_seccomp_profile = ""
    tolerate_missing_hugetlb_controller = true
    disable_hugetlb_controller = true
    ignore_image_defined_volumes = false
    [plugins."io.containerd.grpc.v1.cri".containerd]
      snapshotter = "overlayfs"
      default_runtime_name = "runc"
      no_pivot = false
      disable_snapshot_annotations = true
      discard_unpacked_layers = false
      [plugins."io.containerd.grpc.v1.cri".containerd.default_runtime]
        runtime_type = ""
        runtime_engine = ""
        runtime_root = ""
        privileged_without_host_devices = false
        base_runtime_spec = ""
      [plugins."io.containerd.grpc.v1.cri".containerd.untrusted_workload_runtime]
        runtime_type = ""
        runtime_engine = ""
        runtime_root = ""
        privileged_without_host_devices = false
        base_runtime_spec = ""
      [plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
          runtime_type = "io.containerd.runc.v2"
          runtime_engine = ""
          runtime_root = ""
          privileged_without_host_devices = false
          base_runtime_spec = ""
          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
    [plugins."io.containerd.grpc.v1.cri".cni]
      bin_dir = "/opt/cni/bin"
      conf_dir = "/etc/cni/net.d"
      max_conf_num = 1
      conf_template = ""
    [plugins."io.containerd.grpc.v1.cri".registry]
      [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
          endpoint = ["https://registry-1.docker.io"]
    [plugins."io.containerd.grpc.v1.cri".image_decryption]
      key_model = ""
    [plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming]
      tls_cert_file = ""
      tls_key_file = ""
  [plugins."io.containerd.internal.v1.opt"]
    path = "/opt/containerd"
  [plugins."io.containerd.internal.v1.restart"]
    interval = "10s"
  [plugins."io.containerd.metadata.v1.bolt"]
    content_sharing_policy = "shared"
  [plugins."io.containerd.monitor.v1.cgroups"]
    no_prometheus = false
  [plugins."io.containerd.runtime.v1.linux"]
    shim = "containerd-shim"
    runtime = "runc"
    runtime_root = ""
    no_shim = false
    shim_debug = false
  [plugins."io.containerd.runtime.v2.task"]
    platforms = ["linux/amd64"]
  [plugins."io.containerd.service.v1.diff-service"]
    default = ["walking"]
  [plugins."io.containerd.snapshotter.v1.devmapper"]
    root_path = ""
    pool_name = ""
    base_image_size = ""
    async_remove = false

CRI-O 설치

# .conf 파일을 만들어 부팅 시 모듈을 로드한다
haedong@haedong:/home:]$ cat <<EOF | sudo tee /etc/modules-load.d/crio.conf
> overlay
> br_netfilter
> EOF
haedong@haedong:/home:]$ sudo modprobe overlay
haedong@haedong:/home:]$ sudo modprobe br_netfilter
# 요구되는 sysctl 파라미터 설정, 이 설정은 재부팅 간에도 유지된다.
haedong@haedong:/home:]$ cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
> net.bridge.bridge-nf-call-iptables  = 1
> net.ipv4.ip_forward                 = 1
> net.bridge.bridge-nf-call-ip6tables = 1
> EOF
net.bridge.bridge-nf-call-iptables  = 1
net.ipv4.ip_forward                 = 1
net.bridge.bridge-nf-call-ip6tables = 1
haedong@haedong:/home:]$ sudo sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-kubernetes-cri.conf ...
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
net.ipv4.conf.all.arp_notify = 1
* Applying /etc/sysctl.conf ...
net.ipv4.conf.all.arp_notify = 1

환경변수 설정
/etc/profile 등에 기재해도 된다.

haedong@haedong:/home:]$ export OS=CentOS_7
haedong@haedong:/home:]$ echo $OS
CentOS_7

$VERSION 을 사용자의 쿠버네티스 버전과 일치하는 CRI-O 버전으로 설정한다. 이번 예시의 경우 v1.21.2이다. 4작성일 기준으로 kubuernetes는 1.22.1이었는데 CRI-O는 1.21.2까지 존재한다. 그래서 1.22.1 이 아니고 1.21.2

haedong@haedong:/home:]$ sudo curl -L -k -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/devel:kubic:libcontainers:stable.repo
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:05 --:--:--     0
haedong@haedong:/home:]$ sudo curl -k -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$VERSION/$OS/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:00:05 --:--:--     0

환경 탓인지 포스트를 작성하는 환경에서는 정상 동작을 하지 않는다.
안되면 다운받자. 여기에서 kubic_libcontainers repo 파일을 받거나 여기에 있는 rpm 파일들을 다운받아 yum을 이용해 설치, 여기에서 kubic_libcontainers repo 파일을 받거나 여기에 있는 rpm 파일들을 다운받고 yum으로 설치. 당연히 yum repository를 만들어놓고 사용해도 된다. 

haedong@haedong:/home:]$ sudo yum -y install cri-o
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package cri-o.x86_64 0:1.21.2-4.2.el7 will be installed
...중략...
---> Package python-ipaddress.noarch 0:1.0.16-2.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================================================================================================================================
 Package                                                      Arch                         Version                                        Repository                                 Size
==========================================================================================================================================================================================
Installing:
 cri-o                                                        x86_64                       1.21.2-4.2.el7                                 libcontainers_cri-o                        25 M
...중략...
Transaction Summary
==========================================================================================================================================================================================
Install  1 Package (+19 Dependent packages)
Total download size: 67 M
Installed size: 210 M
Downloading packages:
(1/20): conmon-2.0.29-1.el7.3.2.x86_64.rpm                                                                                                                         ...중략...
(20/20): containernetworking-plugins-1.0.0-0.2.rc1.el7.6.2.x86_64.rpm                                                                                              |  39 MB  00:00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                      83 MB/s |  67 MB  00:00:00
Running transaction check
...중략...
Installed:
  cri-o.x86_64 0:1.21.2-4.2.el7
...중략...
Complete!

CRI-O 시작
※ 다음 절에서 docker 데몬을 실행할 것이므로 서비스를 시작하지 않는다.

# 다음절에서 docker 데몬을 시작할 것이므로 수행하지 않는다.
haedong@haedong:/home:]$ sudo systemctl daemon-reload
haedong@haedong:/home:]$ sudo systemctl enable crio --now
Created symlink from /etc/systemd/system/multi-user.target.wants/crio.service to /usr/lib/systemd/system/crio.service.

cgroup 드라이버 설정

haedong@haedong:/home:]$ sudo vi /etc/crio/crio.conf
# [crio.runtime] 섹션에 아래 내용을 추가한다.
conmon_cgroup = "pod"
cgroup_manager = "cgroupfs"

Docker

컨테이너 cgroup 관리에 systemd를 사용하기 위한 docker 데몬 구성

haedong@haedong:/home:]$ sudo mkdir /etc/docker
haedong@haedong:/home:]$ cat <<EOF | sudo tee /etc/docker/daemon.json
> {
>   "exec-opts": ["native.cgroupdriver=systemd"],
>   "log-driver": "json-file",
>   "log-opts": {
>     "max-size": "100m"
>   },
>   "storage-driver": "overlay2"
> }
> EOF

docker 재시작 및 서비스 설정

haedong@haedong:/home:]$ sudo systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
haedong@haedong:/home:]$ sudo systemctl daemon-reload
haedong@haedong:/home:]$ sudo systemctl restart docker
작성일자

Packstack #1 사전 작업 및 패키지 설치

※ 이 포스트는 실제 설치및 설정을 수행하면서 작성하고 있습니다. 계속 업데이트 됩니다.

Openstack #1 개요

CentOS 7 에 install 하는것으로 가정한다.
CentOS 8 Linux 설치를 참고하여 최소설치 모드로 리눅스를 설치한다.
네트워크 설정을 변경한다. (NIC는 2개 이상이 필요하다. 외부 연결용, 노드간 통신 용)
root 권한으로 해야 하는 작업이 많다. root 패스워드를 설정하거나, SuDo : SuperUser Do를 참고하여 sudo 사용 설정을 한다.
클러스터간 설치 및 통신 용의성 확보를 위해 SSH설정을 참고하여 키를 등록한다.
openstack train 기준으로 진행한다.



네트워크설정, ssh 키 설정 등이 완료 됐으면 서비스 설정을 변경한다.
openstack 클러스터의 구성 노드 모두에서 작업 해줘야 한다.

 # 노드간 통신의 용의성을 위해 방화벽 서비스를 종료한다.
[HOSTNAME:/haedong]$ sudo systemctl disable firewalld
[HOSTNAME:/haedong]$ sudo service firewalld stop

 # Network 관리 서비스인데 개인적으로 아주 고약한 녀석이다. 
 # 아무리 설정을 바꿔도 제 멋대로 설정을 덮어 써버리는 경우가 허다하므로 종료한다.
 # 어차피 네트워크는 별도로 관리해야 한다. 
[HOSTNAME:/haedong]$ sudo systemctl disable NetworkManager
[HOSTNAME:/haedong]$ sudo service NetworkManager stop

 # 만약을 위해 서비스를 재시작하고, 항상 서비스가 구동도록 설정한다.
[HOSTNAME:/haedong]$ sudo systemctl enable network
[HOSTNAME:/haedong]$ sudo service network restart

packstack1RDO project의 puppet module을 이용한 CentOS 및 Redhat linux 용 openstack 자동 배포 유틸리티이다. 관련 리포지터리 및 패키지 설치

 # 만약 epel-release 리포지터리가 추가되어있다면 삭제한다.(혹은 disable로 변경해도 된다.)
[HOSTNAME:/home/haedong]$ sudo rm /etc/yum.repos.d/epel
rm: remove 일반 파일 `epel-testing.repo'? y
rm: remove 일반 파일 `epel.repo'? y
 # packstack repo 설치
[HOSTNAME:/home/haedong:]$ sudo yum install -y https://www.rdoproject.org/repos/rdo-release.rpm
[sudo] haedong의 암호:
Loaded plugins: fastestmirror, langpacks
rdo-release.rpm                                                                                                                                               | 6.7 kB  00:00:00
Examining /var/tmp/yum-root-URQvAZ/rdo-release.rpm: rdo-release-train-1.noarch
Marking /var/tmp/yum-root-URQvAZ/rdo-release.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package rdo-release.noarch 0:train-1 will be installed
--> Finished Dependency Resolution
base/7/x86_64                                                                                                                                                 | 3.6 kB  00:00:00
Dependencies Resolved
=====================================================================================================================================================================================
 Package                                      Arch                                    Version                                    Repository                                     Size
=====================================================================================================================================================================================
Installing:
 rdo-release                                  noarch                                  train-1                                    /rdo-release                                  3.1 k
Transaction Summary
=====================================================================================================================================================================================
Install  1 Package

Total size: 3.1 k
Installed size: 3.1 k
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : rdo-release-train-1.noarch                                                                                                                                        1/1
  Verifying  : rdo-release-train-1.noarch                                                                                                                                        1/1
Installed:
  rdo-release.noarch 0:train-1
Complete!
 # openstack train 패키지 설치
[HOSTNAME:/home/haedong:]$ sudo yum install -y centos-release-openstack-train
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
 * base: mirror.kakao.com
 * extras: mirror.kakao.com
 * openstack-train: mirror.kakao.com
 * rdo-qemu-ev: mirror.kakao.com
 * updates: mirror.kakao.com
openstack-train                                                                                                                                               | 3.0 kB  00:00:00
rdo-qemu-ev                                                                                                                                                   | 3.0 kB  00:00:00
(1/2): rdo-qemu-ev/x86_64/primary_db                                                                                                                          |  57 kB  00:00:00
(2/2): openstack-train/x86_64/primary_db                                                                                                                      | 1.1 MB  00:00:00
Resolving Dependencies
--> Running transaction check
---> Package centos-release-openstack-train.noarch 0:1-1.el7.centos will be installed
--> Processing Dependency: centos-release-qemu-ev for package: centos-release-openstack-train-1-1.el7.centos.noarch
--> Processing Dependency: centos-release-ceph-nautilus for package: centos-release-openstack-train-1-1.el7.centos.noarch
--> Running transaction check
---> Package centos-release-ceph-nautilus.noarch 0:1.2-2.el7.centos will be installed
--> Processing Dependency: centos-release >= 7-5.1804.el7.centos.2 for package: centos-release-ceph-nautilus-1.2-2.el7.centos.noarch
--> Processing Dependency: centos-release-storage-common for package: centos-release-ceph-nautilus-1.2-2.el7.centos.noarch
--> Processing Dependency: centos-release-nfs-ganesha28 for package: centos-release-ceph-nautilus-1.2-2.el7.centos.noarch
---> Package centos-release-qemu-ev.noarch 0:1.0-4.el7.centos will be installed
--> Processing Dependency: centos-release-virt-common for package: centos-release-qemu-ev-1.0-4.el7.centos.noarch
--> Running transaction check
---> Package centos-release.x86_64 0:7-5.1804.el7.centos will be updated
---> Package centos-release.x86_64 0:7-9.2009.1.el7.centos will be an update
---> Package centos-release-nfs-ganesha28.noarch 0:1.0-3.el7.centos will be installed
---> Package centos-release-storage-common.noarch 0:2-2.el7.centos will be installed
---> Package centos-release-virt-common.noarch 0:1-1.el7.centos will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=====================================================================================================================================================================================
 Package                                                  Arch                             Version                                           Repository                         Size
=====================================================================================================================================================================================
Installing:
 centos-release-openstack-train                           noarch                           1-1.el7.centos                                    extras                            5.3 k
Installing for dependencies:
 centos-release-ceph-nautilus                             noarch                           1.2-2.el7.centos                                  extras                            5.1 k
 centos-release-nfs-ganesha28                             noarch                           1.0-3.el7.centos                                  extras                            4.3 k
 centos-release-qemu-ev                                   noarch                           1.0-4.el7.centos                                  extras                             11 k
 centos-release-storage-common                            noarch                           2-2.el7.centos                                    extras                            5.1 k
 centos-release-virt-common                               noarch                           1-1.el7.centos                                    extras                            4.5 k
Updating for dependencies:
 centos-release                                           x86_64                           7-9.2009.1.el7.centos                             updates                            27 k
Transaction Summary
=====================================================================================================================================================================================
Install  1 Package  (+5 Dependent packages)
Upgrade             ( 1 Dependent package)
Total download size: 62 k
Downloading packages:
No Presto metadata available for updates
(1/7): centos-release-7-9.2009.1.el7.centos.x86_64.rpm                                                                                                        |  27 kB  00:00:00
(2/7): centos-release-ceph-nautilus-1.2-2.el7.centos.noarch.rpm                                                                                               | 5.1 kB  00:00:00
(3/7): centos-release-nfs-ganesha28-1.0-3.el7.centos.noarch.rpm                                                                                               | 4.3 kB  00:00:00
(4/7): centos-release-qemu-ev-1.0-4.el7.centos.noarch.rpm                                                                                                     |  11 kB  00:00:00
(5/7): centos-release-storage-common-2-2.el7.centos.noarch.rpm                                                                                                | 5.1 kB  00:00:00
(6/7): centos-release-openstack-train-1-1.el7.centos.noarch.rpm                                                                                               | 5.3 kB  00:00:00
(7/7): centos-release-virt-common-1-1.el7.centos.noarch.rpm                                                                                                   | 4.5 kB  00:00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                650 kB/s |  62 kB  00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : centos-release-7-9.2009.1.el7.centos.x86_64                                                                                                                       1/8
warning: /etc/yum/vars/contentdir created as /etc/yum/vars/contentdir.rpmnew
  Installing : centos-release-storage-common-2-2.el7.centos.noarch                                                                                                               2/8
  Installing : centos-release-nfs-ganesha28-1.0-3.el7.centos.noarch                                                                                                              3/8
  Installing : centos-release-ceph-nautilus-1.2-2.el7.centos.noarch                                                                                                              4/8
  Installing : centos-release-virt-common-1-1.el7.centos.noarch                                                                                                                  5/8
  Installing : centos-release-qemu-ev-1.0-4.el7.centos.noarch                                                                                                                    6/8
  Installing : centos-release-openstack-train-1-1.el7.centos.noarch                                                                                                              7/8
  Cleanup    : centos-release-7-5.1804.el7.centos.x86_64                                                                                                                         8/8
  Verifying  : centos-release-openstack-train-1-1.el7.centos.noarch                                                                                                              1/8
  Verifying  : centos-release-nfs-ganesha28-1.0-3.el7.centos.noarch                                                                                                              2/8
  Verifying  : centos-release-7-9.2009.1.el7.centos.x86_64                                                                                                                       3/8
  Verifying  : centos-release-ceph-nautilus-1.2-2.el7.centos.noarch                                                                                                              4/8
  Verifying  : centos-release-virt-common-1-1.el7.centos.noarch                                                                                                                  5/8
  Verifying  : centos-release-storage-common-2-2.el7.centos.noarch                                                                                                               6/8
  Verifying  : centos-release-qemu-ev-1.0-4.el7.centos.noarch                                                                                                                    7/8
  Verifying  : centos-release-7-5.1804.el7.centos.x86_64                                                                                                                         8/8
Installed:
  centos-release-openstack-train.noarch 0:1-1.el7.centos
Dependency Installed:
  centos-release-ceph-nautilus.noarch 0:1.2-2.el7.centos        centos-release-nfs-ganesha28.noarch 0:1.0-3.el7.centos        centos-release-qemu-ev.noarch 0:1.0-4.el7.centos
  centos-release-storage-common.noarch 0:2-2.el7.centos         centos-release-virt-common.noarch 0:1-1.el7.centos
Dependency Updated:
  centos-release.x86_64 0:7-9.2009.1.el7.centos

Complete!

 # 설치 된 패키지 업데이트.
[HOSTNAME:/home/haedong:]$ sudo yum -y update
Loaded plugins: fastestmirror, langpacks
Repository rdo-trunk-train-tested is listed more than once in the configuration
Loading mirror speeds from cached hostfile
 * base: mirror.kakao.com
 * centos-ceph-nautilus: mirror.kakao.com
 * centos-nfs-ganesha28: mirror.kakao.com
 * centos-openstack-train: mirror.kakao.com
 * centos-qemu-ev: mirror.kakao.com
 * extras: mirror.kakao.com
 * openstack-train: mirror.kakao.com
 * rdo-qemu-ev: mirror.kakao.com
 * updates: mirror.kakao.com
Resolving Dependencies
--> Running transaction check
---> Package GeoIP.x86_64 0:1.5.0-11.el7 will be updated
---> Package GeoIP.x86_64 0:1.5.0-14.el7 will be an update
--> Processing Dependency: geoipupdate for package: GeoIP-1.5.0-14.el7.x86_64
---> Package LibRaw.x86_64 0:0.14.8-5.el7.20120830git98d925 will be updated
---> Package LibRaw.x86_64 0:0.19.4-1.el7 will be an update
---> Package ModemManager.x86_64 0:1.6.10-1.el7 will be updated
---> Package ModemManager.x86_64 0:1.6.10-4.el7 will be an update
---> Package ModemManager-glib.x86_64 0:1.6.10-1.el7 will be updated
---> Package ModemManager-glib.x86_64 0:1.6.10-4.el7 will be an update
---> Package NetworkManager.x86_64 1:1.10.2-13.el7 will be updated
---> Package NetworkManager.x86_64 1:1.18.8-2.el7_9 will be an update
---> Package NetworkManager-adsl.x86_64 1:1.10.2-13.el7 will be updated
---> Package NetworkManager-adsl.x86_64 1:1.18.8-2.el7_9 will be an update
---> Package NetworkManager-glib.x86_64 1:1.10.2-13.el7 will be updated
---> Package NetworkManager-glib.x86_64 1:1.18.8-2.el7_9 will be an update
---> Package NetworkManager-libnm.x86_64 1:1.10.2-13.el7 will be updated
---> Package NetworkManager-libnm.x86_64 1:1.18.8-2.el7_9 will be an update
---> Package NetworkManager-ppp.x86_64 1:1.10.2-13.el7 will be updated
---> Package NetworkManager-ppp.x86_64 1:1.18.8-2.el7_9 will be an update
--> Running transaction check
...중략...
---> Package mokutil.x86_64 0:15-8.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=====================================================================================================================================================================================
 Package                                                 Arch                     Version                                             Repository                                Size
=====================================================================================================================================================================================
Installing:
 freerdp-libs                                            x86_64                   2.1.1-2.el7                                         base                                     851 k
     replacing  freerdp-plugins.x86_64 1.0.2-15.el7
 gnome-dictionary                                        x86_64                   3.26.1-2.el7                                        base                                     642 k
     replacing  gnome-dictionary-libs.x86_64 3.20.0-1.el7
 gnome-shell                                             x86_64                   3.28.3-32.el7                                       updates                                  2.1 M
     replacing  caribou.x86_64 0.4.21-1.el7
     replacing  caribou-gtk2-module.x86_64 0.4.21-1.el7
     replacing  caribou-gtk3-module.x86_64 0.4.21-1.el7
     replacing  python2-caribou.noarch 0.4.21-1.el7
 xorg-x11-xauth                                          x86_64                   1:1.0.9-1.el7                                       base                                      30 k
 xorg-x11-xinit                                          x86_64                   1.3.4-2.el7                                         base                                      58 k
 xorg-x11-xkb-utils                                      x86_64                   7.7-14.el7                                          base                                     103 k
...중략...
Transaction Summary
=====================================================================================================================================================================================
Install   36 Packages (+95 Dependent packages)
Upgrade  940 Packages

Total download size: 1.1 G
Downloading packages:
No Presto metadata available for centos-openstack-train
No Presto metadata available for openstack-train
No Presto metadata available for base
No Presto metadata available for updates
No Presto metadata available for centos-ceph-nautilus
(1/1071): GeoIP-1.5.0-14.el7.x86_64.rpm                                                                                                                       | 1.5 MB  00:00:00
(2/1071): LibRaw-0.19.4-1.el7.x86_64.rpm                                                                                                                      | 308 kB  00:00:00
(3/1071): ModemManager-1.6.10-4.el7.x86_64.rpm                                                                                                                | 738 kB  00:00:00
(4/1071): ModemManager-glib-1.6.10-4.el7.x86_64.rpm                                                                                                           | 232 kB  00:00:00
(5/1071): NetworkManager-adsl-1.18.8-2.el7_9.x86_64.rpm                                                                                                       | 163 kB  00:00:00
(6/1071): NetworkManager-glib-1.18.8-2.el7_9.x86_64.rpm                                                                                                       | 1.5 MB  00:00:00
(7/1071): NetworkManager-libnm-1.18.8-2.el7_9.x86_64.rpm                                                                                                      | 1.7 MB  00:00:00
...중략...
(1068/1071): yum-utils-1.1.31-54.el7_8.noarch.rpm                                                                                                             | 122 kB  00:00:00
(1069/1071): zlib-1.2.7-18.el7.x86_64.rpm                                                                                                                     |  90 kB  00:00:00
(1070/1071): zlib-devel-1.2.7-18.el7.x86_64.rpm                                                                                                               |  50 kB  00:00:00
(1071/1071): zenity-3.28.1-1.el7.x86_64.rpm                                                                                                                   | 4.0 MB  00:00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                 46 MB/s | 1.1 GB  00:00:25
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Storage
Importing GPG key 0xE451E5B5:
 Userid     : "CentOS Storage SIG (http://wiki.centos.org/SpecialInterestGroup/Storage) <security@centos.org>"
 Fingerprint: 7412 9c0b 173b 071a 3775 951a d4a2 e50b e451 e5b5
 Package    : centos-release-storage-common-2-2.el7.centos.noarch (@extras)
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Storage
...중략...
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : libgcc-4.8.5-44.el7.x86_64                                                                                                                                     1/2055
  Installing : urw-base35-fonts-common-20170801-10.el7.noarch                                                                                                                 2/2055
  Installing : xorg-x11-proto-devel-2018.4-1.el7.noarch                                                                                                                       3/2055
...중략...
  Verifying  : 10:qemu-kvm-1.5.3-156.el7.x86_64                                                                                                                            2053/2055
  Verifying  : python-dmidecode-3.12.2-2.el7.x86_64                                                                                                                        2054/2055
  Verifying  : freerdp-1.0.2-15.el7.x86_64                                                                                                                                 2055/2055
Installed:
  freerdp-libs.x86_64 0:2.1.1-2.el7                             gnome-dictionary.x86_64 0:3.26.1-2.el7                  gnome-shell.x86_64 0:3.28.3-32.el7
  grub2.x86_64 1:2.02-0.86.el7.centos                           grub2-tools.x86_64 1:2.02-0.86.el7.centos               grub2-tools-extra.x86_64 1:2.02-0.86.el7.centos
...중략...
  qemu-img.x86_64 10:1.5.3-156.el7                         qemu-kvm.x86_64 10:1.5.3-156.el7                               qemu-kvm-common.x86_64 10:1.5.3-156.el7
  sip-macros.x86_64 0:4.14.6-4.el7                         urw-fonts.noarch 0:2.4-16.el7                                  webkitgtk4-plugin-process-gtk2.x86_64 0:2.16.6-6.el7

Complete!
[HOSTNAME:/home/haedong:]$ sudo yum install -y openstack-packstack
Loaded plugins: fastestmirror, langpacks
Repository rdo-trunk-train-tested is listed more than once in the configuration
Loading mirror speeds from cached hostfile
 * base: mirror.kakao.com
Resolving Dependencies
--> Running transaction check
---> Package openstack-packstack.noarch 1:15.0.1-1.el7 will be installed
--> Processing Dependency: openstack-packstack-puppet = 1:15.0.1-1.el7 for package: 1:openstack-packstack-15.0.1-1.el7.noarch
--> Processing Dependency: python-docutils for package: 1:openstack-packstack-15.0.1-1.el7.noarch
--> Processing Dependency: python2-pbr for package: 1:openstack-packstack-15.0.1-1.el7.noarch
--> Running transaction check
---> Package openstack-packstack-puppet.noarch 1:15.0.1-1.el7 will be installed
--> Processing Dependency: puppet-aodh for package: 1:openstack-packstack-puppet-15.0.1-1.el7.noarch
--> Processing Dependency: puppet-apache for package: 1:openstack-packstack-puppet-15.0.1-1.el7.noarch
...중략...
  Verifying  : 1:openstack-packstack-15.0.1-1.el7.noarch                                                                                                                       76/78
  Verifying  : python2-pbr-5.1.2-2.el7.noarch                                                                                                                                  77/78
  Verifying  : puppet-cinder-15.4.0-1.el7.noarch                                                                                                                               78/78
Installed:
  openstack-packstack.noarch 1:15.0.1-1.el7
Dependency Installed:
  boost159-atomic.x86_64 0:1.59.0-2.el7.1                 boost159-chrono.x86_64 0:1.59.0-2.el7.1                      boost159-date-time.x86_64 0:1.59.0-2.el7.1
...중략...
  ruby-facter.x86_64 1:3.9.3-7.el7                        ruby-shadow.x86_64 0:1.4.1-23.el7                            rubygem-pathspec.noarch 0:0.2.1-3.el7
  rubygem-rgen.noarch 0:0.6.6-2.el7                       yaml-cpp.x86_64 0:0.5.1-6.el7
Complete!