經過之前兩篇文章:Centos7部署Kubernetes叢集、基於kubernetes叢集部署DashBoard,我們基本上已經能夠在k8s的叢集上部署一個應用了,但有一個問題就是:生產環境下,我們勢必不能夠每個機器都匯入一遍從海外下載回來的映象,也不能真的搭建一個長期使用的梯子,這兩個方法都不是可以長期使用的。以下,我們通過搭建本地的私有映象倉庫(docker registry,這個映象可以在國內直接下載)來解決這個問題。
1、部署docker registry
在master上搭建registry。
1.1 拉取registry映象
[root@host-10-0-251-222 ~]# docker pull docker.io/registry Using default tag: latest Trying to pull repository docker.io/library/registry ... sha256:0e40793ad06ac099ba63b5a8fae7a83288e64b50fe2eafa2b59741de85fd3b97: Pulling from docker.io/library/registry b7f33cc0b48e: Pull complete 46730e1e05c9: Pull complete 458210699647: Pull complete 0cf045fea0fd: Pull complete b78a03aa98b7: Pull complete Digest: sha256:0e40793ad06ac099ba63b5a8fae7a83288e64b50fe2eafa2b59741de85fd3b97 Status: Downloaded newer image for docker.io/registry:latest [root@host-10-0-251-222 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/registry latest d1e32b95d8e8 4 weeks ago 33.17 MB
1.2 啟動registry
docker run -d -p 5000:5000 --name=registry --restart=always --privileged=true --log-driver=none -v /home/data/registrydata:/tmp/registry registry
其中,/home/data/registrydata是一個比較大的系統分割槽,今後映象倉庫中的全部資料都會儲存在這個外掛目錄下。
2、更改名稱並推送
[root@K8s-node-2 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE registry.access.redhat.com/rhel7/pod-infrastructure latest 34d3450d733b 2 weeks ago 205 MB gcr.io/google_containers/kubernetes-dashboard-amd64 v1.5.1 1180413103fd 5 weeks ago 103.6 MB [root@K8s-node-2 ~]# docker tag registry.access.redhat.com/rhel7/pod-infrastructure:latest registry:5000/pod-infrastructure:latest [root@K8s-node-2 ~]# docker tag gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1 registry:5000/kubernetes-dashboard-amd64:v1.5.1 [root@K8s-node-2 ~]# docker push registry:5000/pod-infrastructure:latest The push refers to a repository [registry:5000/pod-infrastructure] ba3d4cbbb261: Pushed 0a081b45cb84: Pushed df9d2808b9a9: Pushed latest: digest: sha256:9314554780673b821cb7113d8c048a90d15077c6e7bfeebddb92a054a1f84843 size: 948 [root@K8s-node-2 ~]# docker push registry:5000/kubernetes-dashboard-amd64:v1.5.1 The push refers to a repository [registry:5000/kubernetes-dashboard-amd64] 25820b2590cc: Pushed v1.5.1: digest: sha256:f3f399a937a73b2c0361d93576cd4eb854018a1445b016577e95976c4e09e694 size: 529 [root@K8s-node-2 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE registry.access.redhat.com/rhel7/pod-infrastructure latest 34d3450d733b 2 weeks ago 205 MB registry:5000/pod-infrastructure latest 34d3450d733b 2 weeks ago 205 MB gcr.io/google_containers/kubernetes-dashboard-amd64 v1.5.1 1180413103fd 5 weeks ago 103.6 MB registry:5000/kubernetes-dashboard-amd64 v1.5.1 1180413103fd 5 weeks ago 103.6 MB gcr.io/google_containers/kubedns-amd64 1.7 bec33bc01f03 5 months ago 55.06 MB [root@K8s-node-2 ~]#
3、更改所使用的映象名稱
Dashboard是在yaml中定義的,要更改dashboard.yaml中對應的“image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1”為“image: registry:5000/kubernetes-dashboard-amd64:v1.5.1”
pod-infrastructure是在node的kubelet配置檔案中定義的,要更改每個node中/etc/kubernetes/kubelet中對應的“KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"為“KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image= registry:5000/pod-infrastructure:latest "”。更改之後需要重啟kubelet服務。
4、重建dashboard應用
執行完基於kubernetes叢集部署DashBoard中的“銷燬應用”之後,再次執行“啟動”,即可完成dashboard的重建。