Kubernates版本爲1.11.4,Harbor的版本是1.7。html
搭建好Kubernates後(一個master節點和倆個node節點),若是要建立服務,就須要鏡像,若是不配置Kubernates從鏡像倉庫拉取,那麼就須要將鏡像傳到每一個節點上(master和全部node),很麻煩,效率很低,因此咱們的目標是配置Kubernates,讓其從Harbor上拉取鏡像。node
注:個人Harbor服務所在的IP是192.168.33.5,如何安裝Harbor,請看個人這篇博客。nginx
修改k8s的master和倆個node的/etc/docker/daemon.json,將192.168.33.5將入到insecure-registries中,以下所示:docker
List-1.1json
[root@localhost data]# more /etc/docker/daemon.json {"bip": "172.172.172.1/24","insecure-registries": ["10.221.128.52","192.168.33.5"]}
重啓Docker服務,以下List-1.2api
List-1.2bash
[root@localhost data]# systemctl daemon-reload [root@localhost data]# systemctl restart Docker
在每一個節點上試試可否login到192.168.33.5,以下List-1.3session
List-1.3app
[root@localhost data]# docker login 192.168.33.5 Username (mjduan): Password: Login Succeeded
在master節點執行以下List-2.1,建立secret,其中registry-harbor2是名稱,namespace的值使用default,docker-server的值是Harbor的IP,docker-username和docker-password的值是在Harbor上建立的用戶。spa
List-2.1
kubectl create secret docker-registry registry-harbor2 --namespace=default \ --docker-server=http://192.168.33.5 --docker-username=mjduan \ --docker-password=***** --docker-email=dmj1161859184@126.com
List-2.2 查看建立了的secret
[root@localhost data]# kubectl get secret NAME TYPE DATA AGE default-token-dqvqc kubernetes.io/service-account-token 3 12h registry-harbor2 kubernetes.io/dockerconfigjson 1 5h
建立以下List-2.3所示的nginx.yaml,注意imagePullSecrets的值是registry-harbor2
List-2.3
apiVersion: extensions/v1beta1 kind: Deployment metadata: name: nginx-deployment labels: app: nginx spec: replicas: 1 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: 192.168.33.5/project/nginx:1.0 imagePullPolicy: Always ports: - containerPort: 80 imagePullSecrets: - name: registry-harbor2 --- apiVersion: v1 kind: Service metadata: name: nginx-service spec: type: NodePort sessionAffinity: ClientIP selector: app: nginx ports: - port: 80 nodePort: 30180
以後用kubectl建立服務,以下List-2.4
List-2.4
[root@localhost data]# create -f deploy-nginx.yaml
查看結果,以下List-2.5
List-2.5
[root@localhost data]# kubectl get services NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12h nginx-service NodePort 10.103.100.169 <none> 80:30180/TCP 5h [root@localhost data]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-deployment-789794d957-m7wjv 1/1 Running 0 5h [root@localhost data]#