Kubernates之從Harbor上拉去鏡像建立服務

    Kubernates版本爲1.11.4,Harbor的版本是1.7。html

    搭建好Kubernates後(一個master節點和倆個node節點),若是要建立服務,就須要鏡像,若是不配置Kubernates從鏡像倉庫拉取,那麼就須要將鏡像傳到每一個節點上(master和全部node),很麻煩,效率很低,因此咱們的目標是配置Kubernates,讓其從Harbor上拉取鏡像。node

    注:個人Harbor服務所在的IP是192.168.33.5,如何安裝Harbor,請看個人這篇博客nginx

1、將Harbor加入k8s宿主機Docker的insecure-registries中

    修改k8s的master和倆個node的/etc/docker/daemon.json,將192.168.33.5將入到insecure-registries中,以下所示:docker

    List-1.1json

[root@localhost data]# more /etc/docker/daemon.json 
{"bip": "172.172.172.1/24","insecure-registries": ["10.221.128.52","192.168.33.5"]}

    重啓Docker服務,以下List-1.2api

    List-1.2bash

[root@localhost data]# systemctl daemon-reload
[root@localhost data]# systemctl restart Docker

    在每一個節點上試試可否login到192.168.33.5,以下List-1.3session

    List-1.3app

[root@localhost data]# docker login 192.168.33.5
Username (mjduan): 
Password: 
Login Succeeded

2、用yaml在k8s上建立服務

    在master節點執行以下List-2.1,建立secret,其中registry-harbor2是名稱,namespace的值使用default,docker-server的值是Harbor的IP,docker-username和docker-password的值是在Harbor上建立的用戶。spa

    List-2.1

kubectl create secret docker-registry registry-harbor2 --namespace=default \
 --docker-server=http://192.168.33.5 --docker-username=mjduan \
 --docker-password=***** --docker-email=dmj1161859184@126.com

    List-2.2 查看建立了的secret

[root@localhost data]# kubectl get secret
NAME                  TYPE                                  DATA      AGE
default-token-dqvqc   kubernetes.io/service-account-token   3         12h
registry-harbor2      kubernetes.io/dockerconfigjson        1         5h

    建立以下List-2.3所示的nginx.yaml,注意imagePullSecrets的值是registry-harbor2

    List-2.3

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: 192.168.33.5/project/nginx:1.0
        imagePullPolicy: Always
        ports:
        - containerPort: 80
      imagePullSecrets:
      - name: registry-harbor2
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  type: NodePort
  sessionAffinity: ClientIP
  selector:
    app: nginx
  ports:
    - port: 80
      nodePort: 30180

    以後用kubectl建立服務,以下List-2.4

    List-2.4

[root@localhost data]# create -f deploy-nginx.yaml

    查看結果,以下List-2.5

    List-2.5

[root@localhost data]# kubectl get services
NAME            TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes      ClusterIP   10.96.0.1        <none>        443/TCP        12h
nginx-service   NodePort    10.103.100.169   <none>        80:30180/TCP   5h
[root@localhost data]# kubectl get pods
NAME                                READY     STATUS    RESTARTS   AGE
nginx-deployment-789794d957-m7wjv   1/1       Running   0          5h
[root@localhost data]#

Reference

  1. https://www.cnblogs.com/wayneiscoming/p/7716238.html
  2. https://www.jianshu.com/p/010e4a7afe5e
相關文章
相關標籤/搜索