一、准备工作这里使用的alidns，创建AccessKey创建secretkubectl create secret generic traefik-alidns-secret --from-literal=ALICLOUD_ACCESS_KEY=<AK> --from-literal=ALICLOUD_SECRET_KEY=<SK> --from-literal=A...

继续阅读 »

IngressRoute是traefik编写的一个自定义资源(CRD),可以更好的配置traefik所需的路由信息一、使用helm安装traefik1.添加traefik仓库helm repo add traefik https://helm.traefik.io/traefik helm repo update2.安装traefikkubectl create ns traefik-v2 ...

继续阅读 »

1.创建认证文件(注意文件名必须叫auth)htpasswd -bc auth admin 1234562.生成secretkubectl create secret generic --from-file=auth --namespace=kube-ops prome-basic-auth3.配置ingressapiVersion: networking.k8s.io/v1beta1 ki...

继续阅读 »

1.创建pv、pvcapiVersion: v1 kind: PersistentVolume metadata: name: prometheus spec: capacity: storage: 10Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain nfs: ...

继续阅读 »

命令:etcdctl --cacert=/etc/kubernetes/pki/etcd/ca.crt --cert=/etc/kubernetes/pki/etcd/peer.crt --key=/etc/kubernetes/pki/etcd/peer.key集群节点列表：etcd备份：ETCDCTL_API=3 etcdctl --cacert=/etc/kubernetes/pk...

继续阅读 »

有两种情况：1.做为volumes使用时,subPath代表存储卷的子路径：apiVersion: v1 kind: Pod metadata: name: testpod0 spec: containers: - name: testc image: busybox command: ["/bin/sleep","10000&quo...

继续阅读 »

方式1:helm安装1.给node添加标签，方便pod调度到指定节点kubectl label nodes k8s-node04 traefik=true2.自定义资源清单配置vim my_values.yaml# 使用hostNetwork,service就不需要了 service: enabled: false # traefik是dashboard的配置，web和websecur...

继续阅读 »

1.host解析cat >> /etc/hosts <<EOF 10.0.0.10 k8s-master01 10.0.0.11 k8s-master02 10.0.0.12 k8s-master03 10.0.0.5 k8s-master EOF2.安装依赖包yum install -y epel-release conntrack ntpdate ntp...

继续阅读 »

一、下载安装包wget https://github.com/goharbor/harbor/releases/download/v2.0.1/harbor-online-installer-v2.0.1.tgz二、解压tar xf harbor-online-installer-v2.0.1.tgz -C /usr/local/三、配置https访问1.创建目录mkdir /data/ha...

继续阅读 »

apiVersion: v1 kind: Service metadata: labels: app: gateway name: gateway namespace: {nameSpace} spec: ports: - name: gateway port: 80 protocol: TCP targetPort: http sel...

继续阅读 »