1、创建私有仓库Secret
kubectl create secret docker-registry hubregistry --docker-server=hub.pascall.xyz --docker-username=username --docker-password=password --docker-email=email
注:私有镜像仓库需要支持https,hubregistry:是该secret的名字
2.创建service和deployment
apiVersion: apps/v1 kind: Deployment metadata: name: index-pascall-deployment labels: app: index-pascall spec: replicas: 1 selector: matchLabels: app: index-pascall template: metadata: labels: app: index-pascall spec: containers: - name: index-pascall image: hub.pascall.xyz/admin/index imagePullPolicy: Always ports: - containerPort: 80 volumeMounts: - name: "nginx-nfs" mountPath: "/usr/share/nginx/html" volumes: # 挂载aliyun的nas - name: "nginx-nfs" nfs: path: /share/nginx server: 17b3c4984c-kbo93.cn-beijing.nas.aliyuncs.com imagePullSecrets: - name: hubregistry # 第一步创建的secret --- apiVersion: v1 kind: Service metadata: name: index-pascall-service spec: selector: app: index-pascall type: NodePort ports: - protocol: TCP port: 80 targetPort: 80 nodePort: 30001
3.调试已经启动的svc连接,这里调试mysql服务
kubectl run -it --image=busybox:1.28.4 --rm --restart=Never bash # 进入启动的busybox,结束时会自动销毁
# 查看svc的访问域名 nslookup mysql # mysql为service的名称,得到如下结果,因此在容器中可以通过第二个域名访问其他service服务 # Server: 10.1.0.10 # Address 1: 10.1.0.10 kube-dns.kube-system.svc.cluster.local # Name: mysql # Address 1: 10.1.137.92 mysql.default.svc.cluster.local # 测试mysql服务是否能正常访问 telnet mysql.default.svc.cluster.local 3306
exit; # 退出启动的busybox容器,该容器所在的pod会自动销毁