Kubernetes简介 中文文档: http://docs.kubernetes.org.cn/
Kubernetes一个用于容器集群的自动化部署、扩容以及运维的开源平台。通过Kubernetes,你可以快速有效地响应用户需求;
快速而有预期地部署你的应用;
极速地扩展你的应用;
无缝对接新应用功能;
节省资源,优化硬件资源的使用。为容器编排管理提供了完整的开源方案。
- 在Docker 作为高级容器引擎快速发展的同时,在Google内部,容器技术已经应
用了很多年,Borg系统运行管理着成千上万的容器应用。 - Kubernetes项目来源于Borg,可以说是集结了Borg设计思想的精华,并且吸收
了Borg系统中的经验和教训。 - Kubernetes对计算资源进行了更高层次的抽象,通过将容器进行细致的组合,
将最终的应用服务交给用户。 - Kubernetes的好处:
- 隐藏资源管理和错误处理,用户仅需要关注应用的开发。
- 服务高可用、高可靠。
- 可将负载运行在由成千上万的机器联合而成的集群中。
kubernetes设计架构
文章图片
? Kubernetes集群包含有节点代理kubelet和Master组件(
APIs, scheduler, etcd,),一切都基于分布式的存储系统。- Kubernetes主要由以下几个核心组件组成:
| 组件 | 功能 |
|---|---|
| ? etcd: | 保存了整个集群的状态 |
| ? apiserver: | 提供了资源操作的唯一入口,并提供认证、授权、访问控制、API注册和发现等机制 |
| ? controller manager: | 负责维护集群的状态,比如故障检测、自动扩展、滚动更新等 |
| ? scheduler: | 负责资源的调度,按照预定的调度策略将Pod调度到相应的机器上 |
| ? kubelet: | 负责维护容器的生命周期,同时也负责Volume(CVI)和网络(CNI)的管理 |
| ? Container runtime: | 负责镜像管理以及Pod和容器的真正运行(CRI) |
| ? kube-proxy: | 负责为Service提供cluster内部的服务发现和负载均衡 |
| kube-dns: | 负责为整个集群提供DNS服务 #最新的k8s版本已经集成进去了 |
| Ingress Controller: | 为服务提供外网入口 |
| Heapster: | 提供资源监控 |
| Dashboard: | 提供GUI |
| Federation: | 提供跨可用区的集群 |
| Fluentd-elasticsearch: | 提供集群日志采集、存储与查询 |
- Kubernetes设计理念和功能其实就是一个类似Linux的分层架构
文章图片
| 核心层: | Kubernetes最核心的功能,对外提供API构建高层的应用,对内提供插件式应用执行环境 |
| 应用层: | 部署(无状态应用、有状态应用、批处理任务、集群应用等)和路由(服务发现、DNS解析等) |
| 管理层: | 系统度量(如基础设施、容器和网络的度量),自动化(如自动扩展、动态Provision等)以及策略管理(RBAC、Quota、PSP、NetworkPolicy等) |
| 接口层: | kubectl命令行工具、客户端SDK以及集群联邦 |
| 生态系统: | 在接口层之上的庞大容器集群管理调度的生态系统,可以划分为两个范畴 |
- 生态系统 :
- Kubernetes外部:日志、监控、配置管理、CI、CD、Workflow、FaaS、
OTS应用、ChatOps等 - Kubernetes内部:CRI、CNI、CVI、镜像仓库、Cloud Provider、集群自身
的配置和管理等
- Kubernetes外部:日志、监控、配置管理、CI、CD、Workflow、FaaS、
这里我们需要用到harbor仓库,因为从本地的仓库拉取,比从网上拉取速度快:
环境:在server2,3,4主机:
server1: 172.25.254.1 harbor仓库
server2: 172.25.254.2 master结点
server3: 172.25.254.3 node结点
server4: 172.25.254.4 node结点
关闭节点的selinux和iptables防火墙
- 所有节点部署docker引擎:从阿里云上部署安装。
# step 1: 安装必要的一些系统工具
yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3: 更新并安装Docker-CE
yum -y install docker-ce# 需要container-selinux 的依赖性
[root@server1 yum.repos.d]# cat /etc/sysctl.d/bridge.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1# 内核支持。
[root@server1 yum.repos.d]# scp /etc/sysctl.d/bridge.conf server2:/etc/sysctl.d/
[root@server1 yum.repos.d]# scp /etc/sysctl.d/bridge.conf server3:/etc/sysctl.d/[root@server1 yum.repos.d]# scp /etc/sysctl.d/bridge.conf server4:/etc/sysctl.d/
# 让这两个参数生效
[root@server2 ~]# sysctl --system
[root@server3 ~]# sysctl --system
[root@server4 ~]# sysctl --system systemctl enable --now docker# 打开三个结点的docker服务
- 更改docker 和k8s使用同样的控制方式:
[root@server2 ~]# docker info
Cgroup Driver: cgroupfs# docker原本使用的是cgroup进行控制的,我们要改称systemd的方式控制
[root@server2 packages]# vim /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}[root@server2 packages]# scp /etc/docker/daemon.json server3:/etc/docker/
root@server3's password:
daemon.json100%201238.1KB/s00:00
[root@server2 packages]# scp /etc/docker/daemon.json server4:/etc/docker/
root@server4's password:
daemon.json[root@server2 packages]# systemctl restart docker
Cgroup Driver: systemd# 变成了systemd的方式
- 禁用swap分区:
#禁用swap分区,使性能更好
[root@server3 ~]# swapoff -a#server 2 3 4 都做
[root@server3 ~]# vim /etc/fstab
[root@server3 ~]# vim /etc/fstab
[root@server3 ~]# cat /etc/fstab #
# /etc/fstab
# Created by anaconda on Tue Apr 28 02:35:30 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/rhel-root/xfsdefaults0 0
UUID=004d1dd6-221a-4763-a5eb-c75e18655041 /bootxfsdefaults0 0
#/dev/mapper/rhel-swapswapswapdefaults0 0- 安装部署软件kubeadm:
我们从阿里云上进行下载:
[root@server2 yum.repos.d]# vim k8s.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0[root@server2 yum.repos.d]#yum install -y kubelet kubeadm kubectl# kubectl 只需要在master结点安装就可以
其它两个结点作一样的操作。
[root@server2 yum.repos.d]# systemctl enable --now kubelet.service#查看默认配置信息
imageRepository: k8s.gcr.io
# 默认从k8s.gcr.io上下载组件镜像,需要才可以,所以需要修改镜像仓库:[root@server2 yum.repos.d]# kubeadm config images list# 列出所需要的镜像
W0618 15:03:59.48667714931 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
k8s.gcr.io/kube-apiserver:v1.18.4
k8s.gcr.io/kube-controller-manager:v1.18.4
k8s.gcr.io/kube-scheduler:v1.18.4
k8s.gcr.io/kube-proxy:v1.18.4
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.7# 指定阿里云仓库列出
[root@server2 yum.repos.d]# kubeadm config images list --image-repository registry.aliyuncs.com/google_containers
W0618 15:04:21.09899914946 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.4
registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.4
registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.4
registry.aliyuncs.com/google_containers/kube-proxy:v1.18.4
registry.aliyuncs.com/google_containers/pause:3.2
registry.aliyuncs.com/google_containers/etcd:3.4.3-0
registry.aliyuncs.com/google_containers/coredns:1.6.7[root@server2 yum.repos.d]# kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=1.18.3
# 拉取镜像[root@server2 yum.repos.d]# docker images
REPOSITORYTAGIMAGE IDCREATEDSIZE
registry.aliyuncs.com/google_containers/kube-proxyv1.18.33439b7546f294 weeks ago117MB
registry.aliyuncs.com/google_containers/kube-apiserverv1.18.37e28efa976bd4 weeks ago173MB
registry.aliyuncs.com/google_containers/kube-controller-managerv1.18.3da26705ccb4b4 weeks ago162MB
registry.aliyuncs.com/google_containers/kube-schedulerv1.18.376216c34ed0c4 weeks ago95.3MB
registry.aliyuncs.com/google_containers/pause3.280d28bedfe5d4 months ago683kB
registry.aliyuncs.com/google_containers/coredns1.6.767da37a9a3604 months ago43.8MB
registry.aliyuncs.com/google_containers/etcd3.4.3-0303ce5db0e907 months ago288MB
然后我们把这些镜像放到harbor仓库中去,方便我们其它的结点拉取。
[root@server1 yum.repos.d]# scp -r /etc/docker/certs.d/ server2:/etc/docker/
root@server2's password:# 把harbor的证书给server2
ca.crt[root@server2 yum.repos.d]# vim /etc/hosts
[root@server2 yum.repos.d]# cat /etc/hosts
172.25.254.1 server1 reg.caoaoyuan.org# 给harbor仓库做解析。
[root@server2 yum.repos.d]# docker login reg.caoaoyuan.org
Username: admin
Password:
Login Succeeded# 登陆进去[root@server2 ~]# docker images |grep reg.ca | awk '{print $1":"$2}'
reg.caoaoyuan.org/library/kube-proxy:v1.18.3#给上面的镜像打标签成这样子。
reg.caoaoyuan.org/library/kube-apiserver:v1.18.3
reg.caoaoyuan.org/library/kube-controller-manager:v1.18.3
reg.caoaoyuan.org/library/kube-scheduler:v1.18.3
reg.caoaoyuan.org/library/pause:3.2
reg.caoaoyuan.org/library/coredns:1.6.7
reg.caoaoyuan.org/library/etcd:3.4.3-0# 上传到harbor仓库
[root@server2 ~]# for i in `docker images |grep reg.ca | awk '{print $1":"$2}'`;
do dicker push $i ;
done
# 删除阿里云的镜像
[root@server2 ~]# for i in `docker images |grep regis | awk '{print $1":"$2}'`;
do docker rmi $i ;
done
文章图片
上传成功了。其它的结点就可以拉取了,注意先把证书放过去,还有本地解析:
[root@server1 harbor]# scp -r /etc/docker/certs.d/ server3:/etc/docker/
root@server3's password:
ca.crt100% 211439.7KB/s00:00
[root@server1 harbor]# scp -r /etc/docker/certs.d/ server4:/etc/docker/
root@server4's password:
ca.crt# 这两个结点还没有放
在master结点执行集群初始化:
[root@server2 ~]# kubeadm init --pod-network-cidr=10.244.0.0/16 --image-repository reg.caoaoyuan.org/library/
Your Kubernetes control-plane has initialized successfully!
--kubernetes-version=1.18.3
kubeadm join 172.25.254.2:6443 --token 61xkmb.qd1alzh6winolaeg \
--discovery-token-ca-cert-hash sha256:ef9f8d0f0866660e7a01c54ecfc65abbbb11f25147ec7da75453098a9302e597
生成了token(用于加入集群)和hash码(用于验证master端)token默认保存24H
[kubeadm@server2 ~]$ kubeadm token list
TOKENTTLEXPIRESUSAGESDESCRIPTIONEXTRA GROUPS
61xkmb.qd1alzh6winolaeg23h2020-06-19T17:31:47+08:00authentication,signingThe default bootstrap token generated by 'kubeadm init'.system:bootstrappers:kubeadm:default-node-token# 过期后可以使用 kubeadm token create 生成。
官方建议我们使用普通用户操作集群,我们只需要:
[root@server2 ~]# useradd kubeadm
[root@server2 ~]# visudo# 给kubeadm下放权限
su[root@server2 ~]# su - kubeadm
[kubeadm@server2 ~]$ mkdir -p $HOME/.kube
[kubeadm@server2 ~]$ sudocp -i /etc/kubernetes/admin.conf $HOME/.kube/config#里面其实是证书。
#把认证放过来,就可以操纵集群了
[kubeadm@server2 ~]$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
[kubeadm@server2 ~]$ kubectl get node
NAMESTATUSROLESAGEVERSION
server2NotReadymaster12mv1.18.3 #当前只有master结点,且为notready状态
【k8s|Kubernetes简介及集群的搭建部署】节点扩容,将server3和server4加入到server2:
sysctl -w net.ipv4.ip_forward=1#可能需要执行这个命令才可以进行
[root@server4 ~]# kubeadm join 172.25.254.2:6443 --token 61xkmb.qd1alzh6winolaeg--discovery-token-ca-cert-hash sha256:ef9f8d0f0866660e7a01c54ecfc65abbbb11f25147ec7da75453098a9302e597
[root@server3 ~]# kubeadm join 172.25.254.2:6443 --token 61xkmb.qd1alzh6winolaeg--discovery-token-ca-cert-hash sha256:ef9f8d0f0866660e7a01c54ecfc65abbbb11f25147ec7da75453098a9302e597[kubeadm@server2 ~]$ kubectl get nodes
NAMESTATUSROLESAGEVERSION
server2NotReadymaster20mv1.18.3
server3NotReady88sv1.18.3
server4NotReady31sv1.18.3
# 就有两个结点加进来了。 - 安装flannel网络组件:
[root@server2 demo]# docker images
quay.io/coreos/flannelv0.12.0-amd644e9f801d22173 months ago52.8MB
# 导入这个网络组件,在3和4两个结点都导入# 切换至kubeadm用户应用这个文件。
[kubeadm@server2 ~]$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds-amd64 created
daemonset.apps/kube-flannel-ds-arm64 created
daemonset.apps/kube-flannel-ds-arm created
daemonset.apps/kube-flannel-ds-ppc64le created
daemonset.apps/kube-flannel-ds-s390x created[kubeadm@server2 ~]$ kubectl get pod -n kube-system#,系统组件它的pod都是以namespace的方式进行隔离的
NAMEREADYSTATUSRESTARTSAGE
coredns-5fd54d7f56-22fwz1/1Running0123m
coredns-5fd54d7f56-l9z5k1/1Running0123m
etcd-server21/1Running3124m
kube-apiserver-server21/1Running2124m
kube-controller-manager-server21/1Running3124m
kube-flannel-ds-amd64-6t4tp1/1Running09m31s
kube-flannel-ds-amd64-gk9r21/1Running09m31s# 网络组件
kube-flannel-ds-amd64-mlcvm1/1Running09m31s
kube-proxy-f7rnh1/1Running0104m
kube-proxy-hww5t1/1Running1104m
kube-proxy-wn4h81/1Running3123m
kube-scheduler-server21/1Running3124m
# 都是running才ok[kubeadm@server2 ~]$ kubectl get nodes
NAMESTATUSROLESAGEVERSION
server2Readymaster125mv1.18.3
server3Ready106mv1.18.3
server4Ready105mv1.18.3#ready
# 我们就可以用这个集群了
- 查看命名空间
[kubeadm@server2 ~]$ kubectl get pod --all-namespaces #查看所有的命名空间
[kubeadm@server2 ~]$ kubectl get pod -o wide -n kube-system # -o wide 查看详细
NAMEREADYSTATUSRESTARTSAGEIPNODENOMINATED NODEREADINESS GATES
coredns-5fd54d7f56-22fwz1/1Running03h34m10.244.2.2server4
coredns-5fd54d7f56-l9z5k1/1Running03h34m10.244.1.2server3
etcd-server21/1Running33h34m172.25.254.2server2
kube-apiserver-server21/1Running23h34m172.25.254.2server2
kube-controller-manager-server21/1Running33h34m172.25.254.2server2
kube-flannel-ds-amd64-6t4tp1/1Running0100m172.25.254.3server3
kube-flannel-ds-amd64-gk9r21/1Running0100m172.25.254.2server2
kube-flannel-ds-amd64-mlcvm1/1Running0100m172.25.254.4server4
kube-proxy-f7rnh1/1Running03h14m172.25.254.4server4
kube-proxy-hww5t1/1Running13h15m172.25.254.3server3
kube-proxy-wn4h81/1Running33h34m172.25.254.2server2
kube-scheduler-server21/1Running33h34m172.25.254.2server2
可以看到这些组件运行的位置。flannel组件用dameset的控制器,它的特点就是每个节点运行一个。
proxy在每个结点也有。[root@server4 ~]# docker images
REPOSITORYTAGIMAGE IDCREATEDSIZE
reg.caoaoyuan.org/library/kube-proxyv1.18.33439b7546f294 weeks ago117MB
quay.io/coreos/flannelv0.12.0-amd644e9f801d22173 months ago52.8MB
reg.caoaoyuan.org/library/pause3.280d28bedfe5d4 months ago683kB
reg.caoaoyuan.org/library/coredns1.6.767da37a9a3604 months ago43.8MB
server3 和server4 加入集群也获取了harbor仓库的信息,拉取了这几个镜像,kubernete就可以运行了,所有的服务都是以容器的方式运行的。
- 自动补齐
[kubeadm@server2 ~]$echo "source <(kubectl completion bash)" >> ~/.bashrc
[kubeadm@server2 ~]$ logout
[root@server2 demo]# su - kubeadm
Last login: Thu Jun 18 19:26:19 CST 2020 on pts/0
[kubeadm@server2 ~]$ kubectl
alphaapplycertificateconvert#就可以自动补齐了。
- 删除结点
[kubeadm@server2 ~]$ kubectl drain server4 --delete-local-data --force --ignore-daemonsets
kunode/server4 cordoned
WARNING: ignoring DaemonSet-managed Pods: kube-system/kube-flannel-ds-amd64-mlcvm, kube-system/kube-proxy-f7rnh
evicting pod kube-system/coredns-5fd54d7f56-22fwz
bec pod/coredns-5fd54d7f56-22fwz evicted
node/server4 evicted
[kubeadm@server2 ~]$ kubectl get nodes
NAMESTATUSROLESAGEVERSION
server2Readymaster3h56mv1.18.3
server3Ready3h37mv1.18.3
server4Ready,SchedulingDisabled3h36mv1.18.3# 不再调用此结点
[kubeadm@server2 ~]$ kubectl get node
NAMESTATUSROLESAGEVERSION
server2Readymaster3h56mv1.18.3
server3Ready3h37mv1.18.3
server4Ready,SchedulingDisabled3h36mv1.18.3
[kubeadm@server2 ~]$ kubectl delete node server4# 删除结点
node "server4" deleted
[kubeadm@server2 ~]$ kubectl get node
NAMESTATUSROLESAGEVERSION
server2Readymaster3h57mv1.18.3
server3Ready3h38mv1.18.3
[kubeadm@server2 ~]$
这种只适用于已经正常加入的结点,对于还没有正常加入的结点,直接在那个结点上执行:
[root@server4 ~]# kubeadm reset
[reset] WARNING: Changes made to this host by 'kubeadm init' or 'kubeadm join' will be reverted.
[reset] Are you sure you want to proceed? [y/N]: y
[preflight] Running pre-flight checks把刚才join的信息清除掉如果想再加入进来的话:
[kubeadm@server2 ~]$ kubeadm token list
TOKENTTLEXPIRESUSAGESDESCRIPTIONEXTRA GROUPS
61xkmb.qd1alzh6winolaeg19h `还没过期`2020-06-19T17:31:47+08:00
[root@server4 ~]# kubeadm join 172.25.254.2:6443 --token 61xkmb.qd1alzh6winolaeg--discovery-token-ca-cert-hash sha256:ef9f8d0f0866660e7a01c54ecfc65abbbb11f25147ec7da75453098a9302e597
再加入进去就行了,前提是要做好上面结点中的所有配置。[kubeadm@server2 ~]$ kubectl get node
NAMESTATUSROLESAGEVERSION
server2Readymaster4h3mv1.18.3
server3Ready3h43mv1.18.3
server4Ready2m1sv1.18.3
- 删除flannel网络组件
[root@server4 ~]# docker ps
CONTAINER IDIMAGECOMMANDCREATEDSTATUSPORTSNAMES
56862b391eda4e9f801d2217"/opt/bin/flanneld -…"33 minutes agoUp 33 minutesk8s_kube-flannel_kube-flannel-ds-amd64-sklll_kube-system_84e2eb08-2b85-4cc2-a167-5ea78629af3c_1
[root@server4 ~]# docker rm -f 56862b391eda
56862b391eda
[root@server4 ~]# docker ps
CONTAINER IDIMAGECOMMANDCREATEDSTATUSPORTSNAMES
f7db2b985cc54e9f801d2217"/opt/bin/flanneld -…"
集群会事时监控状态,当有服务关闭时,会自动一直restart服务。
- 创建一个pod
[kubeadm@server2 ~]$ kubectl run demo --image=nginx# 自主式pod,还有一种deployment控制器方式
kubecpod/demo created
[kubeadm@server2 ~]$ kubectlget pod
NAMEREADYSTATUSRESTARTSAGE
demo0/1ContainerCreating05s
[kubeadm@server2 ~]$ kubectl logs demo
Error from server (BadRequest): container "demo" in pod "demo" is waiting to start: ContainerCreating
[kubeadm@server2 ~]$ kubectl describe pod demo#查看pod 详细信息
Name:demo
Namespace:default
Priority:0
Node:server3/172.25.254.3
IP:10.244.1.3
IPs:
IP:10.244.1.3
Events:
TypeReasonAgeFromMessage
-------------------------
NormalScheduleddefault-schedulerSuccessfully assigned default/demo to server3
NormalPulling47skubelet, server3Pulling image "nginx"
NormalPulled19skubelet, server3Successfully pulled image "nginx"
NormalCreated19skubelet, server3Created container demo
NormalStarted18skubelet, server3Started container demo
[kubeadm@server2 ~]$ kubectl logs demo #查看pod 日志
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete;
ready for start up
[kubeadm@server2 ~]$ kubectl get pod -o wide
NAMEREADYSTATUSRESTARTSAGEIPNODENOMINATED NODEREADINESS GATES
demo1/1Running08m58s10.244.1.3server3
# 已经运行在了server3上下次再部署相同的容器时,依然会到server3上,因为他已经拉取过镜像了
[kubeadm@server2 ~]$ curl 10.244.1.4
Welcome to nginx! - 锐客网
[kubeadm@server2 ~]$ kubectl delete pod demo
pod "demo" deleted
然后我们去server3和server4两个工作结点配置仓库:
[root@server3 ~]# vim /etc/docker/daemon.json
[root@server4 ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://reg.caoaoyuan.org"],# 把这一行加进去。
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
[root@server3 ~]# systemctl restart docker
这时拉取镜像就会从我们的harbor仓库去拉取了。我们集群的配置就基本ok了。
- kubectl命令指南:
- https://kubernetes.io/docs/reference/generated/kubectl/kubectl-
commands
- https://kubernetes.io/docs/reference/generated/kubectl/kubectl-
推荐阅读
- elasticsearch|kubernetes搭建es集群
- 大数据|Kubernetes-在Kubernetes集群上搭建Stateful Elasticsearch集群
- Kubernetes|Kubernetes学习二(Kubernetes集群搭建之部署kubernetes server)
- k8s|Kubernetes集群上搭建KubeSphere 教程
- 大数据|Flink原理解析
- 编程语言_JAVA|Netty实战-如何在web项目中对接第三方tcp协议
- Linux学习|SAAS 开发技术项目实验(二)
- K8S Pod 新安全策略 Pod Security Admission 介绍 | K8S Internals 系列第一期
- 云栖号技术分享|专访李飞飞 (从清华附中高材生到阿里飞刀,一口井钻出「云原生」)