K8S nexus3.yaml文件
kind: Service
apiVersion: v1
metadata:
name: qian-nexus3
namespace: default
labels:
app: qian-nexus3
spec:
type: NodePort
selector:
app: qian-nexus3
ports:
#服務端口,內部端口,通過暴露端口登錄的最終會轉到內部
- port: 8081
name: rest
targetPort: 8081
protocol: TCP
#登錄平臺暴露的端口
nodePort: 31234
#服務端口,內部端口
- port: 8087
name: rest1
targetPort: 8087
protocol: TCP
#docker login暴露的端口
nodePort: 31235
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: qian-nexus3
namespace: default
spec:
replicas: 1
minReadySeconds: 120
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
selector:
matchLabels:
app: qian-nexus3
template:
metadata:
labels:
app: qian-nexus3
spec:
containers:
- name: qian-nexus3
image: sonatype/nexus3:latest
imagePullPolicy: Always
resources:
limits:
cpu: 1024m
memory: 2048Mi
requests:
cpu: 50m
memory: 200Mi
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 180
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: 8081
timeoutSeconds: 2
ports:
- containerPort: 8081
name: rest
protocol: TCP
- containerPort: 8087
name: rest1
protocol: TCP
volumeMounts:
- mountPath: /nexus-data
name: dev
securityContext:
privileged: true
dnsPolicy: ClusterFirst
nodeName: node-2
volumes:
- hostPath:
path: /srv/nexus/qian-data
name: dev
鏡像源服務器操作:
mkdir -p /srv/nexus/qian-data
chmod 777 /srv/nexus/qian-data
chown 200 /srv/nexus/qian-data
master管理服務器操作:
kubectl apply -f nexus3.yaml.yaml
註釋:
- containerPort: 8087 ##容器端口
name: rest1
protocol: TCP
-----------------------------------
- port: 8087 ##容器端口
name: rest1
targetPort: 8087
protocol: TCP
nodePort: 31235 ##集羣外部訪問Service,Pod提供訪問接入端口,僅在type爲NodePort時才需要指定.
訪問nexus3
http://192.168.123.12:31234
登錄用戶admin
密碼看提示路徑,進入路徑後文件中則爲密碼
設置私有倉庫步驟:
1、設置
2、Repositories
3、Create repository
4、docker(hosted)
繼上一步配置步驟docker(hosted)
1、Name (自定義名稱)
2、http 8087 (勾選http,填寫內部上傳端口)
3、Docker Registry API Support (勾選 Allow clients to use the V1 API to interact with this repository)
4、Create repository (創建)
測試本地推鏡像(哪臺需要dockers login哪臺就配置)
vi /lib/systemd/system/docker.service
修改爲:鏡像源ip和上傳端口
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry=192.168.123.12:31235
sudo systemctl daemon-reload
sudo systemctl restart docker
docker login IP:31234
用戶名:
密碼:
docker打標籤:
sudo docker tag 300e315adb2f 192.168.123.12:31235/nginx:v5.6
docker login IP:8087
賬號
密碼
docker push 192.168.123.12:31235/nginx:v5.6
docker pull 192.168.123.12:31235/nginx:v5.6
注意:當使用yaml調用nexus私有倉庫鏡像時,需要進行Docker registries認證才能push不然無法使用
kubectl create secret docker-registry regsecret --docker-server=192.168.123.12:8087 --docker-username=admin --docker-password=12345 [email protected] --namespace=default