国产 无码 综合区,色欲AV无码国产永久播放,无码天堂亚洲国产AV,国产日韩欧美女同一区二区

  1. Toy模板網(wǎng)首頁
  2. >Toy博客

CI/CD—K8S 基本理解與部署

2年前作者:@Autowire分類:Toy博客閱讀(34)違法舉報

這篇具有很好參考價值的文章主要介紹了CI/CD—K8S 基本理解與部署。希望對大家有所幫助。如果存在錯誤或未考慮完全的地方,請大家不吝賜教,您也可以點擊"舉報違法"按鈕提交疑問。

1 K8S 是什么

Kubernetes 是一款容器的編排調(diào)度工具,來源于 Google 開源的 Brog 系統(tǒng)。Kubernetes簡稱K8S,是用8代替8個字符 “ubernete” 而成的縮寫,用于管理云平臺中多個主機(jī)上的容器化的應(yīng)用,Kubernetes 的目標(biāo)是讓部署容器化的應(yīng)用簡單并且高效,Kubernetes提供了應(yīng)用部署,規(guī)劃,更新,維護(hù)的一種機(jī)制。

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

集群中的各種角色
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
apiserver 所有服務(wù)訪問的唯一入口,提供認(rèn)證、授權(quán)、訪問控制、API 注冊和發(fā)現(xiàn)等機(jī)制
controller manager 負(fù)責(zé)維護(hù)集群的狀態(tài),比如副本期望數(shù)量、故障檢測、自動擴(kuò)展、滾動更新等
scheduler 負(fù)責(zé)資源的調(diào)度,按照預(yù)定的調(diào)度策略將 Pod 調(diào)度到相應(yīng)的機(jī)器上
etcd 鍵值對數(shù)據(jù)庫,保存了整個集群的狀態(tài)
kubelet 負(fù)責(zé)維護(hù)容器的生命周期,同時也負(fù)責(zé) Volume 和網(wǎng)絡(luò)的管理
kube-proxy 負(fù)責(zé)為 Service 提供 cluster 內(nèi)部的服務(wù)發(fā)現(xiàn)和負(fù)載均衡
Container runtime 負(fù)責(zé)鏡像管理以及 Pod 和容器的真正運行

nginx 要調(diào)度到哪個工作節(jié)點呢?由scheduler監(jiān)聽API server發(fā)現(xiàn)有新的創(chuàng)建應(yīng)用,通過API server 到 etcd 拿數(shù)據(jù),然后 controller manager 確定哪個Node合適, 最后由API server指揮遠(yuǎn)程工作節(jié)點中的一個組件 Kubelet ,由 Kubelet 創(chuàng)建 pod:Kubelet 通過 cri-dockerd 操作 docker 創(chuàng)建 pod。
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
首先,將一個 K8s 比作一個集團(tuán),集團(tuán)要做不同的項目,集群的各個角色就擔(dān)任了不同的任務(wù)。

  • Node:就是各個負(fù)責(zé)工作的地方也就是工廠。
  • Kubelet:每一個工廠的負(fù)責(zé)人。
  • k-proxy:每一個工廠的門衛(wèi),當(dāng)總部的人要來巡視工廠了,可以通過它來詢問當(dāng)前的項目是不是在這開展,不管有沒有在它這開展它都能告訴領(lǐng)導(dǎo)該去哪里查看。
  • controller manager:決策者,決定項目由哪一個工廠來開展。
  • API server:秘書部,決策者的決策不會直接告訴工廠而是通過它來進(jìn)行轉(zhuǎn)達(dá),同樣地,工廠的情況也是通過它來轉(zhuǎn)給決策者。
  • scheduler:調(diào)度者,調(diào)度項目的執(zhí)行。
  • etcd:資料庫,用于存放集團(tuán)的資料。
    CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
  • 每一個服務(wù)器中要有一個監(jiān)工:kubelet,由它來負(fù)責(zé)監(jiān)控整個服務(wù)器里面容器的監(jiān)控狀況
  • 所有的溝通都是通過秘書(api-server)
  • 所有的服務(wù)器都要裝上運行時環(huán)境,可以是docker。
  • 可以通過命令的形式來進(jìn)行部署

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

2 環(huán)境部署

1 ip規(guī)劃:

vim /etc/hosts

192.168.21.20 kubernetes-master.inspur.com kubernetes-master
192.168.21.21 kubernetes-node1.inspur.com kubernetes-node1
192.168.21.22 kubernetes-node2.inspur.com kubernetes-node2
192.168.21.23 kubernetes-node3.inspur.com kubernetes-node3
192.168.21.24 kubernetes-register.inspur.com kubernetes-register

[root@inspur ~]# ssh-keygen -t rsa
[root@inspur ~]# ls .ssh/
id_rsa  id_rsa.pub

[root@inspur ~]# for i in 20 21 22 23 24
> do
> ssh-copy-id root@192.168.21.$i
> done

[root@inspur ~]# for i in 20 21 22 23 24; do ssh root@192.168.21.$i "hostname"; done
inspur
inspur
inspur
inspur
inspur

[root@inspur ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.110.35.201 registrylibrary.com.cn
192.168.21.20 kubernetes-master.inspur.com kubernetes-master
192.168.21.21 kubernetes-node1.inspur.com kubernetes-node1
192.168.21.22 kubernetes-node2.inspur.com kubernetes-node2
192.168.21.23 kubernetes-node3.inspur.com kubernetes-node3
192.168.21.24 kubernetes-register.inspur.com kubernetes-register
[root@inspur ~]# hostnamectl set-hostname  kubernetes-master
[root@inspur ~]# exec /bin/bash
[root@kubernetes-master ~]# hostname
kubernetes-master

[root@kubernetes-master ~]# ssh root@192.168.21.21 "hostnamectl set-hostname  kubernetes-node1"
[root@kubernetes-master ~]# ssh root@192.168.21.22 "hostnamectl set-hostname  kubernetes-node2"
[root@kubernetes-master ~]# ssh root@192.168.21.23 "hostnamectl set-hostname  kubernetes-node3"
[root@kubernetes-master ~]# ssh root@192.168.21.24 "hostnamectl set-hostname  kubernetes-register"


[root@kubernetes-master ~]# for i in 20 21 22 23 24; do ssh root@192.168.21.$i "hostname"; done
kubernetes-master
kubernetes-node1
kubernetes-node2
kubernetes-node3
kubernetes-register

2 不重啟電腦,禁用啟用swap,立刻生效

# 禁用命令

 sudo swapoff -a
# 啟用命令

 sudo swapon -a
# 查看交換分區(qū)的狀態(tài)

 sudo free -m

[root@kubernetes-master ~]# vim  /etc/sysctl.d/k8s.conf
[root@kubernetes-master ~]# cat /etc/sysctl.d/k8s.conf
vm.swappiness=0

3 網(wǎng)絡(luò)參數(shù)調(diào)整

配置iptables參數(shù),使得流經(jīng)網(wǎng)橋的流量也經(jīng)過iptables/netfilter防火墻

[root@kubernetes-master ~]# vim /etc/sysctl.d/k8s.conf
[root@kubernetes-master ~]# cat /etc/sysctl.d/k8s.conf
vm.swappiness=0
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1

配置生效

[root@kubernetes-master ~]# sudo modprobe overlay
[root@kubernetes-master ~]# sudo modprobe br_netfilter
[root@inspur ~]# sysctl -p /etc/sysctl.d/k8s.conf

4 容器環(huán)境配置

https://developer.aliyun.com/mirror/docker-ce?spm=a2c6h.13651102.0.0.3e221b11ixbXRM
dokcer的安裝見之前的文章

systemctl enable docker

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
配置docker鏡像加速器:

[root@kubernetes-master docker]# pwd
/etc/docker
[root@kubernetes-master docker]# cat daemon.json
{
  "registry-mirrors": ["https://4zmn196h.mirror.aliyuncs.com",
      "http://74f21445.m.daocloud.io",
      "https://registry.docker-cn.com",
      "http://hub-mirror.c.163.com",
      "https://docker.mirrors.ustc.edu.cn"
  ],
  "dns": ["8.8.8.8", "114.114.114.114"],
  "insecure-registries": ["kubernetes-register.inspur.com"],
  "exec-opts":[ "native.cgroupdriver=systemd"]
}
[root@kubernetes-master docker]#

5 cri環(huán)境操作

[root@kubernetes-master softs]# pwd
/data/softs
[root@kubernetes-master softs]# ll
total 0
[root@kubernetes-master softs]#

下載軟件

[root@kubernetes-master softs]# wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.2/cri-dockerd-0.3.2.amd64.tgz

解壓軟件:

[root@kubernetes-master softs]# tar -zxvf cri-dockerd-0.3.2.amd64.tgz

[root@kubernetes-master system]# cd /usr/lib/systemd/system/
[root@kubernetes-master system]# chmod 777 cri-dockerd

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
配置啟動文件:
/etc/systemd/system

[Unit]
Description=CRI Interface for Docker Application Container Engine
Documentation=https://docs.mirantis.com
After=network-online.target firewalld.service docker.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/local/bin/cri-dockerd --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.9
--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin --container-runtime-endpoint=unix:///var/run/cri-dockerd.sock --cri-dockerd-root-directory=/var/lib/dockershim --docker-endpoint=unix:///var/run/docker.sock --cri-dockerd-root-directory=/var/lib/docker
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s 
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target

生成socket文件:
/etc/systemd/system

[Unit]
Description=CRI Docker socket for the API
PartOf=cri-docker.service
[Socket]
ListenStream=/var/run/cri-dockerd.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target

[root@kubernetes-master system]# cd /etc/systemd/system/

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
檢查效果:

[root@kubernetes-master bin]# systemctl status cri-dockerd

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

 systemctl is-active cri-dockerd

設(shè)置服務(wù)開機(jī)自啟動:

[root@kubernetes-master bin]# systemctl daemon-reload
[root@kubernetes-master bin]# systemctl enable cri-dockerd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/cri-dockerd.service to /etc/systemd/system/cri-dockerd.service.
[root@kubernetes-master bin]# systemctl restart cri-dockerd.service
[root@kubernetes-master bin]#

6 harbor倉庫操作

下載軟件:700M左右

wget https://github.com/goharbor/harbor/releases/download/v2.5.0/harbor-offline-installer-v2.5.0.tgz

curl -SL https://github.com/docker/compose/releases/download/v2.20.2/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose

mv docker-compose-linux-x86_64 /usr/local/bin/docker-compose

chmod +x docker-compose

sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

docker-compose --version

[root@kubernetes-register softs]# tar -zxvf docker-compose-linux-x86_64


[root@kubernetes-register server]# pwd
/data/server
[root@kubernetes-register server]# ll
total 0
drwxr-xr-x. 2 root root 122 Aug  7 15:57 harbor
[root@kubernetes-register server]# cd harbor/
[root@kubernetes-register harbor]# ll
total 647720
-rw-r--r--. 1 root root      3361 Apr  7  2022 common.sh
-rw-r--r--. 1 root root 663227387 Apr  7  2022 harbor.v2.5.0.tar.gz
-rw-r--r--. 1 root root      9917 Apr  7  2022 harbor.yml.tmpl
-rwxr-xr-x. 1 root root      2500 Apr  7  2022 install.sh
-rw-r--r--. 1 root root     11347 Apr  7  2022 LICENSE
-rwxr-xr-x. 1 root root      1881 Apr  7  2022 prepare
[root@kubernetes-register harbor]#


[root@kubernetes-register harbor]# docker load < harbor.v2.5.0.tar.gz

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
修改配置文件:

[root@kubernetes-register harbor]# cp harbor.yml.tmpl harbor.yml
[root@kubernetes-register harbor]# vim harbor.yml

hostname: kubernetes-register.inspur.com

禁用https:

#https:
  # https port for harbor, default is 443
 # port: 443
  # The path of cert and key files for nginx
  #certificate: /your/certificate/path
  #private_key: /your/private/key/path

harbor_admin_password: 123456

data_volume: /data/server/harbor/data

生成配置文件:

[root@kubernetes-register harbor]# ./prepare
prepare base dir is set to /data/server/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir

啟動安裝:

[root@kubernetes-register harbor]# ./install.sh

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器


[root@kubernetes-register harbor]# docker compose ps
NAME                IMAGE                                COMMAND                  SERVICE             CREATED             STATUS                             PORTS
harbor-core         goharbor/harbor-core:v2.5.0          "/harbor/entrypoint.…"   core                5 minutes ago       Up 31 seconds (healthy)
harbor-db           goharbor/harbor-db:v2.5.0            "/docker-entrypoint.…"   postgresql          5 minutes ago       Up 32 seconds (healthy)
harbor-jobservice   goharbor/harbor-jobservice:v2.5.0    "/harbor/entrypoint.…"   jobservice          5 minutes ago       Up 29 seconds (health: starting)
harbor-log          goharbor/harbor-log:v2.5.0           "/bin/sh -c /usr/loc…"   log                 5 minutes ago       Up 4 minutes (healthy)             127.0.0.1:1514->10514/tcp
harbor-portal       goharbor/harbor-portal:v2.5.0        "nginx -g 'daemon of…"   portal              5 minutes ago       Up 32 seconds (healthy)
nginx               goharbor/nginx-photon:v2.5.0         "nginx -g 'daemon of…"   proxy               5 minutes ago       Up 29 seconds (health: starting)   0.0.0.0:80->8080/tcp, :::80->8080/tcp
redis               goharbor/redis-photon:v2.5.0         "redis-server /etc/r…"   redis               5 minutes ago       Up 32 seconds (healthy)
registry            goharbor/registry-photon:v2.5.0      "/home/harbor/entryp…"   registry            5 minutes ago       Up 32 seconds (healthy)
registryctl         goharbor/harbor-registryctl:v2.5.0   "/home/harbor/start.…"   registryctl         5 minutes ago       Up 32 seconds (healthy)
[root@kubernetes-register harbor]#

有一個問題:
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
下線處理:

[root@kubernetes-register harbor]# docker-compose down
[+] Running 10/10
 ? Container harbor-jobservice  Removed                                                                                                                                                      2.1s
 ? Container nginx              Removed                                                                                                                                                      2.1s
 ? Container registryctl        Removed                                                                                                                                                     10.4s
 ? Container harbor-portal      Removed                                                                                                                                                      0.6s
 ? Container harbor-core        Removed                                                                                                                                                      0.6s
 ? Container registry           Removed                                                                                                                                                      0.4s
 ? Container redis              Removed                                                                                                                                                      0.5s
 ? Container harbor-db          Removed                                                                                                                                                      0.5s
 ? Container harbor-log         Removed                                                                                                                                                     10.1s
 ? Network harbor_harbor        Removed

定制服務(wù)啟動文件:

[root@kubernetes-register system]# pwd
/etc/systemd/system

[Unit]
Description=Harbor
After=docker.service systemd-networkd.service systemd-resolved.service
Requires=docker.service
Documentation=http://github.com/vmware/harbor
[Service]
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/bin/docker-compose --file /data/server/harbor/docker-compose.yml upExecStop=/usr/bin/docker-compose --file /data/server/harbor/docker-compose.yml down
[Install]
WantedBy=multi-user.target

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

[root@kubernetes-register ~]# cd /data/server/harbor/
[root@kubernetes-register harbor]# docker-compose ps
NAME                IMAGE                                COMMAND                  SERVICE             CREATED             STATUS                   PORTS
harbor-core         goharbor/harbor-core:v2.5.0          "/harbor/entrypoint.…"   core                2 minutes ago       Up 2 minutes (healthy)
harbor-db           goharbor/harbor-db:v2.5.0            "/docker-entrypoint.…"   postgresql          2 minutes ago       Up 2 minutes (healthy)
harbor-jobservice   goharbor/harbor-jobservice:v2.5.0    "/harbor/entrypoint.…"   jobservice          2 minutes ago       Up 2 minutes (healthy)
harbor-log          goharbor/harbor-log:v2.5.0           "/bin/sh -c /usr/loc…"   log                 2 minutes ago       Up 2 minutes (healthy)   127.0.0.1:1514->10514/tcp
harbor-portal       goharbor/harbor-portal:v2.5.0        "nginx -g 'daemon of…"   portal              2 minutes ago       Up 2 minutes (healthy)
nginx               goharbor/nginx-photon:v2.5.0         "nginx -g 'daemon of…"   proxy               2 minutes ago       Up 2 minutes (healthy)   0.0.0.0:80->8080/tcp, :::80->8080/tcp
redis               goharbor/redis-photon:v2.5.0         "redis-server /etc/r…"   redis               2 minutes ago       Up 2 minutes (healthy)
registry            goharbor/registry-photon:v2.5.0      "/home/harbor/entryp…"   registry            2 minutes ago       Up 2 minutes (healthy)
registryctl         goharbor/harbor-registryctl:v2.5.0   "/home/harbor/start.…"   registryctl         2 minutes ago       Up 2 minutes (healthy)
[root@kubernetes-register harbor]#

創(chuàng)建一個用戶:

Inspur930312043@qq.com

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
用自己的賬號登錄并創(chuàng)建一個項目:
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

[root@kubernetes-master ~]# docker tag  nginx:latest kubernetes-register.inspur.com/inspur/nginx:2.22.01


[root@kubernetes-master ~]# docker tag  tomcat:latest kubernetes-register.inspur.com/inspur/tomcat:11.1.01

上傳鏡像到私有倉庫:

[root@kubernetes-master ~]# docker images
REPOSITORY                                     TAG       IMAGE ID       CREATED         SIZE
nginx                                          latest    605c77e624dd   19 months ago   141MB
kubernetes-register.inspur.com/inspur/nginx    2.22.01   605c77e624dd   19 months ago   141MB
tomcat                                         latest    fb5657adc892   19 months ago   680MB
kubernetes-register.inspur.com/inspur/tomcat   11.1.01   fb5657adc892   19 months ago   680MB
[root@kubernetes-master ~]# docker login kubernetes-register.inspur.com
Username: inspur
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@kubernetes-master ~]# docker push kubernetes-register.inspur.com/inspur/tomcat:11.1.01
The push refers to repository [kubernetes-register.inspur.com/inspur/tomcat]
3e2ed6847c7a: Pushed
bd2befca2f7e: Pushed
59c516e5b6fa: Pushed
3bb5258f46d2: Pushed
832e177bb500: Pushed
f9e18e59a565: Pushed
26a504e63be4: Pushed
8bf42db0de72: Pushed
31892cc314cb: Pushed
11936051f93b: Pushed
11.1.01: digest: sha256:e6d65986e3b0320bebd85733be1195179dbce481201a6b3c1ed27510cfa18351 size: 2422
[root@kubernetes-master ~]# docker push kubernetes-register.inspur.com/inspur/nginx:2.22.01
The push refers to repository [kubernetes-register.inspur.com/inspur/nginx]
d874fd2bc83b: Pushed
32ce5f6a5106: Pushed
f1db227348d0: Pushed
b8d6e692a25e: Pushed
e379e8aedd4d: Pushed
2edcec3590a4: Pushed
2.22.01: digest: sha256:ee89b00528ff4f02f2405e4ee221743ebc3f8e8dd0bfd5c4c20a2fa2aaa7ede3 size: 1570
[root@kubernetes-master ~]#

拉取鏡像:

[root@kubernetes-register harbor]# docker pull kubernetes-register.inspur.com/inspur/tomcat@sha256:e6d65986e3b0320bebd85733be1195179dbce481201a6b3c1ed27510cfa18351
kubernetes-register.inspur.com/inspur/tomcat@sha256:e6d65986e3b0320bebd85733be1195179dbce481201a6b3c1ed27510cfa18351: Pulling from inspur/tomcat
Digest: sha256:e6d65986e3b0320bebd85733be1195179dbce481201a6b3c1ed27510cfa18351
Status: Image is up to date for kubernetes-register.inspur.com/inspur/tomcat@sha256:e6d65986e3b0320bebd85733be1195179dbce481201a6b3c1ed27510cfa18351
kubernetes-register.inspur.com/inspur/tomcat@sha256:e6d65986e3b0320bebd85733be1195179dbce481201a6b3c1ed27510cfa18351
[root@kubernetes-register harbor]# docker images
REPOSITORY                                     TAG       IMAGE ID       CREATED         SIZE
goharbor/harbor-exporter                       v2.5.0    36396f138dfb   16 months ago   86.7MB
goharbor/chartmuseum-photon                    v2.5.0    eaedcf1f700b   16 months ago   225MB
goharbor/redis-photon                          v2.5.0    1e00fcc9ae63   16 months ago   156MB
goharbor/trivy-adapter-photon                  v2.5.0    4e24a6327c97   16 months ago   164MB
goharbor/notary-server-photon                  v2.5.0    6d5fe726af7f   16 months ago   112MB
goharbor/notary-signer-photon                  v2.5.0    932eed8b6e8d   16 months ago   109MB
goharbor/harbor-registryctl                    v2.5.0    90ef6b10ab31   16 months ago   136MB
goharbor/registry-photon                       v2.5.0    30e130148067   16 months ago   77.5MB
goharbor/nginx-photon                          v2.5.0    5041274b8b8a   16 months ago   44MB
goharbor/harbor-log                            v2.5.0    89fd73f9714d   16 months ago   160MB
goharbor/harbor-jobservice                     v2.5.0    1d097e877be4   16 months ago   226MB
goharbor/harbor-core                           v2.5.0    42a54bc05b02   16 months ago   202MB
goharbor/harbor-portal                         v2.5.0    c206e936f4f9   16 months ago   52.3MB
goharbor/harbor-db                             v2.5.0    d40a1ae87646   16 months ago   223MB
goharbor/prepare                               v2.5.0    36539574668f   16 months ago   268MB
tomcat                                         latest    fb5657adc892   19 months ago   680MB
kubernetes-register.inspur.com/inspur/tomcat   11.1.01   fb5657adc892   19 months ago   680MB

7 K8s集群初始化

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
配置阿里云鏡像:

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
setenforce 0

軟件安裝:

yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

[root@kubernetes-master ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"27", GitVersion:"v1.27.4", GitCommit:"fa3d7990104d7c1f16943a67f11b154b71f6a132", GitTreeState:"clean", BuildDate:"2023-07-19T12:19:40Z", GoVersion:"go1.20.6", Compiler:"gc", Platform:"linux/amd64"}
[root@kubernetes-master ~]# kubeadm config images list
registry.k8s.io/kube-apiserver:v1.27.4
registry.k8s.io/kube-controller-manager:v1.27.4
registry.k8s.io/kube-scheduler:v1.27.4
registry.k8s.io/kube-proxy:v1.27.4
registry.k8s.io/pause:3.9
registry.k8s.io/etcd:3.5.7-0
registry.k8s.io/coredns/coredns:v1.10.1
[root@kubernetes-master ~]# kubeadm config list | awk -F '/' '{print $NF}'
invalid subcommand "list"
See 'kubeadm config -h' for help and examples
[root@kubernetes-master ~]# kubeadm config images list | awk -F '/' '{print $NF}'
kube-apiserver:v1.27.4
kube-controller-manager:v1.27.4
kube-scheduler:v1.27.4
kube-proxy:v1.27.4
pause:3.9
etcd:3.5.7-0
coredns:v1.10.1


images=$(kubeadm config images list --kubernetes-version=1.27.4 | awk -F "/" '{print $NF}')
for i in ${images}
do
docker pull registry.aliyuncs.com/google_containers/$i
docker tag registry.aliyuncs.com/google_containers/$i kubernetes-register.inspur.com/google_containers/$i
docker push kubernetes-register.inspur.com/google_containers/$i
docker rmi registry.aliyuncs.com/google_containers/$i
done

環(huán)境初始化:
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

[root@kubernetes-master ~]# kubeadm init --kubernetes-version=1.27.4 --apiserver-advertise-address=192.168.21.20 --image-repository=kubernetes-register.inspur.com/google_containers --pod-network-cidr="172.17.1.0/16" --service-cidr="10.96.0.0/12" --ignore-preflight-errors=Swap --cri-socket=unix:///var/run/cri-dockerd.sock

分別在node1 node2 node3 執(zhí)行

kubeadm join 192.168.21.20:6443 --token ymlg0w.xkl1z4pr7dwg39yr --discovery-token-ca-cert-hash sha256:ec15cba4c2e6bf2291ff1217f4e9bd41ee28aa02139e6fc86e614a5b8c6f4b96 --cri-socket=unix:///var/run/cri-dockerd.sock

但是現(xiàn)在還是有一個問題:
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
運行如下命令:

[root@kubernetes-master ~]#   mkdir -p $HOME/.kube
[root@kubernetes-master ~]#   sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@kubernetes-master ~]#   sudo chown $(id -u):$(id -g) $HOME/.kube/config


[root@kubernetes-master ~]# kubectl get nodes
NAME                STATUS     ROLES           AGE     VERSION
kubernetes-master   NotReady   control-plane   5m8s    v1.27.4
kubernetes-node1    NotReady   <none>          2m56s   v1.27.4
kubernetes-node2    NotReady   <none>          2m46s   v1.27.4
kubernetes-node3    NotReady   <none>          2m44s   v1.27.4
[root@kubernetes-master ~]#

命令補(bǔ)全:

source <(kubectl completion bash)
source <(kubeadm completion bash)

[root@kubernetes-master ~]# vim .bashrc
[root@kubernetes-master ~]# cat .bashrc
# .bashrc

# User specific aliases and functions

alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc
fi
source <(kubectl completion bash)
source <(kubeadm completion bash)
[root@kubernetes-master ~]# source .bashrc
[root@kubernetes-master ~]# kubectl get n
namespaces                         networkpolicies.networking.k8s.io  nodes
[root@kubernetes-master ~]# kubectl get n
namespaces                         networkpolicies.networking.k8s.io  nodes
[root@kubernetes-master ~]# kubectl get n

網(wǎng)絡(luò)配置:

 https://kubernetes.io/docs/concepts/cluster-administration/addons/


[root@kubernetes-master flannel]# pwd
/data/kubernetes/network/flannel
[root@kubernetes-master flannel]# ll
total 16
-rw-r--r--. 1 root root 4459 Aug  8 09:42 kube-flannel.yml
-rw-r--r--. 1 root root 4459 Aug  8 09:42 kube-flannel.ymlBK
[root@kubernetes-master flannel]#

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
需要下載一下三個鏡像文件:

[root@kubernetes-master flannel]# grep image: kube-flannel.yml
        image: docker.io/flannel/flannel:v0.22.1
        image: docker.io/flannel/flannel-cni-plugin:v1.2.0
        image: docker.io/flannel/flannel:v0.22.1


[root@kubernetes-master flannel]# docker tag flannel/flannel:v0.22.1 kubernetes-register.inspur.com/inspur/flannel/flannel:v0.22.1
[root@kubernetes-master flannel]# docker tag flannel/flannel-cni-plugin:v1.2.0 kubernetes-register.inspur.com/inspur/flannel/flannel-cni-plugin:v1.2.0

推送到遠(yuǎn)程私有倉庫:

[root@kubernetes-master flannel]# docker push  kubernetes-register.inspur.com/inspur/flannel/flannel:v0.22.1
The push refers to repository [kubernetes-register.inspur.com/inspur/flannel/flannel]
c120dc707e2b: Pushed
92e727b491c6: Pushed
23d8410e16ff: Pushed
9726974aad9b: Pushed
117eda391951: Pushed
40afc0fa6094: Pushed
d8ddfa4843bd: Pushed
f1417ff83b31: Pushed
v0.22.1: digest: sha256:02cb1205742b0d087f89d654cbe5fa8f815e97e4e5cc86c7f39bd7933d1a04cb size: 1996
[root@kubernetes-master flannel]# docker push kubernetes-register.inspur.com/inspur/flannel/flannel-cni-plugin:v1.2.0
The push refers to repository [kubernetes-register.inspur.com/inspur/flannel/flannel-cni-plugin]
9332f71f5f3d: Pushed
7df5bd7bd262: Pushed
v1.2.0: digest: sha256:2180bb74f60bea56da2e9be2004271baa6dccc0960b7aeaf43a97fc4de9b1ae0 size: 739
[root@kubernetes-master flannel]#

修改yml文件:
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

[root@kubernetes-master flannel]# kubectl apply -f kube-flannel.yml
namespace/kube-flannel created
serviceaccount/flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
[root@kubernetes-master flannel]#

查看namespace:

[root@kubernetes-master flannel]# kubectl get ns
NAME              STATUS   AGE
default           Active   34m
kube-flannel      Active   53s
kube-node-lease   Active   34m
kube-public       Active   34m
kube-system       Active   34m
[root@kubernetes-master flannel]#


[root@kubernetes-master flannel]# kubectl get pod -n kube-flannel
NAME                    READY   STATUS             RESTARTS      AGE
kube-flannel-ds-mdpkb   0/1     CrashLoopBackOff   4 (29s ago)   2m33s
kube-flannel-ds-pg4x6   0/1     CrashLoopBackOff   4 (44s ago)   2m33s
kube-flannel-ds-vjw5j   0/1     CrashLoopBackOff   4 (40s ago)   2m33s
kube-flannel-ds-wzwx9   0/1     CrashLoopBackOff   4 (41s ago)   2m33s
[root@kubernetes-master flannel]# kubectl get nodes
NAME                STATUS   ROLES           AGE   VERSION
kubernetes-master   Ready    control-plane   36m   v1.27.4
kubernetes-node1    Ready    <none>          34m   v1.27.4
kubernetes-node2    Ready    <none>          34m   v1.27.4
kubernetes-node3    Ready    <none>          34m   v1.27.4
[root@kubernetes-master flannel]#

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

[root@kubernetes-master flannel]# systemctl is-active kubelet cri-dockerd docker
active
active
active
[root@kubernetes-master flannel]# systemctl enable  kubelet cri-dockerd docker

8 應(yīng)用部署

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器
CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器

CI/CD—K8S 基本理解與部署,CI/CD,ci/cd,kubernetes,容器文章來源地址http://www.zghlxwxcb.cn/news/detail-647506.html

到了這里,關(guān)于CI/CD—K8S 基本理解與部署的文章就介紹完了。如果您還想了解更多內(nèi)容,請在右上角搜索TOY模板網(wǎng)以前的文章或繼續(xù)瀏覽下面的相關(guān)文章,希望大家以后多多支持TOY模板網(wǎng)!

本文來自互聯(lián)網(wǎng)用戶投稿,該文觀點僅代表作者本人,不代表本站立場。本站僅提供信息存儲空間服務(wù),不擁有所有權(quán),不承擔(dān)相關(guān)法律責(zé)任。如若轉(zhuǎn)載,請注明出處: 如若內(nèi)容造成侵權(quán)/違法違規(guī)/事實不符,請點擊違法舉報進(jìn)行投訴反饋,一經(jīng)查實,立即刪除!

領(lǐng)支付寶紅包贊助服務(wù)器費用

相關(guān)文章

  • 【業(yè)務(wù)功能115】微服務(wù)-springcloud-springboot-Kubernetes-k8s集群-Kubesphere實現(xiàn)DevOps流水線-CI/CD-SonarQube- Jenkins

    【業(yè)務(wù)功能115】微服務(wù)-springcloud-springboot-Kubernetes-k8s集群-Kubesphere實現(xiàn)DevOps流水線-CI/CD-SonarQube- Jenkins

    dev 怎么開發(fā) ops 怎么運維 參考項目鏈接:https://github.com/kubesphere/devops-maven-sample 持續(xù)集成是指軟件個人的部分向軟件整體部分交付,頻繁進(jìn)行集成以便更快地發(fā)現(xiàn)其中錯誤。 CI需要具備這些: 全面的自動化測試 這是實踐持續(xù)集成持續(xù)部署的基礎(chǔ),同時,選擇合適的自動化測

    2024年02月04日
    瀏覽(44)
  • 基于SNAT+DNAT發(fā)布內(nèi)網(wǎng)K8S及Jenkins+gitlab+Harbor模擬CI/CD的綜合項目

    基于SNAT+DNAT發(fā)布內(nèi)網(wǎng)K8S及Jenkins+gitlab+Harbor模擬CI/CD的綜合項目

    目錄 項目名稱 項目架構(gòu)圖 項目環(huán)境 項目概述 項目準(zhǔn)備 項目步驟 一、修改每臺主機(jī)的ip地址,同時設(shè)置永久關(guān)閉防火墻和selinux,修改好主機(jī)名,在firewalld服務(wù)器上開啟路由功能并配置snat策略。 1. 在firewalld服務(wù)器上配置ip地址、設(shè)置永久關(guān)閉防火墻和selinux,并修改好主機(jī)名

    2024年02月09日
    瀏覽(55)

  • 使用Kubernetes進(jìn)行CI/CD的最佳實踐

    CI/CD是指持續(xù)集成 (Continuous Integration) 和持續(xù)交付/部署 (Continuous Delivery/Deployment) 的縮寫,是一種軟件開發(fā)方法論。通過自動化的構(gòu)建、測試、部署等過程CI/CD能夠幫助開發(fā)者快速地將代碼交付到生產(chǎn)環(huán)境中。 Kubernetes是一種容器編排工具,它非常適合用來部署和運行分布式應(yīng)用

    2024年02月08日
    瀏覽(32)
  • CI/CD基本流程介紹

    CI/CD基本流程介紹

    1.1CI/CD基本配置介紹: ????????????? 配置jenkins ????????????? 軟件版本管理 ????????????? ? ? ? 配置jenkins訪問gitlab代碼倉庫 ????????????? 測試下載 ????????????? 下載到子目錄 準(zhǔn)備兩臺web服務(wù)器 ?????? 部署代碼到web服務(wù)器 自動化部署流程

    2024年02月11日
    瀏覽(30)
  • DevOps系列文章-Kubernetes實現(xiàn)CI與CD配置

    DevOps系列文章-Kubernetes實現(xiàn)CI與CD配置

    基于 Kubernetes 實現(xiàn) CI/CD 配置,其實和往常那些 CI/CD 配置并沒有太大區(qū)別。都是通過 提交代碼,拉取代碼,構(gòu)建代碼,發(fā)布代碼來實現(xiàn)的。 只不過要是通過 K8s 來實現(xiàn)的話,則是需要將構(gòu)建好的代碼打包成鏡像,通過鏡像的方式來運行。 CI/CD 流程圖: 開發(fā)將代碼提交代碼倉

    2024年02月05日
    瀏覽(22)
  • CI/CD部署

    CI/CD部署

    CI和CD是軟件開發(fā)中持續(xù)集成和持續(xù)交付的縮寫。 CI代表持續(xù)集成(Continuous Integration),是一種實踐,旨在通過自動化構(gòu)建、測試和代碼靜態(tài)分析等過程,頻繁地將代碼變更合并到共享存儲庫中。其目的是快速發(fā)現(xiàn)和修復(fù)代碼問題,確保開發(fā)團(tuán)隊對軟件產(chǎn)品持續(xù)交付。其中,

    2024年02月19日
    瀏覽(37)
  • [Docker實現(xiàn)測試部署CI/CD----自由風(fēng)格的CI操作[最終架構(gòu)](5)]

    [Docker實現(xiàn)測試部署CI/CD----自由風(fēng)格的CI操作[最終架構(gòu)](5)]

    ????????前面的架構(gòu)存在的問題是, 若有多個目標(biāo)服務(wù)器都需要使用該鏡像,那么每個目標(biāo)服務(wù) 器都需要在本地構(gòu)建鏡像,形成系統(tǒng)資源浪費。 若能夠在 Jenkins 中將 鏡像構(gòu)建好并推送到 Harbor 鏡像中心 ,那么無論有多少目標(biāo)服務(wù)器需要該鏡像,都只需要從 Harbor 拉取即可

    2024年02月14日
    瀏覽(38)
  • 【持續(xù)集成CI/持續(xù)部署CD】六、Docker Compose構(gòu)建CI全流程

    【持續(xù)集成CI/持續(xù)部署CD】六、Docker Compose構(gòu)建CI全流程

    1. 創(chuàng)建宿主機(jī)掛載目錄并賦權(quán) 2. 新建 Jenkins+Sonar 安裝腳本 jenkins-compose.yml 腳本,這里的 Jenkins 使用的是 Docker 官方推薦的鏡像 jenkinsci/blueocean,在實際使用中發(fā)現(xiàn),即使不修改插件下載地址,也可以下載插件,所以比較推薦這個鏡像。 3. 在 jenkins-compose.yml 文件所在目錄下執(zhí)行

    2024年02月10日
    瀏覽(27)
  • 使用gitlab 自帶 CI/CD 構(gòu)建部署項目

    使用gitlab 自帶 CI/CD 構(gòu)建部署項目

    這里我用的是橋接模式 橋接模式方便局域網(wǎng)內(nèi)的小伙伴一起使用 如果沒有這個打算可跳過這步 編輯網(wǎng)絡(luò) vi /etc/sysconfig/network-scripts/ifcfg-你的網(wǎng)絡(luò)名稱 修改如下內(nèi)容 這里我有句話要講, 這些信息配置完成后出現(xiàn)\\\"網(wǎng)絡(luò)不可達(dá)\\\" 需要把 BOOTPROTO 改為 dhcp 詳情可參考 處理網(wǎng)絡(luò)不可達(dá)

    2024年02月12日
    瀏覽(27)
  • 【前端自動化部署】,Devops,CI/CD

    【前端自動化部署】,Devops,CI/CD

    提到 Jenkins ,想到的第一個概念就是 CI/CD 在這之前應(yīng)該再了解一個概念。 DevOps Development 和 Operations 的組合,是一種方法論,并不特指某種技術(shù)或者工具。 DevOps 是一種重視 Dev 開發(fā)人員和 Ops 運維人員之間溝通、協(xié)作的流程。通過自動化的軟件交付,使軟件的構(gòu)建,測試,發(fā)

    2024年02月10日
    瀏覽(57)

覺得文章有用就打賞一下文章作者

支付寶掃一掃打賞

博客贊助

微信掃一掃打賞

請作者喝杯咖啡吧~博客贊助

支付寶掃一掃領(lǐng)取紅包,優(yōu)惠每天領(lǐng)

二維碼1

領(lǐng)取紅包

二維碼2

領(lǐng)紅包