docker-K8S简单命令行模式记录

1.创建harbor的secret,可以从harbor私有仓库直接拉取镜像

kubectl create secret  docker-registry  registry-harbor --docker-server=harbor.dinghc.com --docker-username=admin --docker-password=123456 -n kube-system

#对应yaml
    spec:
      containers:
      - name: umspzm-service
        image: harbor.dev.sheca.com:30890/umspzm/umsp:v5-for-zmyd-feature
        imagePullPolicy: IfNotPresent
      .............
      imagePullSecrets:   #spec层级下面
      - name: registry-harbor  

2.创建tls(traefik的https)

kubectl create secret tls traefik-cert --key /ssl/intra.sheca.com.key --cert /ssl/intra.sheca.com.cer -n uat
#对应yaml

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: .....
  namespace: uat
  annotations:
    kubernetes.io/ingress.class: "traefik"
    nginx.ingress.kubernetes.io/ssl-redirect: 'false'
    traefik.ingress.kubernetes.io/session-cookie-name: "....."
spec:
  tls:
  - secretName: traefik-cert
  rules:
  - host: .........
    http:
      paths:
      - path: /
      ......

待扩展。。。

3.启动rancher

docker run -d --privileged --name rancher --restart=unless-stopped -p 8080:80 -p 8443:443 -v /opt/rancher/:/var/lib/rancher/ rancher/rancher:v2.5.2
posted @ 2020-12-28 14:11  大葱丁  阅读(156)  评论(0编辑  收藏  举报