下载
k3s下载地址:
https://github.com/k3s-io/k3s/releases
k3s-airgap-images-amd64.tar和k3s二进制文件
下载安装脚本: https://get.k3s.io/ 获取安装脚本。
安装
setenforce 0
export APPTRACE_HOME=/opt/apptrace
mkdir -p $APPTRACE_HOME/k3s/data/k3s/agent/images
cp k3s-airgap-images-amd64.tar $APPTRACE_HOME/k3s/data/k3s/agent/images/
cp k3s /usr/local/bin/
chmod +x /usr/local/bin/k3s
#确保安装了java-11-openjdk
vim /usr/lib/jvm/java-11-openjdk-11.0.23.0.9-2.el7_9.x86_64/conf/security/java.security
#将这段内容加入到以上文件:security.provider.13=org.bouncycastle.jce.provider.BouncyCastleProvider
INSTALL_K3S_SELINUX_WARN=true INSTALL_K3S_SKIP_DOWNLOAD=true K3S_TOKEN="hello" INSTALL_K3S_EXEC="server --cluster-init --data-dir $APPTRACE_HOME/k3s/data/k3s" ./k3s-install.sh
配置镜像仓库
vim /etc/rancher/k3s/registries.yaml
# /etc/rancher/k3s/registries.yaml
mirrors:
"docker.io":
endpoint:
- "https://your-registry-mirror.com"
configs:
"docker.io":
auth:
username: your-username
password: your-password
#以下是例子:
mirrors:
docker.io:
endpoint:
- "https://registry.cn-hangzhou.aliyuncs.com/"
quay.io:
endpoint:
- "https://quay.tencentcloudcr.com/"
registry.k8s.io:
endpoint:
- "https://registry.aliyuncs.com/v2/google_containers"
gcr.io:
endpoint:
- "https://gcr.m.daocloud.io/"
k8s.gcr.io:
endpoint:
- "https://registry.aliyuncs.com/google_containers"
ghcr.io:
endpoint:
- "https://ghcr.m.daocloud.io/"
重启服务
systemctl restart k3s.service
部署测试镜像
编辑文件
使用一个来自 k8s.gcr.io 的镜像来进行测试。创建一个测试部署文件 nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: k8s.gcr.io/nginx:latest
ports:
- containerPort: 80
应用部署文件:
kubectl apply -f nginx-deployment.yaml
验证镜像拉取
kubectl get pods -A
如果 Pod 正常运行,说明镜像已成功拉取。如果出现错误,查看详细信息:
kubectl describe pod <pod-name>