install docker
https://docs.docker.com/engine/install/
添加自动补全- yum -y install bash-completion
- source /usr/share/bash-completion/bash_completion
- [root@Rocky-Harbor certs]# mkdir -pv /k8s/softwares/certs/{ca,server,client}
- [root@Rocky-Harbor certs]# tar -zxvf harbor-offline-installer-v2.9.3.tgz
- [root@Rocky-Harbor certs]# openssl genrsa -out ca/ca.key 4096
- [root@Rocky-Harbor certs]# openssl req -x509 -new -nodes -sha512 -days 3650 -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=foam.com" -key ca/ca.key -out ca/ca.crt
- [root@Rocky-Harbor certs]# openssl req -x509 -new -nodes -sha512 -days 3650 -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=foam.com" -key ca/ca.key -out ca/ca.crt
- [root@Rocky-Harbor certs]# openssl genrsa -out server/harbor.foam.com.key 4096
- [root@Rocky-Harbor certs]# openssl req -sha512 -new -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=harbor.foam.com" -key server/harbor.foam.com.key -out server/harbor.foam.com.csr
- [root@Rocky-Harbor certs]# cat > v3.ext <<-EOF
- authorityKeyIdentifier=keyid,issuer
- basicConstraints=CA:FALSE
- keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
- extendedKeyUsage = serverAuth
- subjectAltName = @alt_names
- [alt_names]
- DNS.1=foam.com
- DNS.2=foam
- DNS.3=harbor.foam.com
- EOF
- [root@Rocky-Harbor certs]# openssl x509 -req -sha512 -days 3650 -extfile v3.ext -CA ca/ca.crt -CAkey ca/ca.key -CAcreateserial -in server/harbor.foam.com.csr -out server/harbor.foam.com.crt
- [root@Rocky-Harbor certs]# openssl x509 -inform PEM -in server/harbor.foam.com.crt -out server/harbor.foam.com.cert
- [root@Rocky-Harbor certs]# mkdir -pv /etc/docker/certs.d/harbor.foam.com
- [root@Rocky-Harbor certs]# cp -r /k8s/softwares/certs/client/* /etc/docker/certs.d/harbor.foam.com/
- [root@Rocky-Harbor certs]# echo ip harbor.foam.com >> /etc/hosts
- [root@Rocky-Harbor harbor]# echo alias yy=\'egrep -v "\^.*#\|\^\$"\' >> /root/.bashrc
- [root@Rocky-Harbor harbor]# source /root/.bashrc
- # harbor configuration
- hostname: harbor.foam.com
- http:
- port: 80
- https:
- port: 443
- certificate: /k8s/softwares/certs/server/harbor.foam.com.crt
- private_key: /k8s/softwares/certs/server/harbor.foam.com.key
- harbor_admin_password: foam
- [root@Rocky-Harbor harbor]# ./install
- [root@Rocky-Harbor harbor]# docker login -u admin -p foam harbor.foam.com
- WARNING! Using --password via the CLI is insecure. Use --password-stdin.
- WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
- Configure a credential helper to remove this warning. See
- https://docs.docker.com/engine/reference/commandline/login/#credentials-store
- Login Succeeded
- [root@Rocky-Harbor harbor]# docker logout harbor.foam.com
- [root@Rocky-Harbor harbor]# scp /k8s/softwares/certs/client/* 192.168.100.15:/etc/docker/certs.d/harbor.foam.com
- [root@Rocky-Harbor harbor]# scp /k8s/softwares/certs/client/* 192.168.100.7:/etc/docker/certs.d/harbor.foam.com
- [root@Rocky-Harbor harbor]# scp /k8s/softwares/certs/client/* 192.168.100.8:/etc/docker/certs.d/harbor.foam.com
[code]# All Node and install docker[root@Rocky-kubernetes-control ~]# swapoff -a && sysctl -w vm.swappiness=0[root@Rocky-kubernetes-control ~]# sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab[root@Rocky-kubernetes-control ~]# ifconfig eth0 | grep ether | awk '{print $2}'[root@Rocky-kubernetes-control ~]# cat > /etc/modules-load.d/k8s.conf /etc/sysctl.d/k8s.conf /etc/yum.repos.d/kubernetes.repo |
