Category: Kubernetes
脱坑: Amazon EFS CSI 驱动程序
首先,通过 Provision an EKS Cluster (AWS) 这篇文章,可以快捷的利用 terraform 在AWS 上部署一套 EKS。 如果想使用 pvc 和 pv,我们还需要给 K8s 安装 CSI 驱动。 AWS 给了我们一偏很详尽的安装说明: https://docs.amazonaws.cn/eks/latest/userguide/efs-csi.html 但是,我真心不知道有多少朋友能一次性就安装成功的。 为了方便管理和部署,我把 efs csi 安装过程 翻译成了 terraform 语义, 作为 Provision an EKS Cluster (AWS) 的补充 1. 创建 IAM 策略和角色 resource "aws_iam_policy" "policy" { name = "${local.cluster_name}_EKS_EFS_CSI_Driver_Policy" description = "A test policy" # Terraform's…
从私有仓库拉取镜像
参考文献: https://kubernetes.io/zh/docs/tasks/configure-pod-container/pull-image-private-registry/ 在集群中创建保存授权令牌的 Secret Create Secret kubectl create secret docker-registry yyy-regcred \ –docker-server=registry.cn-hangzhou.aliyuncs.com \ –docker-username=****@aliyun.com \ –docker-password=**** \ –docker-email=****@aliyun.com ## output -> secret/yyy-regcred created 获取凭证 kubectl get secret yyy-regcred –output="jsonpath={.data.\.dockerconfigjson}" | base64 –decode 输出和下面类似: {"auths":{"registry.cn-hangzhou.aliyuncs.com":{"username":"****@aliyun.com","password":"****","email":"****@aliyun.com","auth":"****"}}} Store Secret to .dockerconfigjson file 在 kustomization.yaml 中使用它 apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: – backend/deployment.yaml secretGenerator: – name: regcred files:…
阿里云测试 MicroK8s 笔记
资料收集: https://stackoverflow.com/questions/63974879/microk8s-metallb-ingress-nginx-how-to-route-external-traffic https://pacroy.medium.com/single-node-kubernetes-on-home-lab-using-microk8s-metallb-and-traefik-7bb1ea38fcc2 SSL: https://stackoverflow.com/questions/67430592/how-to-setup-letsencrypt-with-kubernetes-microk8s-using-default-ingress 验证: 2021-06-24 kubectl remote control get config microk8s kubectl config view –raw > $HOME/.kube/config save the config file to local $HOME/.kube/config 设置端口转发 ## minikube is my remote server ip address ssh -fNT -L 16443:127.0.0.1:16443 microkube now: kubectl get node (base) ➜ .kube kubectl get nodes -o wide NAME STATUS ROLES…