k8s操作手册 2.3★配置docker服务使用systemd去管理(以及信任本地镜像仓库) # vi /etc/docker/daemon.json { "data-root": "/docker_data", "registry-mirrors": [ "h�ps://cof-lee.com:5443" ], "insecure-registries": [ "cof-lee.com:5443" ], "exec-opts": "bridge": "none", "iptables": false, "experimental": true, "data-root": "/docker_data", "registry-mirrors": [ "h�ps://cof-lee.com:5443" ], "insecure-registries": [ "cof-lee.com:5443" ], "exec-opts": io/etcd:3.4.13-0 k8s.gcr.io/coredns:1.7.0 #可以先下载以上7个镜像,传到每台k8s服务器上,再docker load导入;或者使 用内部registry仓库(内部registry镜像仓库里要有以上7个镜像) ★直接使用命令行方式初始化集群 (以下是非HA模式的master初始化,如果要部署高可用集群,则参考第4章) kubeadm init --kubernetes-0 码力 | 126 页 | 4.33 MB | 1 年前3
Jib Kubecon 2018 TalkDeveloper Building website for pet clinic Wants to containerize the backend Wants container on registry ilovejava.io/petclinic-app github.com/GoogleContainerTools/jib github.com/GoogleContainerTools/jib Docker Project JAR docker Docker Daemon Container Image Dockerfile build send build push Registry github.com/GoogleContainerTools/jib I’m a Java developer, I don’t want to have to care about github.com/GoogleContainerTools/jib Containerizing, simplified Project Container image build on registry github.com/GoogleContainerTools/jib Steps: github.com/GoogleContainerTools/jib Steps: 1. Apply0 码力 | 90 页 | 2.84 MB | 1 年前3- Kubernetes 容器编排与应用编排Application Registry Application Manager Application A Application … API Gateway API Service A API Service B 应用编排架构 Application Registry - Helm Registry Helm Chart Helm Registry 1. 负责存储和管理用户的 version 2. 可选的多种存储后端(FileSystem,OSS,…) 3. 可通过 API 直接对应用进行编排 4. 开源(https://github.com/caicloud/helm-registry) 应用编排架构 Application Manager - Helm Tiller Helm Tiller 1. 负责将 Chart 部署到指定的集群当中,并管理生成的 Release(应用) Kubernetes Cluster Production Helm Tiller Application Application … Application API Helm Registry Helm Registry Application API Sync 多集群架构 谢谢大家!0 码力 | 20 页 | 4.22 MB | 1 年前3
- 多雲一體就是現在:
GOOGLE CLOUD 的
KUBERNETES
混合雲戰略validated and tested by Google ● Access to Container services on GCP such as Cloud Build, Container Registry, Audit Logging, and more. ● Integration with Istio, Knative, Marketplace Solutions ALPHA IN FALL vSphere 6.5 for Alpha ● Simple CLI installation ● Online and Offline installation ● Private container registry support ● Latest 3 versions of k8s ● High-availability control plane ● Auto-repair Installation without "http://" or "https://" (leave blank if none): username:password@1.1.1.1:5413/ Enter Docker registry to use [gcr.io/k8s-cluster-api]: CLI (Installation) Register with Google Cloud Console On-Prem/Public0 码力 | 32 页 | 2.77 MB | 1 年前3
- Kubernetes Native DevOps Practicemonitoring system - prometheus • Alertmanager to invoke various alert and related actions docker registry Kubernetes Cluster Kubernetes Cluster CRD and Operator Design BuildJob DevOps Operator Job environment variables image information - volumes Storage Service rbd / nfs / glisters pvc pvc pvc registry credential using secret - resources Memory / CPU / GPU Data cache CI/CD Examples - Artifact Trigger with payload Sonar tool Image Jenkins API Image • Gitlab webhook • On schedule • Registry notification • Encapsulate API / SDK of third party tools to docker image • Pass events from0 码力 | 21 页 | 6.39 MB | 1 年前3
- 基于 KUBERNETES 的 容器器 + AI 平台• 管理理基于规则的镜像仓库 • 其他企业需要的优化功能 企业典型的多租户模型 租户 Tenant User User group Namespace Deployment Registry project CI/CD workspace Pod … resources CPU quota MEM quota Storage quota Device com/caicloud/canary-release • https://github.com/caicloud/charts • https://github.com/caicloud/helm-registry Rudder 技术架构 ⼀一套基于 k8s 控制器器模式的原⽣生的应⽤用管理理 和编排运⾏行行时 安全性与扩展性:从 k8s 原⽣生模式中获益 状态可读:跟踪所有 k8s 对象状态0 码力 | 19 页 | 3.55 MB | 1 年前3
- QCon北京2018/QCon北京2018-基于Kubernetes与Helm的应用部署平台构建实践-张夏-赵明+SERVICE_NAME和SERVICE_TAGS注册到Consul server中 混合云服务发现演示 本地环境 dbMysql: cap_add: [SYS_ADMIN] image:registry/db/mysql:latest ports: ['3306:3310'] security_opt: ['apparmor:unconfined'] environment: labels: app: is spec: containers: - name: is image: registry/infra/is:6.20.centos-20 env: - name: "MYSQL_HOST" value: "env01_db0 码力 | 28 页 | 12.18 MB | 1 年前3
- QCon北京2017/企业软件互联网应用实践/基于 kubernetes 的企业级容器云容器云设计--多集群支持的容器云 • 多集群,一平台 Router1 Router2 K8S-2 K8S-1 Console Front End Console Back End Registry Dev/Ops/Admin End User Builder 12 Service Name K8S Cluster IP app01.xpaas.lenovo.com 172.19 • 部署请求 builder • 准备构建环境 • 生成Dockerfile • Build镜像 • Push镜像 kubernetes • 部署服务 1 3 4 Docker Registry 2 5 Deployment StatefulSet 14 2017 Lenovo Internal. All rights reserved. 容器云设计-- DevOps的支持0 码力 | 30 页 | 1.80 MB | 1 年前3
- 基于 Kubernetes 构建标准可扩展的云原生应用管理平台-孙健波、周正喜source of truth) 持续集成 ● Build ● Run Unit Tests ● Build Docker Image ● Push Docker Image Image Registry Operational Configs (YAML) Revision Controller Scaling Controller Rollout Controller kubectl source of truth) 持续集成 ● Build ● Run Unit Tests ● Build Docker Image ● Push Docker Image Image Registry AutoScaling Controller Rollout Controller GitOps OAM K8s Plugin + CUE Abstraction Processor0 码力 | 27 页 | 3.60 MB | 9 月前3
- Kubernetes安全求生指南-practices/ ©2019 VMware, Inc. 8 NIST在容器安全指南中揭露了五種容器應用最應關注的風險 映像風險 Image Risk 登錄風險 Registry Risk 容器調度平台風險 Orchestrator Risk 容器風險 Container Risk 實體作業系統風險 Host OS Risk ©2019 VMware PKS Build Image Push Image Scan Image For CVEs Sign Trusted Image kubectl run Image Registry Image Scanning Image Signing Harbor Projects AUDIT LOGGING 如果沒有企業私有的映像倉庫而只用Internet上的映像,您真的知道裡面有什麼嗎0 码力 | 23 页 | 2.14 MB | 1 年前3
共 24 条
- 1
- 2
- 3