harbor+k8s deploy
install dockerhttps://docs.docker.com/engine/install/
添加自动补全
yum -y install bash-completion
source /usr/share/bash-completion/bash_completioninstall and configuration harbor
# mkdir -pv /k8s/softwares/certs/{ca,server,client}
# tar -zxvf harbor-offline-installer-v2.9.3.tgz
# openssl genrsa -out ca/ca.key 4096
# openssl req -x509 -new -nodes -sha512 -days 3650-subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=foam.com"-key ca/ca.key-out ca/ca.crt
# openssl req -x509 -new -nodes -sha512 -days 3650-subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=foam.com"-key ca/ca.key-out ca/ca.crt
# openssl genrsa -out server/harbor.foam.com.key 4096
# openssl req -sha512 -new -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=harbor.foam.com" -key server/harbor.foam.com.key -out server/harbor.foam.com.csr
# cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
DNS.1=foam.com
DNS.2=foam
DNS.3=harbor.foam.com
EOF
# openssl x509 -req -sha512 -days 3650 -extfile v3.ext -CA ca/ca.crt -CAkey ca/ca.key -CAcreateserial -in server/harbor.foam.com.csr -out server/harbor.foam.com.crt
# openssl x509 -inform PEM -in server/harbor.foam.com.crt -out server/harbor.foam.com.cert
# mkdir -pv /etc/docker/certs.d/harbor.foam.com
# cp -r /k8s/softwares/certs/client/* /etc/docker/certs.d/harbor.foam.com/
# echo ip harbor.foam.com >> /etc/hosts
# echo alias yy=\'egrep -v \"\^.*#\|\^\$\"\'>> /root/.bashrc
# source /root/.bashrc
# harbor configuration
hostname: harbor.foam.com
http:
port: 80
https:
port: 443
certificate: /k8s/softwares/certs/server/harbor.foam.com.crt
private_key: /k8s/softwares/certs/server/harbor.foam.com.key
harbor_admin_password: foam
# ./install
# docker login -u admin -p foam harbor.foam.com
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
# docker logout harbor.foam.com
# scp /k8s/softwares/certs/client/* 192.168.100.15:/etc/docker/certs.d/harbor.foam.com
# scp /k8s/softwares/certs/client/* 192.168.100.7:/etc/docker/certs.d/harbor.foam.com
# scp /k8s/softwares/certs/client/* 192.168.100.8:/etc/docker/certs.d/harbor.foam.cominstall kubernetes
# All Node and install docker# swapoff -a && sysctl -w vm.swappiness=0# sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab# ifconfigeth0| grep ether | awk '{print $2}'# cat > /etc/modules-load.d/k8s.conf/etc/sysctl.d/k8s.conf/etc/yum.repos.d/kubernetes.repo
页:
[1]