盐析白兔

这个屌丝很懒，什么也没留下！

热门标签

kubernetes/k8s之pod资源管理和k8s-harbor_harbor k8s 区别

作者：盐析白兔 | 2024-02-28 22:34:56

踩

harbor k8s 区别

kubernetes/k8s之pod资源管理和k8s-harbor

文章目录

- kubernetes/k8s之pod资源管理和k8s-harbor

一、pod特点

最小部署单元
一组容器的集合
一个Pod中的容器共享网络命名空间
Pod是短暂的

二、Pod容器分类

1：infrastructure container 基础容器

//维护整个Pod网络空间
//node节点操作
//查看容器的网络

[root@localhost ~]# cat /opt/kubernetes/cfg/kubelet
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"
//每次创建Pod时候就会创建，与Pod对应的，对于用户是透明的
[root@localhost ~]# docker ps
registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0   "/pause"
1
2
3
4
5

2：initcontainers 初始化容器

//先于业务容器开始执行，原先Pod中容器是并行开启，现在进行了改进

3：container 业务容器

//并行启动
官方网站
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/

三、镜像拉取策略（image PullPolicy）

IfNotPresent：默认值，镜像在宿主机上不存在时才拉取
Always：每次创建Pod都会重新拉取一次镜像
Never：Pod永远不会主动拉取这个镜像
https://kubernetes.io/docs/concepts/containers/images

四、部署kubernetes之harbor节点

【1】创建nginx-pod

[root@master ~]# mkdir demo
[root@master ~]# cd demo/
[root@master demo]# vim pod1.yaml
apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
    - name: nginx
      image: nginx:1.14
      imagePullPolicy: Always
#    command: [ "echo", "SUCCESS" ]
[root@master demo]# kubectl create -f pod1.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14

【2】查看pod信息

[root@master demo]# kubectl get pods
NAME                        READY   STATUS    RESTARTS   AGE
mypod                       1/1     Running   1          124m

[root@master demo]# kubectl get pods -o wide
NAME                        READY   STATUS    RESTARTS   AGE    IP            NODE             NOMINATED NODE
mypod                       1/1     Running   1          125m   172.17.58.6   192.168.60.60    <none>
1
2
3
4
5
6
7

【3】在node节点上面使用curl查看头部信息

[root@node1 ~]# curl -I 172.17.58.6
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Tue, 13 Oct 2020 01:18:46 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 29 Sep 2020 14:12:31 GMT
Connection: keep-alive
ETag: "5f7340cf-264"
Accept-Ranges: bytes
1
2
3
4
5
6
7
8
9
10

【4】部署harbor环境

（1）安装docker

[root@harbor ~]#yum install -y yum-utils device-mapper-persistent-data lvm2 
[root@harbor ~]#yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@harbor ~]#yum install docker-ce docker-ce-cli containerd.io
[root@harbor ~]#systemctl start docker
[root@harbor ~]#mkdir -p /etc/docker
[root@harbor ~]#tee /etc/docker/daemon.json <<-'EOF'
     {
       "registry-mirrors": ["https://730ykxsw.mirror.aliyuncs.com"]
     }
     EOF
[root@harbor ~]#systemctl daemon-reload
[root@harbor ~]#systemctl restart docker
[root@harbor ~]#vim /etc/sysctl.conf
net.ipv4.ip_forward=1 
[root@harbor ~]#sysctl -p
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

（2）安装docker-compose

[root@harbor ~]#cd /usr/local/bin
[root@harbor ~]#ls
docker-compose
[root@harbor ~]#chmod +x docker-compose
1
2
3
4

（3）安装harbor

[root@harbor ~]#cd /usr/local
[root@harbor local]#tar zxvf harbor-offline-installer-v1.2.2.tgz
[root@harbor local]#vim harbor/harbor.cfg
hostname = 192.168.60.70
[root@harbor local]#sh /usr/local/harbor/install.sh
[root@harbor ~]# netstat -natp | grep 80
tcp6       0      0 :::80                   :::*                    LISTEN      3293/docker-proxy 
1
2
3
4
5
6
7

（4）在浏览器上面访问192.168.60.70

在这里插入图片描述

【5】在node节点配置连接私有仓库

[root@node1 ~]# vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://730ykxsw.mirror.aliyuncs.com"],
  "insecure-registries":["192.168.60.70"]
}
1
2
3
4
5

【6】登录harbor私有仓库

[root@node1 ~]# docker login 192.168.60.70
username：admin
password：Harbor12345
Login Succeeded
1
2
3
4

【7】下载tomcat镜像进行推送

（1）在浏览器harbor界面创建project目录

在这里插入图片描述

（2）下载tomcat镜像

[root@node1 ~]# docker pull tomcat
1

（3）修改推送格式

[root@node1 ~]# docker tag tomcat 192.168.60.70/project/tomcat
1

（4）推送tomcat镜像

[root@node1 ~]# docker push 192.168.60.70/project/tomcat
1

（5）查看是否推送成功

访问192.168.60.70
在这里插入图片描述

【8】查看pods，deploy，svc

[root@master demo]# kubectl get pods,deploy,svc 
NAME                            READY   STATUS    RESTARTS   AGE
pod/my-tomcat-694f75d6-5ws5v    1/1     Running   0          15h
pod/my-tomcat-694f75d6-nrgk2    1/1     Running   0          91m
pod/nginx-dbddb74b8-4tcdf       1/1     Running   0          91m
pod/nginx-dep-dbb4bfd5f-hmq6h   1/1     Running   0          91m
pod/nginx-dep-dbb4bfd5f-mzrvf   1/1     Running   0          91m
pod/nginx-dep-dbb4bfd5f-pjgnj   1/1     Running   0          91m

NAME                              DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
deployment.extensions/my-tomcat   2         2         2            2           15h
deployment.extensions/nginx       1         1         1            1           5d20h
deployment.extensions/nginx-dep   3         3         3            3           4d16h

NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)          AGE
service/kubernetes   ClusterIP   10.0.0.1     <none>        443/TCP          13d
service/my-tomcat    NodePort    10.0.0.199   <none>        8080:33445/TCP   15h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

【9】在之前登录harbor仓库节点的node节点查看登录凭据

[root@node1 ~]# cat .docker/config.json | base64 -w 0
ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjYwLjcwIjogewoJCQkiYXV0aCI6ICJZV1J0YVc0NlNHRnlZbTl5TVRJek5EVT0iCgkJfQoJfSwKCSJIdHRwSGVhZGVycyI6IHsKCQkiVXNlci1BZ2VudCI6ICJEb2NrZXItQ2xpZW50LzE5LjAzLjEzIChsaW51eCkiCgl9Cn0=
1
2

【10】在master节点上面创建secret资源

[root@master demo]# vim registry-pull-secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: registry-pull-secret
data:
  .dockerconfigjson: ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjYwLjcwIjogewoJCQkiYXV0aCI6ICJZV1J0YVc0NlNHRnlZbTl5TVRJek5EVT0iCgkJfQoJfSwKCSJIdHRwSGVhZGVycyI6IHsKCQkiVXNlci1BZ2VudCI6ICJEb2NrZXItQ2xpZW50LzE5LjAzLjEzIChsaW51eCkiCgl9Cn0=
type: kubernetes.io/dockerconfigjson
[root@master demo]# kubectl create -f registry-pull-secret.yaml
[root@master demo]# kubectl get secret
NAME                   TYPE                                  DATA   AGE
default-token-dzblk    kubernetes.io/service-account-token   3      13d
registry-pull-secret   kubernetes.io/dockerconfigjson        1      15h
1
2
3
4
5
6
7
8
9
10
11
12
13

【11】创建资源从harbor中下载镜像

[root@master demo]# vim tomcat-deployment.yaml 
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: my-tomcat
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: my-tomcat
    spec:
      imagePullSecrets:
      - name: registry-pull-secret
      containers:
      - name: my-tomcat
        image: 192.168.60.70/project/tomcat
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: my-tomcat
spec:
  type: NodePort
  ports:
  - port: 8080
    targetPort: 8080
    nodePort: 33445
  selector:
    app: my-tomcat
[root@master demo]# kubectl create -f tomcat-deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

【12】查看私有仓库中的镜像被下载了几次

访问192.168.60.70
在这里插入图片描述

声明：本文内容由网友自发贡献，不代表【wpsshop博客】立场，版权归原作者所有，本站不承担相应法律责任。如您发现有侵权的内容，请联系我们。转载请注明出处：https://www.wpsshop.cn/w/盐析白兔/article/detail/162278