Sunday Blog

人生是一场刻意练习

Kubernetes 1.24 二进制高可用集群安装

Kubernetes Binary Build High Availability

生产环境中,建议使用版本大于5的Kubernetes版本,如1.24.6 系统:CentOS 7.5 K8S:1.24.6 containerd: v1.6.4 calico: 1.24 集群环境 hostname IP/VIP software k8s-master01 192.168.1.171 e

安装Kuboard管理Kubernetes集群

Kuboard

https://kuboard.cn/install/v3-upgrade.html#%E5%A6%82%E6%9E%9C%E4%BB%A5-docker-run-%E8%BF%90%E8%A1%8C-kuboard 安装方式 Kuboard 作为多个集群的管理界面应该独立于任何集群之外 建议docker运行 Kuboard, 不建议安装在有业务的Kubernetes集群中 停止已有 kuboard 容器 docker

Containerd Mirrors 加速

Containerd Mirrors

containerd 使用https://docker.mirrors.ustc.edu.cn加速 抽风403 FATA[0038] pulling image: rpc error: code = Unknown desc = failed to pull and unpack image "docker.io/library/nginx:alpine": failed to copy: httpReadSeeker: failed open: unexpected status code

Docker基础

Docker Use

查看Docker版本 [root@k8s-master01 ~]# docker version Client: Docker Engine - Community Version: 20.10.7 API version: 1.40 Go version: go1.13.15 Git commit: f0df350 Built: Wed Jun 2 11:58:10 2021 OS/Arch: linux/amd64 Context: default Experimental: true Server: Docker Engine - Community Engine: Version: 19.03.15 API version: 1.40 (minimum version 1.12) Go version: go1.13.15 Git commit: 99e3ed8919 Built: Sat Jan 30 03:16:33 2021 OS/Arch: linux/amd64

企业级镜像仓库 Harbor 的安装与配置

Harbor

官方地址 https://github.com/goharbor/harbor 安装 docker 17.03.0-ce+ and docker-compose 1.18.0+ 安装Docker https://docs.docker.com/engine/install/centos/ sudo yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine \ podman \ runc sudo yum install -y yum-utils sudo yum-config-manager \ --add-repo \ https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo sudo sed -i 's@download.docker.com@mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo sudo yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin 安装Do

Docker daemon.json 调整

Docker Daemon Json Production Optimization

cat /etc/docker/daemon.json { "data-root": "/data/docker", "registry-mirrors": [ "https://registry.docker-cn.com", "https://docker.mirrors.ustc.edu.cn" ], "insecure-registries": [], "exec-opts": ["native.cgroupdriver=systemd"], "max-concurrent-downloads":10, "max-concurrent-uploads": 5, "log-opts": { "max-size": "100m", "max-file": "5" }, "live-restore": true }

Docker端口绕过Firewall修复

Docker Port Firewall Invalid

失效原因 默认情况下, docker启动后参数中如果加了端口映射, 就会自动将端口开放给所有网络设备访问, 并且这种情况下即使在本机的系统防火墙中加