• kubernetes集群:nexus搭建docker私有仓库及使用

     k8s集群已经搭建好。包括nginx-ingress也已经做好,nfs挂载已经做好。具体请见笔记:https://www.cnblogs.com/zoujiaojiao/p/12515917.html

    环境说明:

    下面看k8s集群中,搭建Nexus:

    1. 创建yaml文件目录:

    #mkdir /opt/nexus

    2. 创建命名空间

    vim repo-nexus-ns.yaml

    apiVersion: v1
kind: Namespace
metadata:
   name: repo-nexus
   labels:
     name: repo-nexus

    启用:kubectl apply -f repo-nexus-ns.yaml

    3. 创建PV和PVC

    cat >repo-nexus-data.yaml <<EOF
---
# pv

apiVersion: v1
kind: PersistentVolume
metadata:
  name: repo-nexus-pv
spec:
  capacity:
    storage: 50Gi
  accessModes:
    - ReadWriteMany
  nfs:
       server: 10.10.4.85
       path: "/data/repo-nexus"

---
# pvc

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: repo-nexus-pvc
  namespace: repo-nexus
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: ""
  resources:
    requests:
      storage: 50Gi
EOF

    在nfs服务器10.10.4.85上创建目录:# mkdir /data/repo-nexus/

    启用:kubectl create -f repo-nexus-data.yaml

    4.部署nexus。下面的文件是解决了所有问题后的最终版配置。

    cat >repo-nexus.yaml <<EOF
---
# deployment

kind: Deployment
apiVersion: apps/v1
metadata:
  labels:
    app: repo-nexus
  name: repo-nexus
  namespace: repo-nexus
spec:
  replicas: 1
  selector:
    matchLabels:
      app: repo-nexus
  template:
    metadata:
      labels:
        app: repo-nexus
    spec:
      containers:
        - name: repo-nexus
          image: sonatype/nexus3:latest
          imagePullPolicy: IfNotPresent
          resources:
            limits:
              memory: "4Gi"
              cpu: "1000m"
            requests:
              memory: "2Gi"
              cpu: "500m"
          ports:
          - containerPort: 8081   #作为nexus服务端口
            protocol: TCP
          - containerPort: 6000   #作为docker私库的端口
            protocol: TCP
          volumeMounts:
          - name: repo-nexus-data
            mountPath: /nexus-data
      volumes:
        - name: repo-nexus-data
          persistentVolumeClaim:
            claimName: repo-nexus-pvc

---
# service

kind: Service
apiVersion: v1
metadata:
  labels:
    app: repo-nexus
  name: repo-nexus
  namespace: repo-nexus
spec:
  ports:
    - port: 8081
      targetPort: 8081
      name: repo-base
    - port: 6000
      targetPort: 6000
      name: repo-docker
  selector:
    app: repo-nexus

---
# ingress

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/proxy-body-size: "1024m"    #后面有做解释,上传文件大小限制,是遇到问题后添加的
    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
    kubernetes.io/tls-acme: 'true'
  name: repo-nexus
  namespace: repo-nexus
spec:
  rules:
  - host: nexus.vonedao.com   #nexus私库
    http:
      paths:
      - path: /
        backend:
          serviceName: repo-nexus
          servicePort: 8081
  - host: docker.vonedao.com   #docker私库
    http:
      paths:
      - path: /
        backend:
          serviceName: repo-nexus
          servicePort: 6000
EOF

    部署应用:kubectl apply -f repo-nexus.yaml

    查看:

    kubectl get svc,pod,ingress -n repo-nexus -o wide

    访问:

    由于是私网搭建,域名都是非正式的,需要在win机器hosts里指定ingress地址到该域名:

    访问,第一次访问会要求你填入账户admin和密码,密码会在你挂载的文件中/data/repo-nexus/admin.password中。初次登录后,需要修改密码。

    在nexus上创建docker仓库:

    1. 添加Blob stores

     添加Repositories:

     

     查看仓库:

     暂时为空的仓库:

    给docker配置私库后,重启docker,然后登录:

    # cat /etc/docker/daemon.json 
{"registry-mirrors": ["http://295c6a59.m.daocloud.io"],"insecure-registries":["http://docker.vonedao.com"]}
    # systemctl restart docker

    输入admin 账户,和你修改过的密码。

     

     

    上传文件的大小超出了 Nginx 允许的最大值,如果没有配置的话,默认是1M;

    修改repo-nexus.yaml:

    # ingress

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/proxy-body-size: "1024m"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
    kubernetes.io/tls-acme: 'true'
  name: repo-nexus
  namespace: repo-nexus

    添加了下面几个配置:

      annotations:
       #客户端上传文件,最大大小
    nginx.ingress.kubernetes.io/proxy-body-size: "1024m"
       #后端服务器响应超时时间
    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
       #后端服务器回转数据超时时间
        nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
    更新nexus:
    # kubectl apply -f repo-nexus.yaml 


    重新上传:
    # docker tag b2428543fab0 docker.vonedao.com/bases/jenkins:lts
    # docker push docker.vonedao.com/bases/jenkins:lts

     登录服务器检查:

     其他服务器配置仓库,重启docker:

     

    使用Maven插件快捷打包发布远程Docker镜像

    在使用使用Maven 插件docker-maven-plugin 打包推送镜像的时候报错:

    Failed to execute goal io.fabric8:docker-maven-plugin:0.32.0:build 
    (default-cli) on project vonedao-auth: Unable to pull 
    'java:8-jre' from registry 'docker.vonedao.com' : 
    {"message":"Get http://docker.vonedao.com/v2/java/manifests/8-jre: no basic auth credentials"} 
    (Internal Server Error: 500) ->

    由于我们使用的是nexus,nexus做以下配置下:
  • 相关阅读:
    HDOJ 1220 Cube
    LCIS(m*n) 最长公共上升子序列
    第二百九十七天 how can I 坚持
    第二百九十六天 how can I 坚持
    第二百九十五天 how can i 坚持
    第二百九十四天 how can I 坚持
    第二百九十三天 how can I 坚持
    第二百九十、一、二天 how can I 坚持
    第二百八十九天 how can I 坚持
    第二百八十八天 how can I坚持
  • 原文地址:https://www.cnblogs.com/zoujiaojiao/p/12468670.html
Copyright © 2020-2023  润新知