多服务上线日记一:
由于本地服务太多了,打算选个服务器,全部给上线了
curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh
权限隔离:
# 1. 复制root配置到用户目录
sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
# 2. 修改归属为当前用户ubuntu
sudo chown ubuntu:ubuntu ~/.kube/config
# 3. 锁定文件权限
chmod 600 ~/.kube/config
# 4. 永久指定kubectl只读取这个文件,不再去/etc/rancher
echo 'export KUBECONFIG=$HOME/.kube/config' >> ~/.bashrc
# 生效环境变量
source ~/.bashrc
查询集群主服务状态:
kubectl get nodes
查询pod容器创建情况:
sudo kubectl get pods -A
下载docker----------------------------------------
# 清理旧容器相关包
sudo apt remove -y docker.io docker-doc docker-compose podman-docker containerd runc
sudo apt autoremove -y
sudo apt clean
# 安装依赖
sudo apt update
sudo apt install -y ca-certificates curl gnupg lsb-release
# 导入腾讯云docker密钥
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://mirrors.tencent.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
# 添加腾讯云docker源
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] Index of linux/ubuntu/ $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# 安装docker全套(自带buildx=内置BuildKit)
sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
# 配置国内镜像加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<'EOF'
{
"registry-mirrors": [
"https://mirror.ccs.tencentyun.com",
"毫秒镜像 - 国内Docker镜像加速下载平台 | 容器镜像仓库极速拉取服务",
"GitHub - DaoCloud/public-image-mirror: 很多镜像都在国外。比如 gcr 。国内下载很慢,需要加速。致力于提供连接全世界的稳定可靠安全的容器镜像服务。 · GitHub"
]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
# 当前用户免sudo用docker
sudo usermod -aG docker $USER
newgrp docker
build 镜像:
docker build -t ***-web:latest .
docker images | grep ***-web
导入 k3s
docker save ***-web:latest | sudo k3s ctr images import -
sudo k3s ctr images ls | grep ***-web