k8s教程01（k8s环境配置及私有仓库搭建）

Infrastructure as a Service（laas，基础架构作为服务）阿里云
platform as a service（Paas，平台作为服务）新浪云
Software as a Service（Saas，软件作为服务） Office 365

Apache MESOS资源管理器
docker Swarm

高可用集群副本数据最好是>= 3奇数个

资料地址：
https://gitee.com/WeiboGe2012/kubernetes-kubeadm-install
https://gitee.com/llqhz/ingress-nginx根据版本找资料

k8s架构

APISERVER：所有服务访问统一入口
CrontrollerManager：维持副本期望数目
Scheduler：负责介绍任务，选择合适的节点进行分配任务
ETCD：键值对数据库储存K8S集群所有重要信息(持久化)
Kubelet：直接跟容器引擎交互实现容器的生命周期管理
Kube-prox：负责写入规则至IPTABLES、 IPVS 实现服务映射访问的

其他插件说明
COREDNS：可以为集群中的SVC创建一一个域名IP的对应关系解析
DASHBOARD：给K8S 集群提供个B/S结构访间体系
INGRESS CONTROLLER：官方只能实现四层代理，INGRESS 可以实现七层代理
FEDERATION：提供一个可以跨集群中心多K8S统一管理功能
PROMETHEUS：提供K8S集群的监控能力
ELK：提供K8S集群日志统一分析介入平台

Pod概念

pod控制器类型

Repl icationController & ReplicaSet & Deployment

ReplicationController用来确保容器应用的副本数始终保持在用户定义的副本数，即如果有容器异常退出，会自动创建新的Pod来替代;而如果异常多出来的容器也会自动回收。在新版本的Kubernetes 中建议使用ReplicaSet 来取代Replicat ionControlle

ReplicaSet跟Repl icat ionController没有本质的不同，只是名字不一样，并且Repl icaSet支持集合式的selector

虽然ReplicaSet可以独立使用，但一般般还是建议使用Deployment 来自动管理ReplicaSet，这样就无需担心跟其他机制的不兼容问题(比如ReplicaSet 不支持rolling-update但Deployment 支持)

HPA (Hor izontalPodAutoScale)

Horizontal Pod Autoscaling 仅适用于Deployment和ReplicaSet ，在V1版本中仅支持根据Pod的CPU利用率扩所容，在vlalpha 版本中，支持根据内存和用户自定义的metric 扩缩容

StatefullSet

StatefulSet是为了解决有状态服务的问题(对应Deployments 和Repl icaSets是为无状态服务而设计)，其应用场景包括:

*稳定的持久化存储，即Pod重新调度后还是能访问到相同的持久化数据，基于PVC来实现
*稳定的网络标志，即Pod重新调度后其PodName 和HostName 不变，基于Headless Service(即没有Cluster IP的Service )来实现
*有序部署，有序扩展，即Pod是有顺序的，在部署或者扩展的时候要依据定义的顺序依次依次进行(即从0到N-1,在下一个Pod运行之前所有之前的Pod必须都是Running 和Ready状态)，基于init containers 来实现
*有序收缩，有序删除(即从N-1到0)

DaemonSet

DaemonSet确保全部(或者-些) Node上运行一个Pod的副本。当有Node加入集群时，也会为他们新增一个Pod。当有Node从集群移除时，这些Pod也会被回收。删除DaemonSet 将会删除它创建的所有Pod
使用DaemonSet 的一些典型用法:

*运行集群存储daemon, 例如在每个Node上运行 glusterd、 ceph。
*在每个Node上运行日志收集daemon,例如fluentd、 logstash。
*在每个Node上运行监控daemon, 例如Prometheus Node Exporter

Job，Cronjob

Job负责批处理任务，即仅执行一次的任务，它保证批处理任务的-一个或多个Pod成功结束

Cron Job管理基于时间的Job，即:

*在给定时间点只运行一次
*周期性地在给定时间点运行

服务发现

网络通信模式

Kubernetes的网络模型假定了所有Pod都在一-个可以直接连通的扁平的网络空间中，这在GCE (Google Compute Engine) 里面是现成的网络模型，Kubernetes 假定这个网络已经存在。而在私有云里搭建Kubernetes 集群，就不能假定这个网络已经存在了。我们需要自己实现这个网络假设，将不同节点上的Docker 容器之间的互相访问先打通，然后运行Kubernetes

同一个Pod内的多个容器之间：lo
各Pod之间的通讯: Overlay Network
Pod与Service 之间的通讯：各节点的Iptables 规则

网络解决方案kubernetes + flannel

Flannel是CoreOS 团队针对Kubernetes 设计的一个网络规划服务，简单来说，它的功能是让集群中的不同节点主机创建的Docker容器都具有全集群唯—的虚拟IP地址。而且它还能在这些IP地址之间建立-一个覆盖网络(Overlay Network) ，通过这个覆盖网络，将数据包原封不动地传递到目标容器内

ETCD之Flannel 提供说明:

存储管理Flannel 可分配的IP地址段资源
监控ETCD中每个Pod的实际地址，并在内存中建立维护Pod节点路由表

不同情况下网络通讯方式

1、同一个Pod内部通讯:同一个 Pod共享同一个网络命名空间，共享同一个Linux协议栈Pod1至Pod2
2、Pod1至Pod2

不在同一台主机，Pod的地址是与docker0在同一个网段的，但docker0网段与宿主机网卡是两个完全不同的IP网段，并且不同Node之间的通信能通过宿主机的物理网卡进行。将Pod的IP和所在Node的IP关联起来，通过这个关联让Pod可以互相访问!
Pod1与Pod2在同一.台机器，由Docker0 网桥直接转发请求至Pod2，不需要经过Flannel演示

3、Pod至Service 的网络:目前基于性能考虑，全部为iptables 维护和转发
4、Pod到外网: Pod向外网发送请求，查找路由表，转发数据包到宿主机的网卡，宿主网卡完成路由选择后，iptables执行Masquerade,把源IP更改为宿主网卡的IP, 然后向外网服务器发送请求
5、外网访问Pod: Service

组件通讯示意图

k8s集群安装

前期准备

1、安装k8s的节点必须是大于1核心的CPU
2、安装节点的网络信息192.168.192.0/24 master:131 node1:130 node2:129

四台CentOS7：一个master主服务器和两个node节点和一个harbor，都是：仅主机模式

一台Windows10：并安装koolshare
KoolCenter固件下载服务器：http://fw.koolcenter.com/

下载IMG写盘工具

创建虚拟机

看一下是哪一个网卡是仅主机运行


设置完成后，浏览器访问koolshare路由ip：192.168.1.1密码：koolshare

修改成与k8s集群一样的网段

再次登录使用的是新的路由ip：192.168.192.1

诊断访问国内网站正常

访问国外网站，点击【酷软】

下载koolss

直接搜索SSR节点或有SSR服务器直接填写上去

k8s集群安装

设置系统主机名以及hosts文件

hostnamectl set-hostname k8s-master01

hostnamectl set-hostname k8s-node01

hostnamectl set-hostname k8s-node02

设置ip地址
vi /etc/sysconfig/network-scripts/ifcfg-ens33
master主机

TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="ea3b61ed-9232-4b69-b6c0-2f863969e750"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.192.131
NETMASK=255.255.255.0
GATEWAY=192.168.192.1
DNS1=192.168.192.1
DNS2=114.114.114.114

node01主机

TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="ea3b61ed-9232-4b69-b6c0-2f863969e750"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.192.130
NETMASK=255.255.255.0
GATEWAY=192.168.192.1
DNS1=192.168.192.1
DNS2=114.114.114.114

node02主机

TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="ea3b61ed-9232-4b69-b6c0-2f863969e750"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.192.129
NETMASK=255.255.255.0
GATEWAY=192.168.192.1
DNS1=192.168.192.1
DNS2=114.114.114.114

三台主机重启网络

service network restart

设置master主机的hosts文件，加入以下主机名
vi /etc/hosts

192.168.192.131 k8s-master01
192.168.192.130 k8s-node01
192.168.192.129 k8s-node02

将master主机的hosts文件拷贝到node01、node02主机上

[root@localhost ~]# scp /etc/hosts root@k8s-node01:/etc/hosts
The authenticity of host 'k8s-node01 (192.168.192.130)' can't be established.
ECDSA key fingerprint is SHA256:M5BalHyNXU5W49c5/9iZgC4Hl370O0Wr/c5S/FYFIvw.
ECDSA key fingerprint is MD5:28:23:b8:eb:af:d1:bd:bb:8c:77:e0:01:3c:62:7a:cb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'k8s-node01,192.168.192.130' (ECDSA) to the list of known hosts.
root@k8s-node01's password: 
hosts                                         100%  241   217.8KB/s   00:00    
[root@localhost ~]# scp /etc/hosts root@k8s-node02:/etc/hosts
The authenticity of host 'k8s-node02 (192.168.192.129)' can't be established.
ECDSA key fingerprint is SHA256:M5BalHyNXU5W49c5/9iZgC4Hl370O0Wr/c5S/FYFIvw.
ECDSA key fingerprint is MD5:28:23:b8:eb:af:d1:bd:bb:8c:77:e0:01:3c:62:7a:cb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'k8s-node02,192.168.192.129' (ECDSA) to the list of known hosts.
root@k8s-node02's password: 
hosts                                         100%  241   143.1KB/s   00:00

三台主机都安装依赖包

yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git

三台主机：设置防火墙为iptables并设置空规则

systemctl stop firewalld && systemctl disable firewalld

yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save

三台主机：关闭selinux

swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config

三台主机：调整内核参数，对于K8S

cat > kubernetes.conf <<EOF
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0 # 禁止使用 swap 空间，只有当系统 OOM 时才允许使用它
vm.overcommit_memory=1 # 不检查物理内存是否够用
vm.panic_on_oom=0 # 开启 OOM
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720
EOF

cp kubernetes.conf /etc/sysctl.d/kubernetes.conf
sysctl -p /etc/sysctl.d/kubernetes.conf

三台主机：调整系统时区

# 设置系统时区为中国/上海
timedatectl set-timezone Asia/Shanghai
# 将当前的UTC时间写入硬件时钟
timedatectl set-local-rtc 0
# 重启依赖于系统时间的服务
systemctl restart rsyslog
systemctl restart crond

三台主机：关闭系统不需要的服务

systemctl stop postfix && systemctl disable postfix

三台主机：设置rsyslogd和systemd journald

mkdir /var/log/journal  # 持久化保存日志的目录

mkdir /etc/systemd/journald.conf.d

cat > /etc/systemd/journald.conf.d/99-prophet.conf <<EOF
[Journal]
# 持久化保存到磁盘
Storage=persistent

# 压缩历史日志
Compress=yes

SyncIntervalSec=5m
RateLimitInterval=30s
RateLimitBurst=1000

# 最大占用空间10G
SystemMaxUse=10G

# 但日志文件最大 200M
SystemMaxFileSeize=200M

# 日志保存时间2周
MaxRetentionSec=2week

# 不将日志转发到syslog
ForwardToSyslog=no
EOF

systemctl restart systemd-journald

三台主机：升级系统内核为5.4

CentOS 7.x系统自带的3.10.x内核存在一些Bugs，导致运行的Docker、Kubernetes 不稳定，例如: rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

uname -r 命令查看内核信息

rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
# 安装完成后检查/boot/grub2/grub.cfg 中对应内核menuentry 中是否包含initrd16 配置，如果没有，再安装一次!
yum --enablerepo=elrepo-kernel install -y kernel-lt

# 上面查询出内核版本后，设置开机从新内核启动
grub2-set-default "CentOS Linux (4.4.182-1.el7.elrepo.x86_64) 7 (Core)"
grub2-set-default "CentOS Linux (5.4.195-1.el7.elrepo.x86_64) 7 (Core)"

三台主机：kube-proxy开启ipvs的前置条件

# ==============================================================内核4.44版本
modprobe br_netfilter

cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF

chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_Vs -e nf_conntrack_ipv4


# ==============================================================内核5.4版本
# 1.安装ipset和ipvsadm
yum install ipset ipvsadmin -y

# 2.添加需要加载的模块写入脚本文件
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
EOF

# 3.为脚本添加执行权限
chmod +x /etc/sysconfig/modules/ipvs.modules
# 4.执行脚本文件
cd /etc/sysconfig/modules/
./ipvs.modules
# 5.查看对应的模块是否加载成功
lsmod | grep -e -ip_vs -e nf_conntrack

三台主机：安装Docker软件

参考安装docker：https://blog.csdn.net/DDJ_TEST/article/details/114983746

# 设置存储库
# 安装yum-utils包（提供yum-config-manager 实用程序）并设置稳定存储库。
$ sudo yum install -y yum-utils
$ sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

# 安装指定版本的 Docker Engine 和 containerd
$ sudo yum install -y docker-ce-18.09.9 docker-ce-cli-18.09.9 containerd.io

启动docker

$ sudo systemctl start docker

通过运行hello-world 映像验证 Docker Engine 是否已正确安装。

$ sudo docker run hello-world

设置开机定时启动docker

$ sudo systemctl enable docker

关闭docker服务

$ sudo systemctl stop docker

重启docker服务

$ sudo systemctl restart  docker

验证

[root@k8s-master01 ~]# docker version
Client:
 Version:           18.09.9
 API version:       1.39
 Go version:        go1.11.13
 Git commit:        039a7df9ba
 Built:             Wed Sep  4 16:51:21 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.9
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.11.13
  Git commit:       039a7df
  Built:            Wed Sep  4 16:22:32 2019
  OS/Arch:          linux/amd64
  Experimental:     false

# 创建/etc/docker目录
mkdir /etc/docker

# 配置daemon
cat > /etc/docker/daemon.json <<EOF
{
	"exec-opts": ["native.cgroupdriver=systemd"],
	"log-driver": "json-file",
	"log-opts": {
		"max-size": "100m"
	},
	"insecure-registries": ["https://hub.atguigu.com"]
}
EOF

mkdir -p /etc/systemd/system/docker.service.d

# 重启docker服务
systemctl daemon-reload && systemctl restart docker && systemctl enable docker

三台主机：安装kubeadm（主从配置）

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum -y install kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1
systemctl enable kubelet.service

kubeadm-basic.images.tar.gz和harbor-offline-installer-v2.3.2.tgz 下载
上传到master节点上

tar -zxvf kubeadm-basic.images.tar.gz

vim load-images.sh将镜像文件上传到docker

#!/bin/bash

ls /root/kubeadm-basic.images > /tmp/image-list.txt

cd /root/kubeadm-basic.images

for i in $( cat /tmp/image-list.txt )
do
    docker load -i $i
done


rm -rf /tmp/image-list.txt

chmod a+x load-images.sh

./load-images.sh

将解压的文件复制到node01、node02

scp -r kubeadm-basic.images load-images.sh root@k8s-node01:/root

scp -r kubeadm-basic.images load-images.sh root@k8s-node02:/root

在node01、node02上执行load-images.sh文件

./load-images.sh

初始化主节点

# 生成模板文件
kubeadm config print init-defaults > kubeadm-config.yaml

vim kubeadm-config.yaml

apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 192.168.192.131      # 改成master主机的ip
  bindPort: 6443
nodeRegistration:
  criSocket: /var/run/dockershim.sock
  name: k8s-master01
  taints:
  - effect: NoSchedule
    key: node-role.kubernetes.io/master
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
  type: CoreDNS
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: k8s.gcr.io
kind: ClusterConfiguration
kubernetesVersion: v1.15.1		# 改成安装的版本号
networking:
  dnsDomain: cluster.local
  podSubnet: "10.244.0.0/16"	# 添加默认podSubnet网段
  serviceSubnet: 10.96.0.0/12
scheduler: {}
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
featureGates:
    SupportIPVSProxyMode: true
mode: ipvs

kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log

遇到报错，找问题3、4

查看日志文件

[root@k8s-master01 ~]# vim kubeadm-init.log

[init] Using Kubernetes version: v1.15.1
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Activating the kubelet service
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [k8s-master01 localhost] and IPs [192.168.192.131 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [k8s-master01 localhost] and IPs [192.168.192.131 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [k8s-master01 kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 192.168.192.131]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[apiclient] All control plane components are healthy after 23.004030 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.15" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
ecaa903ab475ec8d361a7a844feb3973b437a6e36981be7d949dccda63c15d00
[mark-control-plane] Marking the node k8s-master01 as control-plane by adding the label "node-role.kubernetes.io/master=''"
[mark-control-plane] Marking the node k8s-master01 as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: abcdef.0123456789abcdef
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.192.131:6443 --token abcdef.0123456789abcdef \
    --discovery-token-ca-cert-hash sha256:3236bf910c84de4e1f5ad24b1b627771602d5bad03e7819aad18805c440fd8aa
~

执行上面的命令

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

查看k8s节点

[root@k8s-master01 ~]# kubectl get node
NAME           STATUS     ROLES    AGE   VERSION
k8s-master01   NotReady   master   19m   v1.15.1

加入主节点以及其余工作节点

执行安装日志中的加入命令即可

部署网络

下面这条不用

kubectl apply -f https://github.com/WeiboGe2012/kube-flannel.yml/blob/master/kube-flannel.yml

执行下面的命令

[root@k8s-master01 ~]# mkdir -p install-k8s/core
[root@k8s-master01 ~]# mv kubeadm-init.log kubeadm-config.yaml install-k8s/core
[root@k8s-master01 ~]# cd install-k8s/
[root@k8s-master01 install-k8s]# mkdir -p plugin/flannel
[root@k8s-master01 install-k8s]# cd plugin/flannel
[root@k8s-master01 flannel]# wget https://github.com/WeiboGe2012/kube-flannel.yml/blob/master/kube-flannel.yml

[root@k8s-master01 flannel]# kubectl create -f kube-flannel.yml

[root@k8s-master01 flannel]# kubectl get pod -n kube-system
NAME                                   READY   STATUS    RESTARTS   AGE
coredns-5c98db65d4-4kj2t               1/1     Running   0          92m
coredns-5c98db65d4-7zsr7               1/1     Running   0          92m
etcd-k8s-master01                      1/1     Running   0          91m
kube-apiserver-k8s-master01            1/1     Running   0          91m
kube-controller-manager-k8s-master01   1/1     Running   0          91m
kube-flannel-ds-amd64-g4gh9            1/1     Running   0          18m
kube-proxy-t7v46                       1/1     Running   0          92m
kube-scheduler-k8s-master01            1/1     Running   0          91m

[root@k8s-master01 flannel]# kubectl get node
NAME           STATUS   ROLES    AGE   VERSION
k8s-master01   Ready    master   93m   v1.15.1

[root@k8s-master01 flannel]# ifconfig
cni0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.244.0.1  netmask 255.255.255.0  broadcast 10.244.0.255
        ether c6:13:60:e7:e8:21  txqueuelen 1000  (Ethernet)
        RX packets 4809  bytes 329578 (321.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4854  bytes 1485513 (1.4 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:71:d8:f1:e2  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.192.131  netmask 255.255.255.0  broadcast 192.168.192.255
        ether 00:0c:29:8c:51:ba  txqueuelen 1000  (Ethernet)
        RX packets 536379  bytes 581462942 (554.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1359677  bytes 1764989232 (1.6 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

flannel.1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.244.0.0  netmask 255.255.255.255  broadcast 0.0.0.0
        ether 16:0c:14:08:a6:51  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 625548  bytes 102038881 (97.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 625548  bytes 102038881 (97.3 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth350261c9: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        ether f2:95:97:91:06:00  txqueuelen 0  (Ethernet)
        RX packets 2400  bytes 198077 (193.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2424  bytes 741548 (724.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vethd9ac2bc1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        ether 16:5c:e0:81:25:ba  txqueuelen 0  (Ethernet)
        RX packets 2409  bytes 198827 (194.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2435  bytes 744163 (726.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

node01、node01主机加入节点

kubeadm-init.log日志文件最后一行复制到node01、node02执行

kubeadm join 192.168.192.131:6443 --token abcdef.0123456789abcdef \
    --discovery-token-ca-cert-hash sha256:3236bf910c84de4e1f5ad24b1b627771602d5bad03e7819aad18805c440fd8aa

再到master上查看两个节点还没完全运行

[root@k8s-master01 flannel]# kubectl get node
NAME           STATUS     ROLES    AGE   VERSION
k8s-master01   Ready      master   99m   v1.15.1
k8s-node01     NotReady   <none>   23s   v1.15.1
k8s-node02     NotReady   <none>   20s   v1.15.1

# 等一会node01、node02运行完成后再次看看
[root@k8s-master01 flannel]# kubectl get pod -n kube-system
NAME                                   READY   STATUS    RESTARTS   AGE
coredns-5c98db65d4-4kj2t               1/1     Running   0          100m
coredns-5c98db65d4-7zsr7               1/1     Running   0          100m
etcd-k8s-master01                      1/1     Running   0          100m
kube-apiserver-k8s-master01            1/1     Running   0          100m
kube-controller-manager-k8s-master01   1/1     Running   0          100m
kube-flannel-ds-amd64-5chsx            1/1     Running   0          109s
kube-flannel-ds-amd64-8bxpj            1/1     Running   0          112s
kube-flannel-ds-amd64-g4gh9            1/1     Running   0          26m
kube-proxy-cznqr                       1/1     Running   0          112s
kube-proxy-mcsdl                       1/1     Running   0          109s
kube-proxy-t7v46                       1/1     Running   0          100m
kube-scheduler-k8s-master01            1/1     Running   0          100m
[root@k8s-master01 flannel]# kubectl get pod -n kube-system -o wide
NAME                                   READY   STATUS    RESTARTS   AGE     IP                NODE           NOMINATED NODE   READINESS GATES
coredns-5c98db65d4-4kj2t               1/1     Running   0          101m    10.244.0.3        k8s-master01   <none>           <none>
coredns-5c98db65d4-7zsr7               1/1     Running   0          101m    10.244.0.2        k8s-master01   <none>           <none>
etcd-k8s-master01                      1/1     Running   0          100m    192.168.192.131   k8s-master01   <none>           <none>
kube-apiserver-k8s-master01            1/1     Running   0          100m    192.168.192.131   k8s-master01   <none>           <none>
kube-controller-manager-k8s-master01   1/1     Running   0          100m    192.168.192.131   k8s-master01   <none>           <none>
kube-flannel-ds-amd64-5chsx            1/1     Running   0          2m20s   192.168.192.129   k8s-node02     <none>           <none>
kube-flannel-ds-amd64-8bxpj            1/1     Running   0          2m23s   192.168.192.130   k8s-node01     <none>           <none>
kube-flannel-ds-amd64-g4gh9            1/1     Running   0          26m     192.168.192.131   k8s-master01   <none>           <none>
kube-proxy-cznqr                       1/1     Running   0          2m23s   192.168.192.130   k8s-node01     <none>           <none>
kube-proxy-mcsdl                       1/1     Running   0          2m20s   192.168.192.129   k8s-node02     <none>           <none>
kube-proxy-t7v46                       1/1     Running   0          101m    192.168.192.131   k8s-master01   <none>           <none>
kube-scheduler-k8s-master01            1/1     Running   0          100m    192.168.192.131   k8s-master01   <none>           <none>

[root@k8s-master01 flannel]# kubectl get node
NAME           STATUS   ROLES    AGE     VERSION
k8s-master01   Ready    master   104m    v1.15.1
k8s-node01     Ready    <none>   5m34s   v1.15.1
k8s-node02     Ready    <none>   5m31s   v1.15.1

到此k8s的1.15.1版本部署成功了，现在还不是高可用的
最后将重要文件保存到/usr/local/下，防止别删除

mv install-k8s/ /usr/local/

harbor主机配置

参考文档：https://github.com/WeiboGe2012/Data/tree/master/Linux/k8s/colony
设置ip地址
vi /etc/sysconfig/network-scripts/ifcfg-ens33
master主机

TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="ea3b61ed-9232-4b69-b6c0-2f863969e750"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.192.128
NETMASK=255.255.255.0
GATEWAY=192.168.192.1
DNS1=192.168.192.1
DNS2=114.114.114.114

安装docker

卸载旧版本

$ sudo yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine

# 设置存储库
# 安装yum-utils包（提供yum-config-manager 实用程序）并设置稳定存储库。
$ sudo yum install -y yum-utils
$ sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

# 安装指定版本的 Docker Engine 和 containerd
$ sudo yum install -y docker-ce-18.09.9 docker-ce-cli-18.09.9 containerd.io

启动docker

$ sudo systemctl start docker

通过运行hello-world 映像验证 Docker Engine 是否已正确安装。

$ sudo docker run hello-world

设置开机定时启动docker

$ sudo systemctl enable docker

关闭docker服务

$ sudo systemctl stop docker

重启docker服务

$ sudo systemctl restart  docker

验证

[root@k8s-master01 ~]# docker version
Client:
 Version:           18.09.9
 API version:       1.39
 Go version:        go1.11.13
 Git commit:        039a7df9ba
 Built:             Wed Sep  4 16:51:21 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.9
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.11.13
  Git commit:       039a7df
  Built:            Wed Sep  4 16:22:32 2019
  OS/Arch:          linux/amd64
  Experimental:     false

# 创建/etc/docker目录
mkdir /etc/docker

# 配置daemon
cat > /etc/docker/daemon.json <<EOF
{
	"exec-opts": ["native.cgroupdriver=systemd"],
	"log-driver": "json-file",
	"log-opts": {
		"max-size": "100m"
	},
	"insecure-registries": ["https://hub.atguigu.com"]
}
EOF

mkdir -p /etc/systemd/system/docker.service.d

# 重启docker服务
systemctl daemon-reload && systemctl restart docker && systemctl enable docker

安装docker-compose

下载

sudo curl -L "https://get.daocloud.io/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

设置权限

sudo chmod +x /usr/local/bin/docker-compose

验证

docker-compose --version

下载harborhttps://github.com/goharbor/harbor/releases

wget https://github.91chi.fun//https://github.com//goharbor/harbor/releases/download/v1.10.11/harbor-offline-installer-v1.10.11.tgz

tar -zxvf harbor-offline-installer-v1.10.11.tgz

mv harbor /usr/local/

cd /usr/local/harbor/

vi harbor.yml

harbor.yml

# Configuration file of Harbor

# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: hub.atguigu.com  # 修改点1，通讯地址

# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80

# https related config
https:
  # https port for harbor, default is 443
  port: 443
  # The path of cert and key files for nginx
  certificate: /data/cert/server.crt    # 修改并创建/data/cert路径
  private_key: /data/cert/server.key    # 修改并创建/data/cert路径

# Uncomment external_url if you want to enable external proxy
# And when it enabled the hostname will no longer used
# external_url: https://reg.mydomain.com:8433

# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: Harbor12345     # harbor登录admin账户密码

# Harbor DB configuration
database:
  # The password for the root user of Harbor DB. Change this before any production use.
  password: root123
  # The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
  max_idle_conns: 50
  # The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
  # Note: the default number of connections is 100 for postgres.
  max_open_conns: 100

# The default data volume
data_volume: /data      # 数据存储地址，没有需要创建目录

# Harbor Storage settings by default is using /data dir on local filesystem
# Uncomment storage_service setting If you want to using external storage
# storage_service:
#   # ca_bundle is the path to the custom root ca certificate, which will be injected into the truststore
#   # of registry's and chart repository's containers.  This is usually needed when the user hosts a internal storage with self signed certificate.
#   ca_bundle:

#   # storage backend, default is filesystem, options include filesystem, azure, gcs, s3, swift and oss
#   # for more info about this configuration please refer https://docs.docker.com/registry/configuration/
#   filesystem:
#     maxthreads: 100
#   # set disable to true when you want to disable registry redirect
#   redirect:
#     disabled: false

# Clair configuration
clair:
  # The interval of clair updaters, the unit is hour, set to 0 to disable the updaters.
  updaters_interval: 12

jobservice:
  # Maximum number of job workers in job service
  max_job_workers: 10

notification:
  # Maximum retry count for webhook job
  webhook_job_max_retry: 10

chart:
  # Change the value of absolute_url to enabled can enable absolute url in chart
  absolute_url: disabled

# Log configurations
log:
  # options are debug, info, warning, error, fatal
  level: info
  # configs for logs in local storage
  local:
    # Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated.
    rotate_count: 50
    # Log files are rotated only if they grow bigger than log_rotate_size bytes. If size is followed by k, the size is assumed to be in kilobytes.
    # If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G
    # are all valid.
    rotate_size: 200M
    # The directory on your host that store log
    location: /var/log/harbor

  # Uncomment following lines to enable external syslog endpoint.
  # external_endpoint:
  #   # protocol used to transmit log to external endpoint, options is tcp or udp
  #   protocol: tcp
  #   # The host of external endpoint
  #   host: localhost
  #   # Port of external endpoint
  #   port: 5140

#This attribute is for migrator to detect the version of the .cfg file, DO NOT MODIFY!
_version: 1.10.0

# Uncomment external_database if using external database.
# external_database:
#   harbor:
#     host: harbor_db_host
#     port: harbor_db_port
#     db_name: harbor_db_name
#     username: harbor_db_username
#     password: harbor_db_password
#     ssl_mode: disable
#     max_idle_conns: 2
#     max_open_conns: 0
#   clair:
#     host: clair_db_host
#     port: clair_db_port
#     db_name: clair_db_name
#     username: clair_db_username
#     password: clair_db_password
#     ssl_mode: disable
#   notary_signer:
#     host: notary_signer_db_host
#     port: notary_signer_db_port
#     db_name: notary_signer_db_name
#     username: notary_signer_db_username
#     password: notary_signer_db_password
#     ssl_mode: disable
#   notary_server:
#     host: notary_server_db_host
#     port: notary_server_db_port
#     db_name: notary_server_db_name
#     username: notary_server_db_username
#     password: notary_server_db_password
#     ssl_mode: disable

# Uncomment external_redis if using external Redis server
# external_redis:
#   host: redis
#   port: 6379
#   password:
#   # db_index 0 is for core, it's unchangeable
#   registry_db_index: 1
#   jobservice_db_index: 2
#   chartmuseum_db_index: 3
#   clair_db_index: 4

# Uncomment uaa for trusting the certificate of uaa instance that is hosted via self-signed cert.
# uaa:
#   ca_file: /path/to/ca

# Global proxy
# Config http proxy for components, e.g. http://my.proxy.com:3128
# Components doesn't need to connect to each others via http proxy.
# Remove component from `components` array if want disable proxy
# for it. If you want use proxy for replication, MUST enable proxy
# for core and jobservice, and set `http_proxy` and `https_proxy`.
# Add domain to the `no_proxy` field, when you want disable proxy
# for some special registry.
proxy:
  http_proxy:
  https_proxy:
  # no_proxy endpoints will appended to 127.0.0.1,localhost,.local,.internal,log,db,redis,nginx,core,portal,postgresql,jobservice,registry,registryctl,clair,chartmuseum,notary-server
  no_proxy:
  components:
    - core
    - jobservice
    - clair

根据上面的创建目录

[root@localhost harbor]# mkdir -p /data/cert
[root@localhost harbor]# cd !$
cd /data/cert
[root@localhost cert]#

创建证书

# 生成私钥
[root@localhost cert]# openssl genrsa -des3 -out server.key 2048
Generating RSA private key, 2048 bit long modulus
....................................................................................+++
...........+++
e is 65537 (0x10001)
Enter pass phrase for server.key:					# 输入两次一样的密码
Verifying - Enter pass phrase for server.key:

[root@localhost cert]# openssl req -new -key server.key -out server.csr
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN										# 国家
State or Province Name (full name) []:BJ									# 省份
Locality Name (eg, city) [Default City]:BJ									# 城市
Organization Name (eg, company) [Default Company Ltd]:atguigu				# 组织
Organizational Unit Name (eg, section) []:atguigu							# 机构
Common Name (eg, your name or your server's hostname) []:hub.atguigu.com	# 域名
Email Address []:[email protected]											# 管理员邮箱

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:													# 是否改密码，直接回车
An optional company name []:												# 是否改密码，直接回车


# 备份私钥
[root@localhost cert]# cp server.key server.key.org

# 转换成证书，把密码退掉
[root@localhost cert]# openssl rsa -in server.key.org -out server.key
Enter pass phrase for server.key.org:
writing RSA key

# 拿证书请求去签名
[root@localhost cert]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=/C=CN/ST=BJ/L=BJ/O=atguigu/OU=atguigu/CN=hub.atguigu.com/emailAddress=[email protected]
Getting Private key

# 把证书赋予权限
[root@localhost cert]# chmod a+x *

# 运行脚本安装
[root@localhost cert]# cd /usr/local/harbor/
[root@localhost harbor]# ls
common.sh  harbor.v1.10.11.tar.gz  harbor.yml  install.sh  LICENSE  prepare
# 下面这部遇到问题5
[root@localhost harbor]# ./install.sh

到master、node01、node02三台主机，添加harbor主机域名

[root@k8s-master01 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.192.131 k8s-master01
192.168.192.130 k8s-node01
192.168.192.129 k8s-node02
[root@k8s-master01 ~]# echo "192.168.192.128 hub.atguigu.com" >> /etc/hosts
[root@k8s-master01 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.192.131 k8s-master01
192.168.192.130 k8s-node01
192.168.192.129 k8s-node02
192.168.192.128 hub.atguigu.com

harbor主机也添加上域名

[root@k8s-master01 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.192.131 k8s-master01
192.168.192.130 k8s-node01
192.168.192.129 k8s-node02
192.168.192.128 hub.atguigu.com

修改Windows本地hosts文件，添加域名
C:\Windows\System32\drivers\etc\hosts

192.168.192.128 hub.atguigu.com

harbor主机，查看运行的容器

[root@localhost harbor]# docker ps -a
CONTAINER ID        IMAGE                                  COMMAND                  CREATED             STATUS                      PORTS                                         NAMES
cf5d0df2935f        goharbor/nginx-photon:v1.10.11         "nginx -g 'daemon of…"   48 seconds ago      Up 46 seconds (healthy)     0.0.0.0:80->8080/tcp, 0.0.0.0:443->8443/tcp   nginx
5f373c689525        goharbor/harbor-jobservice:v1.10.11    "/harbor/harbor_jobs…"   48 seconds ago      Up 46 seconds (healthy)                                                   harbor-jobservice
242b4f35f322        goharbor/harbor-core:v1.10.11          "/harbor/harbor_core"    48 seconds ago      Up 47 seconds (healthy)                                                   harbor-core
6fc46205eccb        goharbor/harbor-registryctl:v1.10.11   "/home/harbor/start.…"   50 seconds ago      Up 48 seconds (healthy)                                                   registryctl
8ca6e340e8b5        goharbor/harbor-db:v1.10.11            "/docker-entrypoint.…"   50 seconds ago      Up 48 seconds (healthy)     5432/tcp                                      harbor-db
bed1ed36df00        goharbor/redis-photon:v1.10.11         "redis-server /etc/r…"   50 seconds ago      Up 48 seconds (healthy)     6379/tcp                                      redis
42f03bcc4fb8        goharbor/harbor-portal:v1.10.11        "nginx -g 'daemon of…"   51 seconds ago      Up 48 seconds (healthy)     8080/tcp                                      harbor-portal
0647d52988cf        goharbor/registry-photon:v1.10.11      "/home/harbor/entryp…"   51 seconds ago      Up 48 seconds (healthy)     5000/tcp                                      registry
229aa32bbc70        goharbor/harbor-log:v1.10.11           "/bin/sh -c /usr/loc…"   51 seconds ago      Up 50 seconds (healthy)     127.0.0.1:1514->10514/tcp                     harbor-log
f349984bf935        91d0ab894aff                           "stf local --public-…"   6 months ago        Exited (1) 6 months ago                                                   stf
3b7be288d1ff        7123ee61b746                           "/sbin/tini -- adb -…"   6 months ago        Exited (143) 6 months ago                                                 adbd
a4bfb45049e4        2a54dcb95502                           "rethinkdb --bind al…"   6 months ago        Exited (0) 6 months ago                                                   rethinkdb

打开浏览器访问：hub.atguigu.com

输入账户：admin 密码：Harbor12345

验证node01登录harbor

[root@k8s-node01 ~]# docker login https://hub.atguigu.com
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

[root@k8s-node01 ~]# docker pull wangyanglinux/myapp:v1
v1: Pulling from wangyanglinux/myapp
550fe1bea624: Pull complete 
af3988949040: Pull complete 
d6642feac728: Pull complete 
c20f0a205eaa: Pull complete 
fe78b5db7c4e: Pull complete 
6565e38e67fe: Pull complete 
Digest: sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
Status: Downloaded newer image for wangyanglinux/myapp:v1

格式：docker tag SOURCE_IMAGE[:TAG] hub.atguigu.com/library/IMAGE[:TAG]
修改镜像标签，并推送

[root@k8s-node01 ~]# docker tag wangyanglinux/myapp:v1 hub.atguigu.com/library/myapp:v1
[root@k8s-node01 ~]# docker push hub.atguigu.com/library/myapp:v1
The push refers to repository [hub.atguigu.com/library/myapp]
a0d2c4392b06: Pushed 
05a9e65e2d53: Pushed 
68695a6cfd7d: Pushed 
c1dc81a64903: Pushed 
8460a579ab63: Pushed 
d39d92664027: Pushed 
v1: digest: sha256:9eeca44ba2d410e54fccc54cbe9c021802aa8b9836a0bcf3d3229354e4c8870e size: 1569

查看推送成功

删除镜像

[root@k8s-node01 ~]# docker rmi -f hub.atguigu.com/library/myapp:v1       
Untagged: hub.atguigu.com/library/myapp:v1
Untagged: hub.atguigu.com/library/myapp@sha256:9eeca44ba2d410e54fccc54cbe9c021802aa8b9836a0bcf3d3229354e4c8870e
[root@k8s-node01 ~]# docker rmi -f wangyanglinux/myapp:v1                 
Untagged: wangyanglinux/myapp:v1
Untagged: wangyanglinux/myapp@sha256:9c3dc30b5219788b2b8a4b065f548b922a34479577befb54b03330999d30d513
Deleted: sha256:d4a5e0eaa84f28550cb9dd1bde4bfe63a93e3cf88886aa5dad52c9a75dd0e6a9
Deleted: sha256:bf5594a16c1ff32ffe64a68a92ebade1080641f608d299170a2ae403f08764e7
Deleted: sha256:b74f3c20dd90bf6ead520265073c4946461baaa168176424ea7aea1bc7f08c1f
Deleted: sha256:8943f94f7db615e453fa88694440f76d65927fa18c6bf69f32ebc9419bfcc04a
Deleted: sha256:2020231862738f8ad677bb75020d1dfa34159ad95eef10e790839174bb908908
Deleted: sha256:49757da6049113b08246e77f770f49b1d50bb97c93f19d2eeae62b485b46e489
Deleted: sha256:d39d92664027be502c35cf1bf464c726d15b8ead0e3084be6e252a161730bc82

docker pull hub.atguigu.com/library/myapp:v1
在master主机上

[root@k8s-master01 ~]# kubectl run nginx-deployment --image=hub.atguigu.com/library/myapp:v1 --prot=80 --replicas=1
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
deployment.apps/nginx-deployment created

[root@k8s-master01 ~]# kubectl get deployment
NAME               READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   1/1     1            1           3m32s
[root@k8s-master01 ~]# kubectl get rs
NAME                          DESIRED   CURRENT   READY   AGE
nginx-deployment-78b46578cd   1         1         1       4m39s
[root@k8s-master01 ~]# kubectl get pod
NAME                                READY   STATUS    RESTARTS   AGE
nginx-deployment-78b46578cd-ttnkc   1/1     Running   0          4m48s

# 可以看到是在node01接点上运行
[root@k8s-master01 ~]# kubectl get pod -o wide
NAME                                READY   STATUS    RESTARTS   AGE     IP           NODE         NOMINATED NODE   READINESS GATES
nginx-deployment-78b46578cd-ttnkc   1/1     Running   0          5m19s   10.244.1.2   k8s-node01   <none>           <none>

# 直接访问是通的
[root@k8s-master01 ~]# curl 10.244.1.2
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[root@k8s-master01 ~]# curl 10.244.1.2/hostname.html 
nginx-deployment-78b46578cd-ttnkc

我们就到node01查看到hub.atguigu.com/library/myapp 在运行

[root@k8s-node01 ~]# docker ps
CONTAINER ID        IMAGE                           COMMAND                  CREATED             STATUS              PORTS               NAMES
ead8b7b658d0        hub.atguigu.com/library/myapp   "nginx -g 'daemon of…"   6 minutes ago       Up 6 minutes                            k8s_nginx-deployment_nginx-deployment-78b46578cd-ttnkc_default_aba645b2-b0bc-40df-bd3f-74e872c5eb3e_0
2e9604fe6814        k8s.gcr.io/pause:3.1            "/pause"                 6 minutes ago       Up 6 minutes                            k8s_POD_nginx-deployment-78b46578cd-ttnkc_default_aba645b2-b0bc-40df-bd3f-74e872c5eb3e_0
14144597ee6c        4e9f801d2217                    "/opt/bin/flanneld -…"   6 hours ago         Up 6 hours                              k8s_kube-flannel_kube-flannel-ds-amd64-8bxpj_kube-system_cf50e169-2798-496b-ac94-901ae02fc836_3
da5aa7976f63        89a062da739d                    "/usr/local/bin/kube…"   6 hours ago         Up 6 hours                              k8s_kube-proxy_kube-proxy-cznqr_kube-system_4146aaa5-e985-45bb-9f42-871c7671eea2_2
db9c540c9d69        k8s.gcr.io/pause:3.1            "/pause"                 6 hours ago         Up 6 hours                              k8s_POD_kube-proxy-cznqr_kube-system_4146aaa5-e985-45bb-9f42-871c7671eea2_3
b0c135210d4f        k8s.gcr.io/pause:3.1            "/pause"                 6 hours ago         Up 6 hours                              k8s_POD_kube-flannel-ds-amd64-8bxpj_kube-system_cf50e169-2798-496b-ac94-901ae02fc836_2

删除pod，就自动添加了一个pod

[root@k8s-master01 ~]# kubectl delete pod nginx-deployment-78b46578cd-ttnkc
pod "nginx-deployment-78b46578cd-ttnkc" deleted
[root@k8s-master01 ~]# kubectl get pod
NAME                                READY   STATUS    RESTARTS   AGE
nginx-deployment-78b46578cd-vvkd6   1/1     Running   0          29s

进行扩容

[root@k8s-master01 ~]# kubectl scale --replicas=3 deployment/nginx-deployment
deployment.extensions/nginx-deployment scaled
[root@k8s-master01 ~]# kubectl get pod
NAME                                READY   STATUS    RESTARTS   AGE
nginx-deployment-78b46578cd-45ndq   1/1     Running   0          11s
nginx-deployment-78b46578cd-r627l   1/1     Running   0          11s
nginx-deployment-78b46578cd-vvkd6   1/1     Running   0          3m17s
[root@k8s-master01 ~]# kubectl get pod -o wide
NAME                                READY   STATUS    RESTARTS   AGE     IP           NODE         NOMINATED NODE   READINESS GATES
nginx-deployment-78b46578cd-45ndq   1/1     Running   0          50s     10.244.2.2   k8s-node02   <none>           <none>
nginx-deployment-78b46578cd-r627l   1/1     Running   0          50s     10.244.1.4   k8s-node01   <none>           <none>
nginx-deployment-78b46578cd-vvkd6   1/1     Running   0          3m56s   10.244.1.3   k8s-node01   <none>           <none>

删除一个后再查看依然还是三个

[root@k8s-master01 ~]# kubectl delete pod nginx-deployment-78b46578cd-45ndq
pod "nginx-deployment-78b46578cd-45ndq" deleted
[root@k8s-master01 ~]# kubectl get pod -o wide
NAME                                READY   STATUS    RESTARTS   AGE     IP           NODE         NOMINATED NODE   READINESS GATES
nginx-deployment-78b46578cd-4g4cb   1/1     Running   0          34s     10.244.2.3   k8s-node02   <none>           <none>
nginx-deployment-78b46578cd-r627l   1/1     Running   0          2m30s   10.244.1.4   k8s-node01   <none>           <none>
nginx-deployment-78b46578cd-vvkd6   1/1     Running   0          5m36s   10.244.1.3   k8s-node01   <none>           <none>

[root@k8s-master01 ~]# kubectl get svc
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   23h
[root@k8s-master01 ~]# kubectl get deployment
NAME               READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   3/3     3            3           22m
[root@k8s-master01 ~]# kubectl expose deployment nginx-deployment --port=30000 --target-port=80
service/nginx-deployment exposed
[root@k8s-master01 ~]# kubectl get svc
NAME               TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)     AGE
kubernetes         ClusterIP   10.96.0.1      <none>        443/TCP     23h
nginx-deployment   ClusterIP   10.97.63.227   <none>        30000/TCP   39s
[root@k8s-master01 ~]# curl 10.97.63.227:30000
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>

# 轮询的访问
[root@k8s-master01 ~]# curl 10.97.63.227:30000/hostname.html
nginx-deployment-78b46578cd-r627l
[root@k8s-master01 ~]# curl 10.97.63.227:30000/hostname.html
nginx-deployment-78b46578cd-vvkd6
[root@k8s-master01 ~]# curl 10.97.63.227:30000/hostname.html
nginx-deployment-78b46578cd-4g4cb
[root@k8s-master01 ~]# curl 10.97.63.227:30000/hostname.html
nginx-deployment-78b46578cd-r627l
[root@k8s-master01 ~]# ipvsadm -Ln | grep 10.97.63.227
TCP  10.97.63.227:30000 rr
[root@k8s-master01 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.96.0.1:443 rr
  -> 192.168.192.131:6443         Masq    1      3          0         
TCP  10.96.0.10:53 rr
  -> 10.244.0.6:53                Masq    1      0          0         
  -> 10.244.0.7:53                Masq    1      0          0         
TCP  10.96.0.10:9153 rr
  -> 10.244.0.6:9153              Masq    1      0          0         
  -> 10.244.0.7:9153              Masq    1      0          0         
TCP  10.97.63.227:30000 rr
  -> 10.244.1.3:80                Masq    1      0          2         
  -> 10.244.1.4:80                Masq    1      0          2         
  -> 10.244.2.3:80                Masq    1      0          2         
UDP  10.96.0.10:53 rr
  -> 10.244.0.6:53                Masq    1      0          0         
  -> 10.244.0.7:53                Masq    1      0          0        
 
# IP和上面的一样 
[root@k8s-master01 ~]# kubectl get pod -o wide
NAME                                READY   STATUS    RESTARTS   AGE   IP           NODE         NOMINATED NODE   READINESS GATES
nginx-deployment-78b46578cd-4g4cb   1/1     Running   0          13m   10.244.2.3   k8s-node02   <none>           <none>
nginx-deployment-78b46578cd-r627l   1/1     Running   0          15m   10.244.1.4   k8s-node01   <none>           <none>
nginx-deployment-78b46578cd-vvkd6   1/1     Running   0          18m   10.244.1.3   k8s-node01   <none>           <none>

外网不能访问问题

[root@k8s-master01 ~]# kubectl get svc
NAME               TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)     AGE
kubernetes         ClusterIP   10.96.0.1      <none>        443/TCP     24h
nginx-deployment   ClusterIP   10.97.63.227   <none>        30000/TCP   10m
[root@k8s-master01 ~]# kubectl edit svc nginx-deployment

# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2022-05-26T11:48:32Z"
  labels:
    run: nginx-deployment
  name: nginx-deployment
  namespace: default
  resourceVersion: "72884"
  selfLink: /api/v1/namespaces/default/services/nginx-deployment
  uid: 22af8fb4-9580-4918-9040-ac1de01e39d3
spec:
  clusterIP: 10.97.63.227
  ports:
  - port: 30000
    protocol: TCP
    targetPort: 80
  selector:
    run: nginx-deployment
  sessionAffinity: None
  type: NodePort     # 修改成NodePort
status:
  loadBalancer: {}

[root@k8s-master01 ~]# kubectl get svc
NAME               TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)           AGE
kubernetes         ClusterIP   10.96.0.1      <none>        443/TCP           24h
nginx-deployment   NodePort    10.97.63.227   <none>        30000:30607/TCP   14m
[root@k8s-master01 ~]# netstat -anpt | grep :30607
tcp6       0      0 :::30607                :::*                    LISTEN      112386/kube-proxy   
[root@k8s-master01 ~]# netstat -anpt | grep :30607
tcp6       0      0 :::30607                :::*                    LISTEN      112386/kube-proxy

外网访问master主机地址加端口

node01的访问

node02的访问

这样k8s的测试，和仓库的私有连接就完成了

遇到问题1：浏览器192.168.1.1访问不了

解决办法：关闭所有的虚拟机，还原网络配置

遇到问题2：

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
解决办法：docker少创建了一个目录，环境部署仔细捋一遍

遇到问题3：

[root@k8s-master01 ~]# kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log
Flag --experimental-upload-certs has been deprecated, use --upload-certs instead
[init] Using Kubernetes version: v1.15.1
[preflight] Running pre-flight checks
        [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 20.10.16. Latest validated version: 18.09
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR NumCPU]: the number of available CPUs 1 is less than the required 2

解决办法：安装指定版本的docker，参考1：https://blog.csdn.net/mayi_xiaochaun/article/details/123421532
卸载docker，参考2：https://blog.csdn.net/wujian_csdn_csdn/article/details/122421103

遇到问题4：

[root@k8s-master01 ~]# kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log
Flag --experimental-upload-certs has been deprecated, use --upload-certs instead
[init] Using Kubernetes version: v1.15.1
[preflight] Running pre-flight checks
        [WARNING Service-Docker]: docker service is not enabled, please run 'systemctl enable docker.service'
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR NumCPU]: the number of available CPUs 1 is less than the required 2
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`

解决办法：虚拟机添加cpu，必须最低保证两个cpu

遇到问题5：

[root@localhost harbor]# ./install.sh 
...
...
...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-portal ... 
Creating registryctl   ... 
Creating registry      ... error
Creating harbor-portal ... done
Creating registryctl   ... done
ERROR: for registry  Cannot create container for service registry: Conflict. The container name "/registry" is already in use by container "3f42e1c7dd80b96b59848ac10698ef3f5537afeedb718a424dd91d13bb55440b". You have to remove (or renCreating redis         ... done
Creating harbor-db     ... done

ERROR: for registry  Cannot create container for service registry: Conflict. The container name "/registry" is already in use by container "3f42e1c7dd80b96b59848ac10698ef3f5537afeedb718a424dd91d13bb55440b". You have to remove (or rename) that container to be able to reuse that name.
ERROR: Encountered errors while bringing up the project.

解决办法：删除registry容器和镜像

[root@localhost harbor]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
goharbor/chartmuseum-photon     v1.10.11            d00df92a5e3e        3 weeks ago         164MB
goharbor/redis-photon           v1.10.11            aa57c8e9fa46        3 weeks ago         151MB
goharbor/clair-adapter-photon   v1.10.11            e87900ea4eb9        3 weeks ago         66.1MB
goharbor/clair-photon           v1.10.11            03cd37f2ca5d        3 weeks ago         178MB
goharbor/notary-server-photon   v1.10.11            801719b38205        3 weeks ago         105MB
goharbor/notary-signer-photon   v1.10.11            005e711802d6        3 weeks ago         102MB
goharbor/harbor-registryctl     v1.10.11            fd34fcc88f68        3 weeks ago         93.4MB
goharbor/registry-photon        v1.10.11            c7076a9bc40b        3 weeks ago         78.6MB
goharbor/nginx-photon           v1.10.11            68e6d0e1c018        3 weeks ago         45MB
goharbor/harbor-log             v1.10.11            06df11c5e8f3        3 weeks ago         108MB
goharbor/harbor-jobservice      v1.10.11            f7d878b39e41        3 weeks ago         84.7MB
goharbor/harbor-core            v1.10.11            69d4874721a3        3 weeks ago         79.6MB
goharbor/harbor-portal          v1.10.11            83b24472c7c8        3 weeks ago         53.1MB
goharbor/harbor-db              v1.10.11            11278dbcadf4        3 weeks ago         188MB
goharbor/prepare                v1.10.11            66d60732b8ff        3 weeks ago         206MB
nginx                           latest              04661cdce581        6 months ago        141MB
rethinkdb                       latest              2a54dcb95502        7 months ago        131MB
192.168.111.129:5000/demo       latest              40fc65df2cf9        14 months ago       660MB
demo                            1.0-SNAPSHOT        40fc65df2cf9        14 months ago       660MB
registry                        latest              678dfa38fcfa        17 months ago       26.2MB
openstf/ambassador              latest              938a816f078a        21 months ago       8.63MB
openstf/stf                     latest              91d0ab894aff        21 months ago       958MB
sorccu/adb                      latest              7123ee61b746        4 years ago         30.5MB
java                            8                   d23bdf5b1b1b        5 years ago         643MB
[root@localhost harbor]# docker rmi -f registry:latest
或者
[root@localhost harbor]# docker rmi 678dfa38fcfa
Error response from daemon: conflict: unable to delete 678dfa38fcfa (must be forced) - image is being used by stopped container 3f42e1c7dd80
[root@localhost harbor]# docker rm 3f42e1c7dd80
3f42e1c7dd80
[root@localhost harbor]# docker rmi 678dfa38fcfa
Error: No such image: 678dfa38fcfa

[root@localhost harbor]# cd /var/lib/docker/image/overlay2/imagedb/content/sha256/
[root@localhost sha256]# ll
总用量 188
-rw-------. 1 root root 4265 5月  26 17:48 005e711802d665903b9216e8c46b46676ad9c2e43ef48911a33f0bf9dbd30a06
-rw-------. 1 root root 4791 5月  26 17:48 03cd37f2ca5d16745270fef771c60cd502ec9559d332d6601f5ab5e9f41e841a
-rw-------. 1 root root 7738 11月 11 2021 04661cdce5812210bac48a8af672915d0719e745414b4c322719ff48c7da5b83
-rw-------. 1 root root 4789 5月  26 17:48 06df11c5e8f3cf1963c236327434cbfe2f5f3d9a9798c487d4e6c8ba1742e5fe
-rw-------. 1 root root 5725 5月  26 17:48 11278dbcadf4651433c7432427bd4877b6840c5d21454c3bf266c12c1d1dd559
-rw-------. 1 root root 5640 3月  18 2021 27fdf005f8f0ddc7837fcb7c1dd61cffdb37f14d964fb4edccfa4e6b60f6e339
-rw-------. 1 root root 3364 11月 11 2021 2a54dcb95502386ca01cdec479bea40b3eacfefe7019e6bb4883eff04d35b883
-rw-------. 1 root root 5771 3月  18 2021 40fc65df2cf909b24416714b4640fa783869481a4eebf37f7da8cbf1f299b2ab
-rw-------. 1 root root 5062 3月  18 2021 4e1d920c1cd61aeaf44f7e17b2dfc3dcb24414770a3955bbed61e53c39b90232
-rw-------. 1 root root 3526 5月  26 17:48 66d60732b8ff10d2f2d237a68044f11fc87497606cf8c5feae2adf6433f3d946
-rw-------. 1 root root 3114 3月  18 2021 678dfa38fcfa349ccbdb1b6d52ac113ace67d5746794b36dfbad9dd96a9d1c43
-rw-------. 1 root root 3501 5月  26 17:48 68e6d0e1c018d66a4cab78d6c2c46c23794e8a06b37e195e8c8bcded2ecc82d2
-rw-------. 1 root root 4058 5月  26 17:48 69d4874721a38f06228c4a2e407e4c82a8847b61b51c2d50a6e3fc645635c233
-rw-------. 1 root root 4284 11月 11 2021 7123ee61b7468b74c8de67a6dfb40c61840f5b910fee4105e38737271741582f
-rw-------. 1 root root 4263 5月  26 17:48 801719b38205038d5a145380a1954481ed4e8a340e914ef7819f0f7bed395df6
-rw-------. 1 root root 4814 5月  26 17:48 83b24472c7c8cc71effc362949d4fa04e3e0a6e4a8f2a248f5706513cbcdfa0a
-rw-------. 1 root root 5316 3月  18 2021 8f36ad1be230ab68cc8337931358734ffedd968a076a9522cd88359fbf4af98d
-rw-------. 1 root root 6501 11月 11 2021 91d0ab894affa1430efb6bd130edb360d9600132bb4187a6cabe403d8ef98bdd
-rw-------. 1 root root 2070 11月 11 2021 938a816f078a0b27753a0f690518754bfbb47e0bb57e61275600757845d7e4b1
-rw-------. 1 root root 3751 5月  26 17:48 aa57c8e9fa464f8124a753facda552af0a79f5aa169901f357a9003c8a65d9c5
-rw-------. 1 root root 5204 3月  18 2021 bb56dc5d8cbd1f41b9e9bc7de1df15354a204cf17527790e13ac7d0147916dd6
-rw-------. 1 root root 4347 5月  26 17:48 c7076a9bc40b43db80afb4699e124c0dd1c777825bd36d504a2233028421a178
-rw-------. 1 root root 4858 3月  18 2021 c70a4b1ffafa08a73e469ed0caa6693111aad55d34df8df7eea6bae0fb542547
-rw-------. 1 root root 4592 5月  26 17:48 d00df92a5e3e330c2231d9f54a0a0c320c420946e04afcfe02ad596d778a8370
-rw-------. 1 root root 4733 3月  18 2021 d23bdf5b1b1b1afce5f1d0fd33e7ed8afbc084b594b9ccf742a5b27080d8a4a8
-rw-------. 1 root root 3715 5月  26 17:48 e87900ea4eb9beafd8264e874f71fcb72ce1df827e999d6bb7b2e47ebb0ca5e4
-rw-------. 1 root root 3677 5月  26 17:48 f7d878b39e411b345d4eb263205cde950ad59ba3102d4ac1079238ef1b3de903
-rw-------. 1 root root 4632 5月  26 17:48 fd34fcc88f68fe44a06c34d3a754f70fd36ee6174e64e65cb1072f0d4a9826d0
[root@localhost sha256]# rm -rf 678dfa38fcfa349ccbdb1b6d52ac113ace67d5746794b36dfbad9dd96a9d1c43
[root@localhost sha256]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
goharbor/chartmuseum-photon     v1.10.11            d00df92a5e3e        3 weeks ago         164MB
goharbor/redis-photon           v1.10.11            aa57c8e9fa46        3 weeks ago         151MB
goharbor/clair-adapter-photon   v1.10.11            e87900ea4eb9        3 weeks ago         66.1MB
goharbor/clair-photon           v1.10.11            03cd37f2ca5d        3 weeks ago         178MB
goharbor/notary-server-photon   v1.10.11            801719b38205        3 weeks ago         105MB
goharbor/notary-signer-photon   v1.10.11            005e711802d6        3 weeks ago         102MB
goharbor/harbor-registryctl     v1.10.11            fd34fcc88f68        3 weeks ago         93.4MB
goharbor/registry-photon        v1.10.11            c7076a9bc40b        3 weeks ago         78.6MB
goharbor/nginx-photon           v1.10.11            68e6d0e1c018        3 weeks ago         45MB
goharbor/harbor-log             v1.10.11            06df11c5e8f3        3 weeks ago         108MB
goharbor/harbor-jobservice      v1.10.11            f7d878b39e41        3 weeks ago         84.7MB
goharbor/harbor-core            v1.10.11            69d4874721a3        3 weeks ago         79.6MB
goharbor/harbor-portal          v1.10.11            83b24472c7c8        3 weeks ago         53.1MB
goharbor/harbor-db              v1.10.11            11278dbcadf4        3 weeks ago         188MB
goharbor/prepare                v1.10.11            66d60732b8ff        3 weeks ago         206MB
nginx                           latest              04661cdce581        6 months ago        141MB
rethinkdb                       latest              2a54dcb95502        7 months ago        131MB
192.168.111.129:5000/demo       latest              40fc65df2cf9        14 months ago       660MB
demo                            1.0-SNAPSHOT        40fc65df2cf9        14 months ago       660MB
openstf/ambassador              latest              938a816f078a        21 months ago       8.63MB
openstf/stf                     latest              91d0ab894aff        21 months ago       958MB
sorccu/adb                      latest              7123ee61b746        4 years ago         30.5MB
java                            8                   d23bdf5b1b1b        5 years ago         643MB

你可能感兴趣的:(kubernetes,kubernetes,docker,容器)

Centos使用阿里云镜像安装docker 愤怒的代码 centos docker linux
配置阿里云的Yum镜像源配置阿里云的Yum镜像源可以提高下载速度，尤其是在国内网络环境下。以下是配置阿里云Yum镜像源的步骤：1.备份原有的Yum源配置文件首先，备份系统现有的Yum源配置文件，以防出现问题时可以还原：sudomv/etc/yum.repos.d/CentOS-Base.repo/etc/yum.repos.d/CentOS-Base.repo.bak2.下载阿里云的Yum源配置文
Docker部署RocketMQ5.2.0集群 egzosn docker 容器运维
部署架构说明：(1)Producer：生产者(2)Consumer：消费者(3)NameServer：RockerMQ的注册中心，多个实例组成集群，但相互独立，没有信息交换。每个Broker都向所有NameServer实例注册。(4)Broker：负责存储消息、转发消息。部署模式RocketMQ作为消息中间件，其主要功能为消息的Publish/Subscribe。而Broker担任的消息转发和存储
Ansible在CentOS下批量部署Nginx到Kubernetes集群酱江奖 RHEL zabbix 自学 ansible centos nginx
在现代云计算环境中，Kubernetes（简称K8s）作为容器编排平台的标准，广泛应用于应用程序的管理和部署。Ansible作为一种自动化运维工具，可以帮助我们高效地完成各种任务，包括在Kubernetes集群上部署应用。本文将详细介绍如何在CentOS操作系统中使用Ansible来批量部署Nginx服务至Kubernetes环境，并通过具体示例说明每一步的操作。环境准备1.安装Ansible确保
Docker进入正在运行的容器的命令逐星ing docker linux运维测试容器运维 docker
文章目录引言基本命令常用选项示例注意事项进入容器的目的安全建议引言在Docker中，进入正在运行的容器的命令通常使用dockerexec命令。以下是具体的命令格式和一些示例：基本命令dockerexec[选项]容器名称或ID命令常用选项-it：分配一个伪终端并保持标准输入开放，这样你就可以与容器进行交互。-d：以守护进程模式运行容器（后台运行）。示例交互式进入容器：dockerexec-it容器名
CentOS 7 上安装 Docker 库库林_沙琪马 docker centos docker linux
Docker已经成为了现代软件开发和部署不可或缺的一部分，它提供了一种简便的方式来打包、运行和管理应用程序。本教程将指导你如何在CentOS7系统上安装Docker并进行一些基本配置。系统要求在开始之前，请确保你的CentOS7系统是最新的，并且满足以下条件：CentOS7或更高版本至少2GB内存（虽然Docker官方推荐至少4GB）根据需要的存储空间步骤1:卸载旧版首先更新你的系统以确保所有现有
简单介绍 docker ZH_qaq windows javascript docker
简单介绍docker简介Docker是一个开源的应用容器引擎，让开发者可以打包他们的应用以及依赖包到一个可移植的容器中，然后发布到任何流行的Linux或Windows操作系统的机器上，也可以实现虚拟化，容器是完全使用沙箱机制，相互之间不会有任何接口。一个完整的Docker有以下几个部分组成：DockerClient客户端DockerDaemon守护进程DockerImage镜像DockerCont
k8s 调度流程和资源管理 Cloud孙文波 kubernetes 大数据编程语言 java python kubernetes
一、Kubernetes调度过程首先来看第一部分-Kubernetes的调度过程。如下图所示，画了一个很简单的Kubernetes集群架构，它包括了一个kube-ApiServer，一组webhooks的Controller，以及一个默认的调度器kube-Scheduler，还有两台物理机节点Node1和Node2，分别在上面部署了两个kubelet。我们来看一下，假如要向这个Kubernetes
Docker 面试题汇总(附答案) 啊滑滑蛋 docker 容器运维
本文首发在个人博客上（Docker面试题汇总(附答案)），欢迎来踩！建议和这篇一起观看，更加全面一些：万字总结！Docker简介及底层关键技术剖析Docker底层原理、概念类问题1.Docker和LXC有什么区别？LXC是在Linux上相关技术实现的容器，docker则在如下的几个方面进行了改进：1、移植性：通过抽象容器配置，容器可以实现一个平台移植到另一个平台。2、镜像系统：基于AUFS的镜像系
Kubernetes 架构及部署、调度、状态管理流程简介啊滑滑蛋 kubernetes 架构容器云原生
全文首发在个人博客上：Kubernetes架构及部署、调度、状态管理流程简介_Kubernetes简称k8s，是用于自动部署、扩展和管理“容器化应用程序”的开源系统。该系统由Google设计并捐赠给CloudNativeComputingFoundation来使用。它旨在提供“跨主机集群的自动部署、扩展以及运行应用程序容器的平台”。它支持一系列容器工具，包括Docker等。它是当前绝对主流的容器管
Docker搭建MongoDB Replica Set高可用集群+数据丢失&被黑解决+自动备份与恢复脚本+持久化慢查询记录秋风お亦冷运维企业实战笔录运维 docker mongodb 数据库
文章目录引节点规划配置文件创建持久化目录创建并推送证书启动临时容器修改配置文件单节点参考mongod.confdocker-compose.ymlReplicaSet参考mongod.confdocker-compose.yml部署与配置部署集群配置集群验证集群增删节点增加节点删除节点查看节点常用命令重置集群备份数据关闭服务删除持久化数据启动集群配置集群验证集群创建用户验证集群用户管理权限说明创建
快速上手基于 BaGet 的脚本自动化构建 .net 应用打包 ChaITSimpleLove .NET Core 跨平台自动化 .net 运维 BaGet dotnet pack
脚本自动化打包.net应用1.BaGet介绍1.2主要特点1.3使用说明1.3.1安装与部署1.3.1.1Docker部署1.3.1.2手动部署1.3.1.3配置2.应用举例2.1推送包2.2下载包3.配置信息3.1基本配置3.2其他配置选项4.脚本编写4.1编写PowerShell脚本4.2编写Bash脚本4.3运行脚本总结本篇文章我们介绍了如何使用脚本，自动化构建.net应用的nuget包，并
Spring——依赖注入的注解解析器招风的黑耳后端
3.导入person和student-->会在纳入spring的bean范围内查找属性上是否存在@Resource(name="student")*如果存在：继续解析@Resource有没有name属性*如果没有name属性(就会在所属的属性上把属性的名称解析出来，会让属性的名称和spring中的bean中的id进行匹配*如果匹配成功，则把spring容器中相应的对象赋值给该属性*如果匹配不成功，
零基础搭建一套完整的微服务框架【window版】 superswang docker java 微服务
技术栈：springboot+dubbo+docker零基础搭即可建微服务，完整运行本文你想学到什么?本文将以实战方式，首先对“微服务”相关的概念进行概要介绍，然后开始手把手教你搭建这一整套完整的微服务系统。项目完整代码下载地址https://github.com/gggcgba/mall微服务架构解决了什么问题此系统建立完以后，你的整个系统将被拆分成一个个独立的子系统，独立运行，系统与系统之间通
C++容器之Set与Map Dxx_xxx c++容器开发语言
怎么理解容器1、容器（container）可以看作是一个“容器”，为了方便理解，可以把它理解成一个“罐子”，这个罐子没有特定的大小，你有东西就可以放到对应的罐子里面去存储，或者你想要找什么东西也可以到相应的罐子中找出来。-----上述两类操作其实就与container中的insert()函数（作用是在该容器中插入元素）和find()函数（作用是从该容器中找到某一指定元素）类似。注意把容器跟普通的数
DOCKER入门概述木冷风
一、Docker主要组成部分的总体概述、二、Docker镜像生成1.构建环境的上下文dockerbuild–ttest/cowsay-dockerfile.(.就是上下文，能够被dockerfile的ADD或COPY指令所引用，通常以目录路径的形式指定，该目录下的所有文件和目录形成了构建环境的上下文)。“-”可以将STDIN输入作为构建环境的上下文2.镜像层Dockerfile中的每个指令执行后都
List、Set与Map的区别玖六_
List：1.可以允许重复的对象。2.可以插入多个null元素。3.是一个有序容器，保持了每个元素的插入顺序，输出的顺序就是插入的顺序。4.常用的实现类有ArrayList、LinkedList和Vector。ArrayList最为流行，它提供了使用索引的随意访问，而LinkedList则对于经常需要从List中添加或删除元素的场合更为合适。Set：1.不允许重复对象2.无序容器，你无法保证每个元
Spring Ioc 容器介绍圣心 spring rpc java
本章介绍Spring的控制反转（IoC）容器。SpringIoC容器和Bean简介容器概述Bean概述依赖Bean范围自定义Bean的性质Bean定义继承容器扩展点基于注释的容器配置类路径扫描和托管组件使用JSR330标准注释基于Java的容器配置环境抽象注册LoadTimeWeaverApplicationContext的其他功能BeanFactoryAPI该接口表示SpringIoC容器，并负
K8s中如何使用etcd进行集群信息的备份与恢复舒一笑不秃头 K8s 我这样学运维我的成长之路 kubernetes etcd 容器
这里写目录标题ETCD是什么？1.**`etcd`（服务）**2.**`etcdctl`（客户端工具）**如何安装etcdctl（客户端工具）查看目前K8s自带etcd中的版本信息安装对应版本的etcdutl工具下载`etcdutl`3.5.7版本配置环境变量创建备份文件验证一下备份的快照文件备份文件恢复的效果演示查看一下当前etcd的容器服务信息查看当前etcd服务缓存的文件信息位置删除配置文件
利用spring-boot-thin-launcher插件分离jar包的依赖和配置飞空之羽技术文章 spring boot maven
SpringBoot项目可以通过spring-boot-maven-plugin插件打包生成一个可执行的jar包，这样可以脱离web容器（例如tomcat）直接运行。但默认情况下spring-boot-maven-plugin打出来的包是一个fatjar，即将所有的依赖全部打进了jar包当中，这样的jar包体积很大，每次更新系统的时候都需要完整替换整个jar包（本地还好，如果是云服务器，网速慢了每
放电与充电 whz9803
姓名吴浩泽学号20181214372学院广研院转自21ic电子网网友火星国务卿原创电感：当线圈通过电流后，在线圈中形成磁场感应，感应磁场又会产生感应电流来抵制通过线圈中的电流。这种电流与线圈的相互作用关系称为电的感抗，也就是电感。电容：电容器所带电量Q与电容器两极间的电压U的比值，叫电容器的电容。在电路学里，给定电势差，电容器储存电荷的能力，称为电容（capacitance），标记为C。电容：电容
Docker安全最佳实践行路见知 Docker docker 运维网络安全
目录1、探测容器开放端口和服务漏洞2、宿主机、网络、镜像、DockerApi安全3、更新Docker、日志、事件4、Docker安全测试5、Docker安全最佳实践1、探测容器开放端口和服务漏洞使用Nmap扫描Docker容器中的开放端口使用dockerps命令获取正在运行的容器ID或名称。在主机上安装Nmap工具。使用以下命令扫描Docker容器中的开放端口：nmap-p-[container_
ConfigMap cc2022928 容器 kubernetes k8s
一、ConfigMap在Kubernetes中，ConfigMap是一种用于管理配置数据的资源对象。它的主要作用是将配置数据从容器镜像中分离出来，使得配置可以在不重新构建镜像的情况下进行修改和管理。ConfigMap允许将配置信息以键值对的形式存储，并可以在Pods中作为环境变量、命令行参数或者文件的形式提供给应用程序。实际例子1.假设有一个应用程序，它需要读取数据库的连接配置。可以使用Confi
【Kubernetes】常见面试题汇总（六） summer.335 Kubernetes kubernetes 容器云原生
目录17.简述kube-proxyipvs和iptables的异同？18.简述Kubernetes中什么是静态Pod？19.简述Kubernetes中Pod可能位于的状态？17.简述kube-proxyipvs和iptables的异同？（1）iptables与IPVS都是基于Netfilter实现的，但因为定位不同，二者有着本质的差别：①iptables是为防火墙而设计的；②IPVS则专门用于高性
【Kubernetes】常见面试题汇总（五） summer.335 Kubernetes kubernetes 容器云原生
目录13.简述KubernetesReplicaSet和ReplicationController之间有什么区别？14.简述kube-proxy作用？15.简述kube-proxyiptables原理？16.简述kube-proxyipvs原理？13.简述KubernetesReplicaSet和ReplicationController之间有什么区别？-ReplicaSet和Replicatio
【Kubernetes知识点问答题】监控与升级 / ETCD 备份与恢复 summer.335 Kubernetes kubernetes etcd 容器云原生
目录1.举例说明K8s中都有哪些常规的维护管理操作。2.如何升级K8s到新的版本？在升级过程中应该注意哪些事项？3.解释ETCD及其备份和恢复的过程。1.举例说明K8s中都有哪些常规的维护管理操作。常见的维护管理操作有：①查看pod详情：（可以通过最下面的event查看事件）#kubectldescribepodfrontend②查看pod日志：#kubectllogsfrontend③查看pod
查看docker容器进程的pid lonelyhiker docker 容器运维
在Linux上，每个Docker容器内的进程都有一个对应的宿主机上的PID。要查看Docker容器中的进程在宿主机上的PID，可以使用以下几种方法：方法1:使用dockertop命令dockertop可以显示容器内的进程信息。dockertop这个命令会列出容器内的进程以及它们的PID，注意这些PID是容器内的进程号。方法2:使用dockerinspect命令如果你想查看宿主机上的PID，可以通过
kubernetes online depoly | kubeadm 快速部署kubernetes v1.25 集群 |单matser 深耕云原生 kubernetes kubernetes 容器云原生
目录一、环境准备二、安装Containerd三、安装Kubernetes四、部署网络插件一、环境准备软件环境：操作系统AlmaLinux9容器引擎ContainerdKubernetes1.25服务器规划：k8s-master192.168.200.11k8s-node1192.168.200.12k8s-node2192.168.200.13查看系统内核#查看当前系统的版本：[root@k8s-
Kubernetes Kubevirt ｜使用Kubevirt创建虚拟机深耕云原生 KubeVirt kubernetes 容器云原生
一、什么是KubevirtKubevirt是Kubernetes的一个插件，为Kubernetes提供了在与容器相同的基础结构上提供、管理和控制Kvm虚拟机的能力。解决k8s不能调度虚拟机的问题，在之前k8s只能调度底层container。使用Kubevirt可以：创建虚拟机启动虚拟机停止虚拟机删除虚拟机在Kubernetes集群上调度虚拟机虚拟机运行在KubernetesPod中，利用标准的K8
Docker 核心架构及拆解（中）张晋涛-MoeLove Docker 核心知识必知必会 Docker Kubernetes Docker 容器镜像 Docker 生态 Docker Kubernetes
上一篇，我们正式进入了本课程第四部分“架构篇”的学习。本篇是第一个主题“Docker核心架构及拆解”的中篇。在上一篇中，我为你从较高的层次介绍了Docker基础的核心组件，包括containerd和runc等相关组件，知道了容器创建的一个基本的组件间的调用关系。本篇，我来为你介绍尚未介绍到的其他相关组件。docker-proxy我们来回忆下之前介绍过的，如何将容器的端口暴露出来。在dockerru
Docker 引擎嘟嘟小猪 Docker
Docker引擎是一个包含以下主要组件的客户端服务器应用程序。一种服务器，它是一种称为守护进程并且长时间运行的程序。RESTAPI用于指定程序可以用来与守护进程通信的接口，并指示它做什么。一个有命令行界面(CLI)工具的客户端。Docker引擎组件的流程如下图所示：
VMware Workstation 11 或者 VMware Player 7安装MAC OS X 10.10 Yosemite iwindyforest vmware mac os 10.10 workstation player
最近尝试了下VMware下安装MacOS 系统，安装过程中发现网上可供参考的文章都是VMware Workstation 10以下， MacOS X 10.9以下的文章，只能提供大概的思路，但是实际安装起来由于版本问题，走了不少弯路，所以我尝试写以下总结，希望能给有兴趣安装OSX的人提供一点帮助。写在前面的话：其实安装好后发现，由于我的th
关于《基于模型驱动的B/S在线开发平台》源代码开源的疑虑？ deathwknight JavaScript java 框架
本人从学习Java开发到现在已有10年整，从一个要自学 java买成javascript的小菜鸟，成长为只会java和javascript语言的老菜鸟（个人邮箱：[email protected]）一路走来，跌跌撞撞。用自己的三年多业余时间，瞎搞一个小东西（基于模型驱动的B/S在线开发平台，非MVC框架、非代码生成）。希望与大家一起分享，同时有许些疑虑，希望有人可以交流下平台
如何把maven项目转成web项目 Kai_Ge maven MyEclipse
创建Web工程，使用eclipse ee创建maven web工程 1.右键项目,选择Project Facets,点击Convert to faceted from 2.更改Dynamic Web Module的Version为2.5.(3.0为Java7的,Tomcat6不支持). 如果提示错误,可能需要在Java Compiler设置Compiler compl
主管？？？ Array_06 工作
转载：http://www.blogjava.net/fastzch/archive/2010/11/25/339054.html 很久以前跟同事参加的培训，同事整理得很详细，必须得转！前段时间，公司有组织中高阶主管及其培养干部进行了为期三天的管理训练培训。三天的课程下来，虽然内容较多，因对老师三天来的课程内容深有感触，故借着整理学习心得的机会，将三天来的培训课程做了一个
python内置函数大全 2002wmj python
最近一直在看python的document，打算在基础方面重点看一下python的keyword、Build-in Function、Build-in Constants、Build-in Types、Build-in Exception这四个方面，其实在看的时候发现整个《The Python Standard Library》章节都是很不错的，其中描述了很多不错的主题。先把Build-in Fu
JSP页面通过JQUERY合并行 357029540 JavaScript jquery
在写程序的过程中我们难免会遇到在页面上合并单元行的情况，如图所示如果对于会的同学可能很简单，但是对没有思路的同学来说还是比较麻烦的，提供一下用JQUERY实现的参考代码 function mergeCell(){ var trs = $("#table tr"); &nb
Java基础冰天百华 java基础
学习函数式编程 package base; import java.text.DecimalFormat; public class Main { public static void main(String[] args) { // Integer a = 4; // Double aa = (double)a / 100000; // Decimal
unix时间戳相互转换 adminjun 转换 unix 时间戳
如何在不同编程语言中获取现在的Unix时间戳(Unix timestamp)？ Java time JavaScript Math.round(new Date().getTime()/1000) getTime()返回数值的单位是毫秒 Microsoft .NET / C# epoch = (DateTime.Now.ToUniversalTime().Ticks - 62135
作为一个合格程序员该做的事 aijuans 程序员
作为一个合格程序员每天该做的事 1、总结自己一天任务的完成情况最好的方式是写工作日志，把自己今天完成了什么事情，遇见了什么问题都记录下来，日后翻看好处多多 2、考虑自己明天应该做的主要工作把明天要做的事情列出来，并按照优先级排列，第二天应该把自己效率最高的时间分配给最重要的工作 3、考虑自己一天工作中失误的地方，并想出避免下一次再犯的方法出错不要紧，最重
由html5视频播放引发的总结 ayaoxinchao html5 视频 video
前言项目中存在视频播放的功能，前期设计是以flash播放器播放视频的。但是现在由于需要兼容苹果的设备，必须采用html5的方式来播放视频。我就出于兴趣对html5播放视频做了简单的了解，不了解不知道，水真是很深。本文所记录的知识一些浅尝辄止的知识，说起来很惭愧。视频结构本该直接介绍html5的<video>的，但鉴于本人对视频
解决httpclient访问自签名https报javax.net.ssl.SSLHandshakeException: sun.security.validat bewithme httpclient
如果你构建了一个https协议的站点，而此站点的安全证书并不是合法的第三方证书颁发机构所签发，那么你用httpclient去访问此站点会报如下错误 javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path bu
Jedis连接池的入门级使用 bijian1013 redis redis数据库 jedis
Jedis连接池操作步骤如下： a.获取Jedis实例需要从JedisPool中获取； b.用完Jedis实例需要返还给JedisPool； c.如果Jedis在使用过程中出错，则也需要还给JedisPool； packag
变与不变 bingyingao 不变变亲情永恒
变与不变周末骑车转到了五年前租住的小区，曾经最爱吃的西北面馆、江西水饺、手工拉面早已不在，各种店铺都换了好几茬，这些是变的。三年前还很流行的一款手机在今天看起来已经落后的不像样子。三年前还运行的好好的一家公司，今天也已经不复存在。一座座高楼拔地而起，
【Scala十】Scala核心四：集合框架之List bit1129 scala
Spark的RDD作为一个分布式不可变的数据集合，它提供的转换操作，很多是借鉴于Scala的集合框架提供的一些函数，因此，有必要对Scala的集合进行详细的了解 1. 泛型集合都是协变的，对于List而言，如果B是A的子类，那么List[B]也是List[A]的子类，即可以把List[B]的实例赋值给List[A]变量 2. 给变量赋值(注意val关键字，a，b
Nested Functions in C bookjovi c closure
Nested Functions 又称closure，属于functional language中的概念，一直以为C中是不支持closure的，现在看来我错了，不过C标准中是不支持的，而GCC支持。既然GCC支持了closure，那么 lexical scoping自然也支持了，同时在C中label也是可以在nested functions中自由跳转的
Java-Collections Framework学习与总结-WeakHashMap BrokenDreams Collections
总结这个类之前，首先看一下Java引用的相关知识。Java的引用分为四种：强引用、软引用、弱引用和虚引用。强引用：就是常见的代码中的引用，如Object o = new Object();存在强引用的对象不会被垃圾收集
读《研磨设计模式》-代码笔记-解释器模式-Interpret bylijinnan java 设计模式
声明：本文只为方便我个人查阅和理解，详细的分析以及源代码请移步原作者的博客http://chjavach.iteye.com/ package design.pattern; /* * 解释器（Interpreter）模式的意图是可以按照自己定义的组合规则集合来组合可执行对象 * * 代码示例实现XML里面1.读取单个元素的值 2.读取单个属性的值 * 多
After Effects操作&快捷键 cherishLC After Effects
1、快捷键官方文档中文版：https://helpx.adobe.com/cn/after-effects/using/keyboard-shortcuts-reference.html 英文版：https://helpx.adobe.com/after-effects/using/keyboard-shortcuts-reference.html 2、常用快捷键
Maven 常用命令 crabdave maven
Maven 常用命令 mvn archetype:generate mvn install mvn clean mvn clean complie mvn clean test mvn clean install mvn clean package mvn test mvn package mvn site mvn dependency:res
shell bad substitution daizj shell 脚本
#!/bin/sh /data/script/common/run_cmd.exp 192.168.13.168 "impala-shell -islave4 -q 'insert OVERWRITE table imeis.${tableName} select ${selectFields}, ds, fnv_hash(concat(cast(ds as string), im
Java SE 第二讲（原生数据类型 Primitive Data Type） dcj3sjt126com java
Java SE 第二讲： 1. Windows: notepad, editplus, ultraedit, gvim Linux: vi, vim, gedit 2. Java 中的数据类型分为两大类： 1）原生数据类型（Primitive Data Type） 2）引用类型（对象类型）（R
CGridView中实现批量删除 dcj3sjt126com PHP yii
1，CGridView中的columns添加 array( 'selectableRows' => 2, 'footer' => '<button type="button" onclick="GetCheckbox();" style=&
Java中泛型的各种使用 dyy_gusi java 泛型
Java中的泛型的使用：1.普通的泛型使用在使用类的时候后面的<>中的类型就是我们确定的类型。 public class MyClass1<T> {//此处定义的泛型是T private T var; public T getVar() { return var; } public void setVa
Web开发技术十年发展历程 gcq511120594 Web 浏览器数据挖掘
回顾web开发技术这十年发展历程： Ajax 03年的时候我上六年级，那时候网吧刚在小县城的角落萌生。传奇，大话西游第一代网游一时风靡。我抱着试一试的心态给了网吧老板两块钱想申请个号玩玩，然后接下来的一个小时我一直在，注，册，账，号。彼时网吧用的512k的带宽，注册的时候，填了一堆信息，提交，页面跳转，嘣，”您填写的信息有误，请重填”。然后跳转回注册页面，以此循环。我现在时常想，如果当时a
openSession()与getCurrentSession()区别： hetongfei java DAO Hibernate
来自 http://blog.csdn.net/dy511/article/details/6166134 1.getCurrentSession创建的session会和绑定到当前线程,而openSession不会。 2. getCurrentSession创建的线程会在事务回滚或事物提交后自动关闭,而openSession必须手动关闭。这里getCurrentSession本地事务(本地
第一章安装Nginx+Lua开发环境 jinnianshilongnian nginx lua openresty
首先我们选择使用OpenResty，其是由Nginx核心加很多第三方模块组成，其最大的亮点是默认集成了Lua开发环境，使得Nginx可以作为一个Web Server使用。借助于Nginx的事件驱动模型和非阻塞IO，可以实现高性能的Web应用程序。而且OpenResty提供了大量组件如Mysql、Redis、Memcached等等，使在Nginx上开发Web应用更方便更简单。目前在京东如实时价格、秒
HSQLDB In-Process方式访问内存数据库 liyonghui160com
HSQLDB一大特色就是能够在内存中建立数据库，当然它也能将这些内存数据库保存到文件中以便实现真正的持久化。先睹为快！下面是一个In-Process方式访问内存数据库的代码示例：下面代码需要引入hsqldb.jar包（hsqldb-2.2.8） import java.s
Java线程的5个使用技巧 pda158 java 数据结构
Java线程有哪些不太为人所知的技巧与用法？　　萝卜白菜各有所爱。像我就喜欢Java。学无止境，这也是我喜欢它的一个原因。日常工作中你所用到的工具，通常都有些你从来没有了解过的东西，比方说某个方法或者是一些有趣的用法。比如说线程。没错，就是线程。或者确切说是Thread这个类。当我们在构建高可扩展性系统的时候，通常会面临各种各样的并发编程的问题，不过我们现在所要讲的可能会略有不同。
开发资源大整合：编程语言篇——JavaScript（1） shoothao JavaScript
概述：本系列的资源整合来自于github中各个领域的大牛，来收藏你感兴趣的东西吧。程序包管理器管理javascript库并提供对这些库的快速使用与打包的服务。 Bower - 用于web的程序包管理。 component - 用于客户端的程序包管理，构建更好的web应用程序。 spm - 全新的静态的文件包管
避免使用终结函数 vahoa.ma java jvm C++
终结函数（finalizer）通常是不可预测的，常常也是很危险的，一般情况下不是必要的。使用终结函数会导致不稳定的行为、更差的性能，以及带来移植性问题。不要把终结函数当做C++中的析构函数（destructors）的对应物。我自己总结了一下这一条的综合性结论是这样的： 1）在涉及使用资源，使用完毕后要释放资源的情形下，首先要用一个显示的方