集群环境:
IP | 主机名 | 角色 |
---|---|---|
192.168.100.142 | kube-master1,kube-master1.suosuoli.cn | K8s 集群主节点 1 |
192.168.100.144 | kube-master2,kube-master2.suosuoli.cn | K8s 集群主节点 2 |
192.168.100.146 | kube-master3,kube-master3.suosuoli.cn | K8s 集群主节点 3 |
192.168.100.160 | node1,node1.suosuoli.cn | K8s 集群工作节点 1 |
192.168.100.162 | node2,node2.suosuoli.cn | K8s 集群工作节点 2 |
192.168.100.164 | node3,node3.suosuoli.cn | K8s 集群工作节点 3 |
192.168.100.150 | ha1,ha1.suosuoli.cn | K8s 主节点访问入口 1(高可用及负载均衡) |
192.168.100.152 | ha2,ha2.suosuoli.cn | K8s 主节点访问入口 1(高可用及负载均衡) |
192.168.100.154 | harbor,harbor.suosuoli.cn | 容器镜像仓库 |
192.168.100.200 | 无 | VIP |
一. 运行 nginx 和 tomcat 准备
1.1 拉取 nginx 和 tomcat 镜像
root@kube-master1:~# docker pull nginx:1.16.1
root@kube-master1:~# docker pull tomcat:8.5-jdk11-adoptopenjdk-hotspot
1.2 上传到本地 harbor 仓库
1.2.1 新建 baseimages 项目
在 karbor 新建一个项目来存放镜像:
别忘了需要添加不安全的主机列表给 docker:
~# vim /lib/systemd/system/docker.service
...
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry harbor.suosuoli.cn
...
~# systemctl daemon-reload
~# systemctl restart docker
1.2.2 打标签并上传镜像到 harbor
将从 docker hub 官方 pull 下来的 nginx 和 tomcat 镜像打标签,并上传到 harbor:
打标签:
root@kube-master1:~# docker tag tomcat:8.5-jdk11-adoptopenjdk-hotspot harbor.suosuoli.cn/baseimages/tomcat:8.5-jdk11-adoptopenjdk-hotspot
root@kube-master1:~# docker tag nginx:1.16.1 harbor.suosuoli.cn/baseimages/nginx:1.16.1
上传到 harbor.suosuoli.cn
:
root@kube-master1:~# docker login harbor.suosuoli.cn
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
root@kube-master1:~# docker push tomcat
tomcat tomcat:8.5-jdk11-adoptopenjdk-hotspot
root@kube-master1:~# docker push harbor.suosuoli.cn/baseimages/tomcat:8.5-jdk11-adoptopenjdk-hotspot
The push refers to repository [harbor.suosuoli.cn/baseimages/tomcat]
aec076861234: Pushed
b5fcbb958d72: Pushed
3fc7e3fa7a96: Pushed
5f919249e8cf: Pushed
85fa6e80789c: Pushed
16542a8fc3be: Pushed
6597da2e2e52: Pushed
977183d4e999: Pushed
c8be1b8f4d60: Pushed
8.5-jdk11-adoptopenjdk-hotspot: digest: sha256:e05a00d18af68ace3e1d63a82318e166cb4adbf84fcd204636bf6460b5a760a1 size: 2204
root@kube-master1:~# docker push harbor.suosuoli.cn/baseimages/nginx:1.16.1
The push refers to repository [harbor.suosuoli.cn/baseimages/nginx]
bc21985928b6: Pushed
e370c53ec242: Pushed
f2cb0ecef392: Pushed
1.16.1: digest: sha256:2500df07b831096e9207522576c20132b3f645865185d519f3f911602b585c4b size: 948
1.3 测试下载 harbor 镜像
查看 harbor 仓库:
测试下载,在 kube-master2 测试,也要改 docker 的 service 文件,添加非安全仓库:
root@kube-master2:~# docker pull harbor.suosuoli.cn/baseimages/nginx:1.16.1
1.16.1: Pulling from baseimages/nginx
68ced04f60ab: Pull complete
e6edbc456071: Pull complete
9f915b082e59: Pull complete
Digest: sha256:2500df07b831096e9207522576c20132b3f645865185d519f3f911602b585c4b
Status: Downloaded newer image for harbor.suosuoli.cn/baseimages/nginx:1.16.1
harbor.suosuoli.cn/baseimages/nginx:1.16.1
root@kube-master2:~# docker images | grep nginx
harbor.suosuoli.cn/baseimages/nginx 1.16.1 8c5ec390a315 4 weeks ago 127MB
二. 在集群运行 nginx 和 tomcat
准备好 kubeadm 使用的 yaml 配置文件,使用 yaml 文件部署
nginx 和 tomcat。
2.1 nginx 部署
编辑部署配置文件:
root@kube-master1:~# mkdir /opt/kubeadm-deploy
root@kube-master1:~# cd /opt/kubeadm-deploy/
root@kube-