使用kubeoperator中的kubepi跟kuboard的注意事项-应用路由和镜像仓库
1.若是在使用kubeoperator的时候启用了组件:ingress-nginx,那么给服务配置应用路由的时候,
在kuboard中进行操作,不需要填写IngressClass,若是填写了则会访问报错404
在KubePi中创建应用路由,也不需要填写IngressClass,但是需要填写默认后端
2.关于从私有harbor仓库拉取镜像
k8s集群每个节点的hosts上需要添加harbor仓库地址的解析
KubePi中操作
- 支持 Harbor、Nexus、Docker Registry三种类型
- 创建 Workloads 时可以选择镜像仓库中已有镜像
将镜像仓库授权到目标集群后(集群列表 - 授权),才可以选择该镜像仓库中的镜像来创建 Workloads
进入到设置页面
找到左侧导航的镜像仓库,点击“创建”
填写镜像仓库有关信息
注意:镜像下载地址开头不能填写http://或https://,否则在拉取镜像的时候会报错: invalid image name
把镜像仓库授权到目标集群
使用KubePi界面更新镜像
在kuboard界面中查看,已经默认勾选上了(不用自己再手动添加镜像仓库地址信息了)
容器运行时用的是containerd,其配置文件中并未添加上有关harbor镜像仓库的信息
无法拉取镜像,报错如下:
综合所属,kubepi或者kuboard中配置的镜像仓库信息,实际操作去拉取镜像还得看安装的容器运行时,也就是说容器运行时使用k8s提供的仓库地址账号信息等取拉取镜像,不用在容器运行时中配置仓库的有关信息
参考这篇文章:https://www.cnblogs.com/hahaha111122222/p/16435622.html
注意添加的内容,要依据原有文件的格式来写,新版和老版的写法
每个节点主机都需要修改:/etc/containerd/config.toml
修改后再重启containerd服务
原有配置文件内容:
root = "/var/lib/containerd"
state = "/run/containerd"
oom_score = 0
[grpc]
address = "/run/containerd/containerd.sock"
uid = 0
gid = 0
max_recv_message_size = 16777216
max_send_message_size = 16777216
[debug]
address = ""
uid = 0
gid = 0
level = ""
[metrics]
address = ""
grpc_histogram = false
[cgroup]
path = ""
[plugins]
[plugins.cgroups]
no_prometheus = false
[plugins.cri]
stream_server_address = "127.0.0.1"
stream_server_port = "0"
enable_selinux = false
sandbox_image = "registry.kubeoperator.io:8082/kubeoperator/pause:3.5"
stats_collect_period = 10
systemd_cgroup = true
enable_tls_streaming = false
max_container_log_line_size = 16384
[plugins.cri.containerd]
snapshotter = "overlayfs"
no_pivot = false
[plugins.cri.containerd.default_runtime]
runtime_type = "io.containerd.runtime.v1.linux"
runtime_engine = ""
runtime_root = ""
[plugins.cri.containerd.untrusted_workload_runtime]
runtime_type = ""
runtime_engine = ""
runtime_root = ""
[plugins.cri.cni]
bin_dir = "/opt/cni/bin"
conf_dir = "/etc/cni/net.d"
conf_template = ""
[plugins.cri.registry]
[plugins.cri.registry.mirrors]
[plugins.cri.registry.mirrors."10.16.16.110:8082"]
endpoint = [
"http://10.16.16.110:8082"
]
[plugins.cri.registry.mirrors."10.16.16.110:8083"]
endpoint = [
"http://10.16.16.110:8083"
]
[plugins.cri.registry.mirrors."registry.kubeoperator.io:8082"]
endpoint = [
"http://10.16.16.110:8082"
]
[plugins.cri.registry.mirrors."registry.kubeoperator.io:8083"]
endpoint = [
"http://10.16.16.110:8083"
]
[plugins.cri.registry.mirrors."docker.io"]
endpoint = [
"https://docker.mirrors.ustc.edu.cn",
"http://hub-mirror.c.163.com"
]
[plugins.cri.registry.mirrors."gcr.io"]
endpoint = [
"https://gcr.mirrors.ustc.edu.cn"
]
[plugins.cri.registry.mirrors."k8s.gcr.io"]
endpoint = [
"https://gcr.mirrors.ustc.edu.cn/google-containers/"
]
[plugins.cri.registry.mirrors."quay.io"]
endpoint = [
"https://quay.mirrors.ustc.edu.cn"
]
[plugins.cri.x509_key_pair_streaming]
tls_cert_file = ""
tls_key_file = ""
[plugins.diff-service]
default = ["walking"]
[plugins.linux]
shim = "containerd-shim"
runtime = "runc"
runtime_root = ""
no_shim = false
shim_debug = false
[plugins.opt]
path = "/opt/containerd"
[plugins.restart]
interval = "10s"
[plugins.scheduler]
pause_threshold = 0.02
deletion_threshold = 0
mutation_threshold = 100
schedule_delay = "0s"
startup_delay = "100ms"
添加上镜像仓库后的文件内容:
root = "/var/lib/containerd"
state = "/run/containerd"
oom_score = 0
[grpc]
address = "/run/containerd/containerd.sock"
uid = 0
gid = 0
max_recv_message_size = 16777216
max_send_message_size = 16777216
[debug]
address = ""
uid = 0
gid = 0
level = ""
[metrics]
address = ""
grpc_histogram = false
[cgroup]
path = ""
[plugins]
[plugins.cgroups]
no_prometheus = false
[plugins.cri]
stream_server_address = "127.0.0.1"
stream_server_port = "0"
enable_selinux = false
sandbox_image = "registry.kubeoperator.io:8082/kubeoperator/pause:3.5"
stats_collect_period = 10
systemd_cgroup = true
enable_tls_streaming = false
max_container_log_line_size = 16384
[plugins.cri.containerd]
snapshotter = "overlayfs"
no_pivot = false
[plugins.cri.containerd.default_runtime]
runtime_type = "io.containerd.runtime.v1.linux"
runtime_engine = ""
runtime_root = ""
[plugins.cri.containerd.untrusted_workload_runtime]
runtime_type = ""
runtime_engine = ""
runtime_root = ""
[plugins.cri.cni]
bin_dir = "/opt/cni/bin"
conf_dir = "/etc/cni/net.d"
conf_template = ""
[plugins.cri.registry]
[plugins.cri.registry.mirrors]
[plugins.cri.registry.mirrors."10.16.16.110:8082"]
endpoint = [
"http://10.16.16.110:8082"
]
[plugins.cri.registry.mirrors."10.16.16.110:8083"]
endpoint = [
"http://10.16.16.110:8083"
]
[plugins.cri.registry.mirrors."registry.kubeoperator.io:8082"]
endpoint = [
"http://10.16.16.110:8082"
]
[plugins.cri.registry.mirrors."registry.kubeoperator.io:8083"]
endpoint = [
"http://10.16.16.110:8083"
]
[plugins.cri.registry.mirrors."docker.io"]
endpoint = [
"https://docker.mirrors.ustc.edu.cn",
"http://hub-mirror.c.163.com"
]
[plugins.cri.registry.mirrors."registy.myharbor.com"]
endpoint = [
"https://registy.myharbor.com"
]
[plugins.cri.registry.mirrors."gcr.io"]
endpoint = [
"https://gcr.mirrors.ustc.edu.cn"
]
[plugins.cri.registry.mirrors."k8s.gcr.io"]
endpoint = [
"https://gcr.mirrors.ustc.edu.cn/google-containers/"
]
[plugins.cri.registry.mirrors."quay.io"]
endpoint = [
"https://quay.mirrors.ustc.edu.cn"
]
[plugins.cri.registry.configs]
[plugins.cri.registry.configs."registy.myharbor.com".tls]
insecure_skip_verify = true
[plugins.cri.x509_key_pair_streaming]
tls_cert_file = ""
tls_key_file = ""
[plugins.diff-service]
default = ["walking"]
[plugins.linux]
shim = "containerd-shim"
runtime = "runc"
runtime_root = ""
no_shim = false
shim_debug = false
[plugins.opt]
path = "/opt/containerd"
[plugins.restart]
interval = "10s"
[plugins.scheduler]
pause_threshold = 0.02
deletion_threshold = 0
mutation_threshold = 100
schedule_delay = "0s"
startup_delay = "100ms"
查看拉取的镜像
# crictl images ls
IMAGE TAG IMAGE ID SIZE
docker.io/library/nginx 1.23.3-alpine c433c51bbd661 16.7MB
registy.myharbor.com/mytest/nginx 1.23.3-alpine c433c51bbd661 16.7MB
k8s.gcr.io/kube-proxy v1.22.16 0238e0ac17c5c 105MB
k8s.gcr.io/pause 3.5 ed210e3e4a5ba 686kB
registry.kubeoperator.io:8082/kubeoperator/pause 3.5 ed210e3e4a5ba 686kB
registry.kubeoperator.io:8082/calico/cni v3.21.4 f1de15d70851b 80.5MB
registry.kubeoperator.io:8082/calico/node v3.21.4 c59896fc7ca44 74MB
registry.kubeoperator.io:8082/calico/pod2daemon-flexvol v3.21.4 ab768d7a914ff 9.23MB
registry.kubeoperator.io:8082/kubeoperator/ingress-nginx-controller v1.2.1 75bdf78d9d67e 107MB
registry.kubeoperator.io:8082/kubeoperator/k8s-dns-node-cache 1.17.0 3a187183b3a8c 56.8MB
registry.kubeoperator.io:8082/kubeoperator/kube-bench v0.6.8 43684c5de97d2 26.7MB
registry.kubeoperator.io:8082/kubeoperator/metrics-server v0.5.0 1c655933b9c56 25.8MB
