部署k8s集群参考
https://blog.csdn.net/m0_59933574/article/details/134936188?spm=1001.2014.3001.5502
https://blog.csdn.net/m0_59933574/article/details/134936188?spm=1001.2014.3001.5502
安装Harbor
准备一台干净服务器,关闭防火墙与selinux
下载docker与docker-compose
https://blog.csdn.net/m0_59933574/article/details/134822923?spm=1001.2014.3001.5502https://blog.csdn.net/m0_59933574/article/details/134822923?spm=1001.2014.3001.5502
yum -y install docker-compose安装haobor
解压
[root@localhost ~]# tar xvf harbor-offline-installer-v2.1.0.tar.gz
harbor/harbor.v2.1.0.tar.gz
harbor/prepare
harbor/LICENSE
harbor/install.sh
harbor/common.sh
harbor/harbor.yml.tmpl[root@localhost ~]# ls
anaconda-ks.cfg harbor harbor-offline-installer-v2.1.0.tar.gz yum.repo.sh
[root@localhost ~]# cd harbor
[root@localhost harbor]# ls
common.sh harbor.v2.1.0.tar.gz harbor.yml.tmpl install.sh LICENSE prepare
拷贝文件
[root@localhost harbor]# cp harbor.yml.tmpl harbor.yml
[root@localhost harbor]# ls
common.sh harbor.v2.1.0.tar.gz harbor.yml harbor.yml.tmpl install.sh LICENSE prepare编辑yml文件
[root@localhost harbor]# vim harbor.yml
登录harbor的web端
默认账号:admin 默认密码:Harbor12345
创建harbor项目仓库与用户
创建用户
项目添加成员
k8s使用harbor仓库
在node1节点上
[root@k8s-node1 ~]# vim /etc/docker/daemon.json
添加不安全仓库
node1与node2都需要添加!!!
重启docker
[root@k8s-node1 ~]# systemctl restart docker开始推送镜像
登录harbor
修改要推送镜像名字
[root@k8s-node1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.231.192/nginx latest a6bd71f48f68 6 weeks ago 187MB
[root@k8s-node1 ~]# docker tag 192.168.231.192/nginx:latest 192.168.231.130/nginx/test:v1.0开始推送
[root@k8s-node1 ~]# docker push 192.168.231.130/nginx/test:v1.0
The push refers to repository [192.168.231.130/nginx/test]
0d0e9c83b6f7: Pushed
cddc309885a2: Pushed
c2d3ab485d1b: Pushed
66283570f41b: Pushed
f5525891d9e9: Pushed
8ae474e0cc8f: Pushed
92770f546e06: Pushed
v1.0: digest: sha256:3c4c1f42a89e343c7b050c5e5d6f670a0e0b82e70e0e7d023f10092a04bbb5a7 size: 1778查看harbor
推送流程
以centos:7.9.2009为例
登录
[root@k8s-node1 ~]# docker login 192.168.231.130
Username: xian2304
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@k8s-node1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos 7.9.2009 eeb6ee3f44bd 2 years ago 204MB
在项目中标记镜像:
docker tag SOURCE_IMAGE[:TAG] 192.168.231.130/nginx仓库的名字/REPOSITORY[:TAG] 镜像名字:版本
[root@k8s-node1 ~]# docker tag centos:7.9.2009 192.168.231.130/nginx/centos:v7.9.2009
[root@k8s-node1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.231.130/nginx/centos v7.9.2009 eeb6ee3f44bd 2 years ago 204MB
centos 7.9.2009 eeb6ee3f44bd 2 years ago 204MB
[root@k8s-node1 ~]# docker push 192.168.231.130/nginx/centos:v7.9.2009
The push refers to repository [192.168.231.130/nginx/centos]
174f56854903: Pushed
v7.9.2009: digest: sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f size: 529查看harbor仓库
集群中如何使用镜像
[root@k8s-master ~]# vim nginx.yml
apiVersion: v1
kind: Pod
metadata:
name: test
spec:
containers:
- name: nginx-test
image: 192.168.231.130/nginx/test:v1.0创建pod
[root@k8s-master ~]# kubectl apply -f nginx.yml
pod/test created
[root@k8s-master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
test 1/1 Running 0 4s
