1.构建docker镜像,k8s拉取镜像运行
docker自己安装
[root@master1 ~]# docker pull nginx:1.24.0
[root@master1 ~]# mkdir k8s-nginx
[root@master1 ~]# cd k8s-nginx[root@master1 k8s-nginx]# vim nginx.conf server_tokens off;
server {
listen 8010; #web访问端口
server_name localhost;
keepalive_timeout 65;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
location / {
root /etc/nginx/dist; #web代码路径
index index.html index.htm;
}
#后端代码接口配置
#location /api {
# proxy_pass http://127.0.0.1:8001;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}[root@master1 k8s-nginx]# mkdir dist #这个dist是前端包目录,我这里只做个测试
[root@master1 k8s-nginx]# cd dist
[root@master1 dist]# vim index.html
this is a test!写Dockerfile:
[root@master1 k8s-nginx]# vim DockerfileFROM nginx:1.24.0
COPY nginx.conf /etc/nginx/conf.d/web.conf
COPY dist /etc/nginx/dist构建镜像:
[root@master1 k8s-nginx]# docker build -t nginx:v1 .Sending build context to Docker daemon 5.12 kB
Step 1/3 : FROM nginx:1.24.0
---> 6b753f58c54e
Step 2/3 : COPY nginx.conf /etc/nginx/conf.d/web.conf
---> Using cache
---> c67c98f8e802
Step 3/3 : COPY dist /etc/nginx/dist
---> 546db553f62a
Removing intermediate container d9a8e88cb4da
Successfully built 546db553f62a将镜像上传到镜像仓库,我这里是上传到阿里云的镜像仓库
仓库地址:
https://cr.console.aliyun.com/cn-zhangjiakou/instance/credentials
登录镜像仓库:
docker login --username=asula registry.cn-zhangjiakou.aliyuncs.com
推送镜像:
docker tag nginx:v1 registry.cn-zhangjiakou.aliyuncs.com/ymku/nginx:v1
docker push registry.cn-zhangjiakou.aliyuncs.com/ymku/nginx:v1k8s拉取私有仓库需要登录,有时候不可能为每个k8s节点登录
我们就需要为创建k8s集群的secret,设置秘钥配置imagePullSecrets
1.创建secret
kubectl create secret docker-registry secret名 --docker-server=仓库地址 --docker-username=用户名 --docker-password=密码 例如:
kubectl create secret docker-registry secret-key --docker-server=registry.cn-zhangjiakou.aliyuncs.com --docker-username=ABCD --docker-password=QWER!@--docker-server=registry.cn-zhangjiakou.aliyuncs.com #阿里云仓库地址
--docker-username=ABCD #阿里云仓库登录的用户名
--docker-password=QWER!@#$ #阿里云仓库的登录密码
2.删除secret
kubectl delete secret secret-key 编写k8s的yaml文件:
[root@master1 k8s-nginx]# vim nginx-test.yamlapiVersion: v1
kind: Service
metadata:
labels:
app: nginx-servie
name: nginx-service
namespace: default
spec:
ports:
#对外暴露端口30003
- nodePort: 30003
port: 8010
protocol: TCP
targetPort: 8010
selector:
app: nginx-web
#NodePort对外暴露端口
type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: nginx-web
name: nginx-web
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: nginx-web
template:
metadata:
labels:
app: nginx-web
namespace: default
spec:
imagePullSecrets:
- name: secret-key
containers:
- image: registry.cn-zhangjiakou.aliyuncs.com/ymku/nginx:v1
name: nginx
imagePullPolicy: Always
ports:
- containerPort: 80
resources:
requests:
cpu: 100m
memory: 1Gi
limits:
cpu: 100m
memory: 1Gi[root@master1 k8s-nginx]# kubectl apply -f nginx-test.yaml
service/nginx-service configured
deployment.apps/nginx-web created
[root@master1 k8s-nginx]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-web-9f5fbbb7b-bjwvg 1/1 Running 0 3s
验证:http://10.10.10.10:30003/index.html
