zoukankan      html  css  js  c++  java

  • Openshift创建Router和Registry

    Openshift创建Router和Registry:

    [root@DockerServer openshift]# oadm policy add-scc-to-user privileged system:serviceacount:default:router

    scc "privileged" added to: ["system:serviceacount:default:router"]

    [root@DockerServer openshift]# oadm policy add-scc-to-user hostnetwork system:serviceaccount:default:router

    scc "hostnetwork" added to: ["system:serviceaccount:default:router"]

    [root@DockerServer openshift]# oadm policy add-scc-to-user privileged system:serviceaccount:default:router

    scc "privileged" added to: ["system:serviceaccount:default:router"]

    [root@DockerServer openshift]# oadm router router --replicas=1 --service-account=router

    info: password for stats user admin has been set to gEpwLc6BC4

    --> Creating router router ...

        serviceaccount "router" created

        clusterrolebinding "router-router-role" created

        deploymentconfig "router" created

        service "router" created

    --> Success

    Same way:

    [root@DockerServer openshift]# oadm policy add-scc-to-user privileged -z router

    scc "privileged" added to: ["system:serviceaccount:default:router"]

    [root@DockerServer openshift]# oc adm policy add-scc-to-user hostnetwork -z router

    scc "hostnetwork" added to: ["system:serviceaccount:default:router"]

    [root@DockerServer openshift]# oc get pod -n default

    NAME             READY     STATUS    RESTARTS   AGE

    router-1-bd6f2   1/1       Running   0          4m

    [root@DockerServer openshift]# ss -ltn|egrep -w "80|443"

    LISTEN     0      128          *:80                       *:*

    LISTEN     0      128          *:443                      *:*

    [root@DockerServer openshift]# oadm registry --config=/opt/openshift/openshift.local.config/master/admin.kubeconfig --service-account=registry

    --> Creating registry registry ...

        serviceaccount "registry" created

        clusterrolebinding "registry-registry-role" created

        deploymentconfig "docker-registry" created

        service "docker-registry" created

    --> Success

    [root@DockerServer openshift]# oc get pod

    NAME                      READY     STATUS    RESTARTS   AGE

    docker-registry-1-2kqtb   1/1       Running   0          1m

    router-1-bd6f2            1/1       Running   0          29m

    [root@DockerServer openshift]# vi /etc/sysconfig/docker

    OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --registry-mirror=https://docker.mirrors.ustc.edu.cn --insecure-registry=172.30.0.0/16'

    [root@DockerServer openshift]# systemctl restart docker
  • 相关阅读:
    干货分享:如何使用Kubernetes的Ingress API
    十年OpenStack Ussuri最新版发布 主要改进在可靠性、安全性和用例支持等方面
    如何更好地优化容器的创建?这些技巧你务必收藏
    Kubernetes是容器化微服务的圣杯么?
    微服务是否真的需要服务网格?
    ZOOM火速收购加密公司Kaybase 能否补齐安全短板?
    5个实例告诉您:如何实施成功的容器化多云策略
    新基建火了,开源云计算渠道能做什么?
    盘点6个Kubernetes监视工具
    掌握这10种方法帮你快速在Linux上分析二进制文件
  • 原文地址:https://www.cnblogs.com/AK47Sonic/p/9000785.html
Copyright © 2011-2022 走看看