kubernetes/k8s之pod资源管理和k8s-harbor

一、pod特点

最小部署单元
一组容器的集合
一个Pod中的容器共享网络命名空间
Pod是短暂的

二、Pod容器分类

1:infrastructure container 基础容器

//维护整个Pod网络空间
//node节点操作
//查看容器的网络

[root@localhost ~]# cat /opt/kubernetes/cfg/kubelet
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0"
//每次创建Pod时候就会创建,与Pod对应的,对于用户是透明的
[root@localhost ~]# docker ps
registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0   "/pause"
2:initcontainers 初始化容器

//先于业务容器开始执行,原先Pod中容器是并行开启,现在进行了改进

3:container 业务容器

//并行启动
官方网站
https://kubernetes.io/docs/concepts/workloads/pods/init-containers/

三、镜像拉取策略(image PullPolicy)

IfNotPresent:默认值,镜像在宿主机上不存在时才拉取
Always:每次创建Pod都会重新拉取一次镜像
Never:Pod永远不会主动拉取这个镜像
https://kubernetes.io/docs/concepts/containers/images

四、部署kubernetes之harbor节点

【1】创建nginx-pod
[root@master ~]# mkdir demo
[root@master ~]# cd demo/
[root@master demo]# vim pod1.yaml
apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
    - name: nginx
      image: nginx:1.14
      imagePullPolicy: Always
#    command: [ "echo", "SUCCESS" ]
[root@master demo]# kubectl create -f pod1.yaml
【2】查看pod信息
[root@master demo]# kubectl get pods
NAME                        READY   STATUS    RESTARTS   AGE
mypod                       1/1     Running   1          124m

[root@master demo]# kubectl get pods -o wide
NAME                        READY   STATUS    RESTARTS   AGE    IP            NODE             NOMINATED NODE
mypod                       1/1     Running   1          125m   172.17.58.6   192.168.60.60    <none>
【3】在node节点上面使用curl查看头部信息
[root@node1 ~]# curl -I 172.17.58.6
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Tue, 13 Oct 2020 01:18:46 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 29 Sep 2020 14:12:31 GMT
Connection: keep-alive
ETag: "5f7340cf-264"
Accept-Ranges: bytes
【4】部署harbor环境
(1)安装docker
[root@harbor ~]#yum install -y yum-utils device-mapper-persistent-data lvm2 
[root@harbor ~]#yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@harbor ~]#yum install docker-ce docker-ce-cli containerd.io
[root@harbor ~]#systemctl start docker
[root@harbor ~]#mkdir -p /etc/docker
[root@harbor ~]#tee /etc/docker/daemon.json <<-'EOF'
     {
       "registry-mirrors": ["https://730ykxsw.mirror.aliyuncs.com"]
     }
     EOF
[root@harbor ~]#systemctl daemon-reload
[root@harbor ~]#systemctl restart docker
[root@harbor ~]#vim /etc/sysctl.conf
net.ipv4.ip_forward=1 
[root@harbor ~]#sysctl -p
(2)安装docker-compose
[root@harbor ~]#cd /usr/local/bin
[root@harbor ~]#ls
docker-compose
[root@harbor ~]#chmod +x docker-compose
(3)安装harbor
[root@harbor ~]#cd /usr/local
[root@harbor local]#tar zxvf harbor-offline-installer-v1.2.2.tgz
[root@harbor local]#vim harbor/harbor.cfg
hostname = 192.168.60.70
[root@harbor local]#sh /usr/local/harbor/install.sh
[root@harbor ~]# netstat -natp | grep 80
tcp6       0      0 :::80                   :::*                    LISTEN      3293/docker-proxy 
(4)在浏览器上面访问192.168.60.70

在这里插入图片描述

【5】在node节点配置连接私有仓库
[root@node1 ~]# vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://730ykxsw.mirror.aliyuncs.com"],
  "insecure-registries":["192.168.60.70"]
}
【6】登录harbor私有仓库
[root@node1 ~]# docker login 192.168.60.70
username:admin
password:Harbor12345
Login Succeeded
【7】下载tomcat镜像进行推送
(1)在浏览器harbor界面创建project目录

在这里插入图片描述

(2)下载tomcat镜像
[root@node1 ~]# docker pull tomcat
(3)修改推送格式
[root@node1 ~]# docker tag tomcat 192.168.60.70/project/tomcat
(4)推送tomcat镜像
[root@node1 ~]# docker push 192.168.60.70/project/tomcat
(5)查看是否推送成功

访问192.168.60.70
在这里插入图片描述

【8】查看pods,deploy,svc
[root@master demo]# kubectl get pods,deploy,svc 
NAME                            READY   STATUS    RESTARTS   AGE
pod/my-tomcat-694f75d6-5ws5v    1/1     Running   0          15h
pod/my-tomcat-694f75d6-nrgk2    1/1     Running   0          91m
pod/nginx-dbddb74b8-4tcdf       1/1     Running   0          91m
pod/nginx-dep-dbb4bfd5f-hmq6h   1/1     Running   0          91m
pod/nginx-dep-dbb4bfd5f-mzrvf   1/1     Running   0          91m
pod/nginx-dep-dbb4bfd5f-pjgnj   1/1     Running   0          91m

NAME                              DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
deployment.extensions/my-tomcat   2         2         2            2           15h
deployment.extensions/nginx       1         1         1            1           5d20h
deployment.extensions/nginx-dep   3         3         3            3           4d16h

NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)          AGE
service/kubernetes   ClusterIP   10.0.0.1     <none>        443/TCP          13d
service/my-tomcat    NodePort    10.0.0.199   <none>        8080:33445/TCP   15h
【9】在之前登录harbor仓库节点的node节点查看登录凭据
[root@node1 ~]# cat .docker/config.json | base64 -w 0
ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjYwLjcwIjogewoJCQkiYXV0aCI6ICJZV1J0YVc0NlNHRnlZbTl5TVRJek5EVT0iCgkJfQoJfSwKCSJIdHRwSGVhZGVycyI6IHsKCQkiVXNlci1BZ2VudCI6ICJEb2NrZXItQ2xpZW50LzE5LjAzLjEzIChsaW51eCkiCgl9Cn0=
【10】在master节点上面创建secret资源
[root@master demo]# vim registry-pull-secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: registry-pull-secret
data:
  .dockerconfigjson: ewoJImF1dGhzIjogewoJCSIxOTIuMTY4LjYwLjcwIjogewoJCQkiYXV0aCI6ICJZV1J0YVc0NlNHRnlZbTl5TVRJek5EVT0iCgkJfQoJfSwKCSJIdHRwSGVhZGVycyI6IHsKCQkiVXNlci1BZ2VudCI6ICJEb2NrZXItQ2xpZW50LzE5LjAzLjEzIChsaW51eCkiCgl9Cn0=
type: kubernetes.io/dockerconfigjson
[root@master demo]# kubectl create -f registry-pull-secret.yaml
[root@master demo]# kubectl get secret
NAME                   TYPE                                  DATA   AGE
default-token-dzblk    kubernetes.io/service-account-token   3      13d
registry-pull-secret   kubernetes.io/dockerconfigjson        1      15h
【11】创建资源从harbor中下载镜像
[root@master demo]# vim tomcat-deployment.yaml 
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: my-tomcat
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: my-tomcat
    spec:
      imagePullSecrets:
      - name: registry-pull-secret
      containers:
      - name: my-tomcat
        image: 192.168.60.70/project/tomcat
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: my-tomcat
spec:
  type: NodePort
  ports:
  - port: 8080
    targetPort: 8080
    nodePort: 33445
  selector:
    app: my-tomcat
[root@master demo]# kubectl create -f tomcat-deployment.yaml
【12】查看私有仓库中的镜像被下载了几次

访问192.168.60.70
在这里插入图片描述

Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐