当前位置:   article > 正文

kubernetes/k8s之pod资源管理和k8s-harbor_harbor k8s 区别

harbor k8s 区别

kubernetes/k8s之pod资源管理和k8s-harbor

一、pod特点

最小部署单元
一组容器的集合
一个Pod中的容器共享网络命名空间
Pod是短暂的

二、Pod容器分类

1:infrastructure container 基础容器

//维护整个Pod网络空间
//node节点操作
//查看容器的网络

[root@localhost ~]# cat /opt/kubernetes/cfg/kubelet
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"
//每次创建Pod时候就会创建,与Pod对应的,对于用户是透明的
[root@localhost ~]# docker ps
registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0   "/pause"
  • 1
  • 2
  • 3
  • 4
  • 5
2:initcontainers 初始化容器

//先于业务容器开始执行,原先Pod中容器是并行开启,现在进行了改进

3:container 业务容器

//并行启动
官方网站
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/

三、镜像拉取策略(image PullPolicy)

IfNotPresent:默认值,镜像在宿主机上不存在时才拉取
Always:每次创建Pod都会重新拉取一次镜像
Never:Pod永远不会主动拉取这个镜像
https://kubernetes.io/docs/concepts/containers/images

四、部署kubernetes之harbor节点

【1】创建nginx-pod
[root@master ~]# mkdir demo
[root@master ~]# cd demo/
[root@master demo]# vim pod1.yaml
apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
    - name: nginx
      image: nginx:1.14
      imagePullPolicy: Always
#    command: [ "echo", "SUCCESS" ]
[root@master demo]# kubectl create -f pod1.yaml
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
【2】查看pod信息
[root@master demo]# kubectl get pods
NAME                        READY   STATUS    RESTARTS   AGE
mypod                       1/1     Running   1          124m

[root@master demo]# kubectl get pods -o wide
NAME                        READY   STATUS    RESTARTS   AGE    IP            NODE             NOMINATED NODE
mypod                       1/1     Running   1          125m   172.17.58.6   192.168.60.60    <none>
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
【3】在node节点上面使用curl查看头部信息
[root@node1 ~]# curl -I 172.17.58.6
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Tue, 13 Oct 2020 01:18:46 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 29 Sep 2020 14:12:31 GMT
Connection: keep-alive
ETag: "5f7340cf-264"
Accept-Ranges: bytes
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
【4】部署harbor环境
(1)安装docker
[root@harbor ~]#yum install -y yum-utils device-mapper-persistent-data lvm2 
[root@harbor ~]#yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@harbor ~]#yum install docker-ce docker-ce-cli containerd.io
[root@harbor ~]#systemctl start docker
[root@harbor ~]#mkdir -p /etc/docker
[root@harbor ~]#tee /etc/docker/daemon.json <<-'EOF'
     {
       "registry-mirrors": ["https://730ykxsw.mirror.aliyuncs.com"]
     }
     EOF
[root@harbor ~]#systemctl daemon-reload
[root@harbor ~]#systemctl restart docker
[root@harbor ~]#vim /etc/sysctl.conf
net.ipv4.ip_forward=1 
[root@harbor ~]#sysctl -p
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
(2)安装docker-compose
[root@harbor ~]#cd /usr/local/bin
[root@harbor ~]#ls
docker-compose
[root@harbor ~]#chmod +x docker-compose
  • 1
  • 2
  • 3
  • 4
(3)安装harbor
[root@harbor ~]#cd /usr/local
[root@harbor local]#tar zxvf harbor-offline-installer-v1.2.2.tgz
[root@harbor local]#vim harbor/harbor.cfg
hostname = 192.168.60.70
[root@harbor local]#sh /usr/local/harbor/install.sh
[root@harbor ~]# netstat -natp | grep 80
tcp6       0      0 :::80                   :::*                    LISTEN      3293/docker-proxy 
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
(4)在浏览器上面访问192.168.60.70

在这里插入图片描述

【5】在node节点配置连接私有仓库
[root@node1 ~]# vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://730ykxsw.mirror.aliyuncs.com"],
  "insecure-registries":["192.168.60.70"]
}
  • 1
  • 2
  • 3
  • 4
  • 5
【6】登录harbor私有仓库
[root@node1 ~]# docker login 192.168.60.70
username:admin
password:Harbor12345
Login Succeeded
  • 1
  • 2
  • 3
  • 4
【7】下载tomcat镜像进行推送
(1)在浏览器harbor界面创建project目录

在这里插入图片描述

(2)下载tomcat镜像
[root@node1 ~]# docker pull tomcat
  • 1
(3)修改推送格式
[root@node1 ~]# docker tag tomcat 192.168.60.70/project/tomcat
  • 1
(4)推送tomcat镜像
[root@node1 ~]# docker push 192.168.60.70/project/tomcat
  • 1
(5)查看是否推送成功

访问192.168.60.70
在这里插入图片描述

【8】查看pods,deploy,svc
[root@master demo]# kubectl get pods,deploy,svc 
NAME                            READY   STATUS    RESTARTS   AGE
pod/my-tomcat-694f75d6-5ws5v    1/1     Running   0          15h
pod/my-tomcat-694f75d6-nrgk2    1/1     Running   0          91m
pod/nginx-dbddb74b8-4tcdf       1/1     Running   0          91m
pod/nginx-dep-dbb4bfd5f-hmq6h   1/1     Running   0          91m
pod/nginx-dep-dbb4bfd5f-mzrvf   1/1     Running   0          91m
pod/nginx-dep-dbb4bfd5f-pjgnj   1/1     Running   0          91m

NAME                              DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
deployment.extensions/my-tomcat   2         2         2            2           15h
deployment.extensions/nginx       1         1         1            1           5d20h
deployment.extensions/nginx-dep   3         3         3            3           4d16h

NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)          AGE
service/kubernetes   ClusterIP   10.0.0.1     <none>        443/TCP          13d
service/my-tomcat    NodePort    10.0.0.199   <none>        8080:33445/TCP   15h
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
【9】在之前登录harbor仓库节点的node节点查看登录凭据
[root@node1 ~]# cat .docker/config.json | base64 -w 0
ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjYwLjcwIjogewoJCQkiYXV0aCI6ICJZV1J0YVc0NlNHRnlZbTl5TVRJek5EVT0iCgkJfQoJfSwKCSJIdHRwSGVhZGVycyI6IHsKCQkiVXNlci1BZ2VudCI6ICJEb2NrZXItQ2xpZW50LzE5LjAzLjEzIChsaW51eCkiCgl9Cn0=
  • 1
  • 2
【10】在master节点上面创建secret资源
[root@master demo]# vim registry-pull-secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: registry-pull-secret
data:
  .dockerconfigjson: ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjYwLjcwIjogewoJCQkiYXV0aCI6ICJZV1J0YVc0NlNHRnlZbTl5TVRJek5EVT0iCgkJfQoJfSwKCSJIdHRwSGVhZGVycyI6IHsKCQkiVXNlci1BZ2VudCI6ICJEb2NrZXItQ2xpZW50LzE5LjAzLjEzIChsaW51eCkiCgl9Cn0=
type: kubernetes.io/dockerconfigjson
[root@master demo]# kubectl create -f registry-pull-secret.yaml
[root@master demo]# kubectl get secret
NAME                   TYPE                                  DATA   AGE
default-token-dzblk    kubernetes.io/service-account-token   3      13d
registry-pull-secret   kubernetes.io/dockerconfigjson        1      15h
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
【11】创建资源从harbor中下载镜像
[root@master demo]# vim tomcat-deployment.yaml 
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: my-tomcat
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: my-tomcat
    spec:
      imagePullSecrets:
      - name: registry-pull-secret
      containers:
      - name: my-tomcat
        image: 192.168.60.70/project/tomcat
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: my-tomcat
spec:
  type: NodePort
  ports:
  - port: 8080
    targetPort: 8080
    nodePort: 33445
  selector:
    app: my-tomcat
[root@master demo]# kubectl create -f tomcat-deployment.yaml
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
【12】查看私有仓库中的镜像被下载了几次

访问192.168.60.70
在这里插入图片描述

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/盐析白兔/article/detail/162278
推荐阅读
相关标签
  

闽ICP备14008679号