8-22 8 views
master构筑见:使用kubeadm工具快速安装kubernetes集群-master(1.11.2)
Node构筑见:使用kubeadm工具快速安装Kubernetes集群-node(1.11.2)
Docker私有仓库构筑见:CentOS7下搭建Docker私有仓库
背景
在kubernetes中,创建pod时,pause镜像默认是从k8s.gcr.io/google_containers/pause仓库来获取的,国内无法直接访问
可以像前面构筑时那样,先从docker hub上pull下来,然后通过tag重命名也是可以实现的,但是在集群中每台node都去获取一次不太现实,而且多数情况下集群是不直接访问公网的,面对这种环境,私有仓库就非常有必要了
配置kubelet
上面讲过了,kubelet默认是走k8s.gcr.io去获取pause镜像的,这里需要使用–pod-infra-container-image参数指定到私有仓库,前提是私有仓库中已经有了pause镜像
从公网获取 pause镜像
我的私有仓库的地址是10.9.54.19
|
1 2 3 |
docker pull mirrorgooglecontainers/pause:3.1 docker tag mirrorgooglecontainers/pause:3.1 10.9.54.19/pause:3.1 docker push 10.9.54.19/pause:3.1 |
docker pull:是从docker hub中拉取
docker tag:重命名
docker push: 提交到私有仓库中
修改kubelet启动参数
我是直接添加在最后一行ExecStart的后面了,很容易看出来这个配置文件中在启动程序的后面加的参数都是在前面定义的变量,自己也可以按这种格式去配置
vim /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
|
1 2 3 4 5 6 7 8 9 10 11 |
# Note: This dropin only works with kubeadm and kubelet v1.11+ [Service] Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" # This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env # This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use # the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file. EnvironmentFile=-/etc/sysconfig/kubelet ExecStart= ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS --pod-infra-container-image 10.9.54.19/pause:3.1 |
启用http支持
docker默认是走https协议的,所以需要针对私有仓库启用http支持
vim /etc/docker/daemon.json
|
1 |
{ "insecure-registries":["10.9.54.19"]} |
重新加载启动服务
vim /etc/docker/daemon.json
|
1 2 3 |
systemctl daemon-reload systemctl restart docker systemctl restart kubelet |
测试
我们来创建个pod测试一下
定义一个RC的yaml文件(master节点)
注:我这里测试用的tomcat-app是提前已经从公共仓库拉下来,提交到私有仓库中了,自己请根据需要去获取相应的镜像
[root@k8s-master ~]# vim tomcat-rc.yaml
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
apiVersion: v1 kind: ReplicationController metadata: name: myweb spec: replicas: 2 selector: app: myweb template: metadata: labels: app: myweb spec: containers: - name: myweb image: 10.9.54.19/tomcat-app:v1 ports: - containerPort: 8080 |
通过kubectl create创建rc
|
1 2 3 4 5 |
[root@k8s-master ~]# kubectl create -f tomcat-rc.yaml replicationcontroller/myweb created [root@k8s-master ~]# kubectl get rc NAME DESIRED CURRENT READY AGE myweb 2 2 2 11s |
到node节点上去验证
第一个node节点
|
1 2 3 |
[root@k8s-node1 ~]# docker ps |grep myweb ca5368623bac a29e200a18e9 "catalina.sh run" 8 seconds ago Up 8 seconds k8s_myweb_myweb-9v76s_default_c84dc4bd-a60a-11e8-8960-000c29866acd_0 e9e1ba81abcd 10.9.54.19/pause:3.1 "/pause" 9 seconds ago Up 8 seconds k8s_POD_myweb-9v76s_default_c84dc4bd-a60a-11e8-8960-000c29866acd_0 |
另一个node节点
|
1 2 3 |
[root@k8s-node2 ~]# docker ps |grep myweb 6b7c84d423d8 a29e200a18e9 "catalina.sh run" 25 seconds ago Up 25 seconds k8s_myweb_myweb-btl7l_default_c84d3bb6-a60a-11e8-8960-000c29866acd_0 c32480c0574f 10.9.54.19/pause:3.1 "/pause" 26 seconds ago Up 25 seconds k8s_POD_myweb-btl7l_default_c84d3bb6-a60a-11e8-8960-000c29866acd_0 |
