KubeSphere集成本地容器镜像仓库 Harbor

最新推荐文章于 2024-06-02 22:22:37 发布

靖飒

最新推荐文章于 2024-06-02 22:22:37 发布

阅读量1.3k

点赞数 1

分类专栏：互联网线上商城系统文章标签： docker 容器 kubernetes

本文链接：https://blog.csdn.net/qq_37892401/article/details/128931039

版权

互联网线上商城系统专栏收录该内容

26 篇文章 2 订阅

订阅专栏

KubeSphere集成本地容器镜像仓库 Harbor

一、CoreDNS级联本地DNS服务器

# kubectl edit configmap coredns -n kube-system

apiVersion: v1
data:
  Corefile: |
    .:53 {
        errors
        health {
           lameduck 5s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
           pods insecure
           fallthrough in-addr.arpa ip6.arpa
           ttl 30
        }
        prometheus :9153
        forward . /etc/resolv.conf { 修改这里为本地DNS IP地址
           max_concurrent 1000
        }
        cache 30
        loop
        reload
        loadbalance
    }
    
    
 修改为：
 apiVersion: v1
data:
  Corefile: |
    .:53 {
        errors
        health {
           lameduck 5s
        }
        ready
        kubernetes cluster.local in-addr.arpa ip6.arpa {
           pods insecure
           fallthrough in-addr.arpa ip6.arpa
           ttl 30
        }
        prometheus :9153
        forward . 192.168.10.145 { 重点注意看IP地址，修改为本地DNS IP地址
           max_concurrent 1000
        }
        cache 30
        loop
        reload
        loadbalance
    }

# dig -t a harbor.msb.com @10.96.0.10

二、添加本地非安全容器镜像仓库至Docker配置

# cat /etc/docker/daemon.json
{
        "exec-opts": ["native.cgroupdriver=systemd"]，
        "insecure-registries": ["http://harbor.msb.com"]
}

修改为：

# cat /etc/docker/daemon.json
{
        "exec-opts": ["native.cgroupdriver=systemd"]
}

# cat /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket containerd.service

[Service]
Environment="DOCKER_OPTS=--insecure-registry=http://harbor.msb.com" 在此处添加
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry=http://harbor.msb.com
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always

# systemctl daemon-reload 

# systemctl restart docker

三、KubeSphere仓库配置密钥

在使用本地容器镜像仓库Harbor之前，需要创建密钥文件

在这里插入图片描述

四、创建应用进行测试及访问

4.1 容器镜像准备

# docker pull nginx:latest

# docker tag nginx:latest harbor.msb.com/library/nginx:v1

# docker push harbor.msb.com/library/nginx:v1

在这里插入图片描述

4.2 创建应用

在这里插入图片描述

4.3 应用访问

在这里插入图片描述

[root@dnsserver ~]# vim /var/named/msb.com.zone

[root@dnsserver ~]# cat /var/named/msb.com.zone
$TTL 1D
@       IN SOA  msb.com admin.msb.com. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
@       NS      ns.msb.com.
ns      A       192.168.10.145
harbor  A       192.168.10.146
reg-test        A       192.168.10.72  添加此处内容

[root@dnsserver ~]# systemctl restart named

[root@harborserver ~]# curl http://reg-test.msb.com
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>