Dockerfile里执行apt-key会报错apt-key output should not be parsed解决:RUN APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key xxx
vi /etc/docker/daemon.json{“ipv6”:false}:wqsystemctl restart docker
Dockerfile安装miniconda3.6:RUN wget https://repo.anaconda.com/miniconda/Miniconda-3.6.0-Linux-x86_64.sh \ && bash Miniconda-3.6.0-Linux-x86_64.sh -b -p /miniconda \ && rm Miniconda-3.6.
Docker报错fs.inotify.max_user_watches no space left解决报错:ERROR:No space left on device or fs.inotify.max_user_watches分析:Inotify用于监视文件系统事件,可监视的文件有个上限值之前在dockerfile里有添加RUN sysctl fs.inotify.max_user_watche
Dockerfiler输入交互问答如下面安装MinicondaRUN sh -c '/bin/echo -e "\nyes\n\yes" | sh /opt/Miniconda3-py38_4.11.0-Linux-x86_64.sh'
回退coredns版本:kubectl edit deploy coredns -n kube-system修改里面的版本号
vi pcv-volume.yamlapiVersion: v1kind: PersistentVolumeClaimmetadata: name: pvc-volumespec: accessModes: - ReadWriteOnce resources:&nbs
volume pv yaml:vi volume.yamlapiVersion: v1kind: PersistentVolumemetadata: name: example-pvspec: capacity: storage: 1Gi accessMod
注:ingress的作用:通过某ip/域名+端口可以访问pod的服务,或者通过某ip/域名的不同端口实现多个服务(比如多个都是80的服务)的访问。 vi ingress.yamlapiVersion: networking.k8s.io/v1kind: Ingressmetadata: name: pin namespac
得到1个yaml文件(可基于该yaml做修改):kubectl run aa --image=nginx --dry-run=client -o yaml > aa.yamlcat aa.yaml
cordon:将节点设置为不可调度 (已有pod不动)drain:将节点设置为不可调度并将上面pod平滑迁到其它nodeuncordon:将节点恢复为可调度
查看pod logkubectl logs aa (aa为pod名)
查看pods的cpu负载:kubectl top pods -l name=cpu-loader
升级kubeadm版本:先将master上的docker容器迁走:kubectl drain k8s01apt-cache madison kubeadmapt-get install -y --allow-change-held-packages kubeadm=1.22.5-00kubeadm versionkubectl get nodeskubeadm upgrade plankubead
etcd备份还原:备份:http备份: etcdctl --endpoints http://10.0.0.4:2379 snapshot save ./etcd.db https备份:etcdctl --endpoints https://10.0.0.4:2379 --cacert /root/ca.crt --cert /root/server.crt --key /root/sever
指定pod到特定node yaml示例注:1、通过命令得到yaml2、添加nodeSelector配置kubectl run nginx-kus --image=nginx --dry-run=client -o yaml > nginx-kus.yaml vi nginx-kus.yamlapiVersion: v1kind: Podmetadata: labels
修改deployment副本数:查看deployment名字(后面乱码部分去掉) kubectl get podskubectl edit deployment xxx (xxx为去掉乱码后的部分)replicas: 5 :wq确认(看下deployment的pod数量): kubectl get pods
Clusterrole yaml示例注:1、创建1个clusterrole(有新建daemonsets、deployments、statefulsets的权限)2、创建1个namespace的serviceaccount(sa)账号3、将账号和role关联vi clusterrole.yamlkind: ClusterRolemetadata: name: deploym
出入站(NetworkPolicy)yaml示例:注:1、该policy属于internal namespace2、允许internal namespace的pod访问echo namespace的803、不允许其它namespace访问internal namespace的所有podvi allow-port-to-namespace.yamlapiVersion: networki
kubectl drain node02 --ignore-daemonsets kubectl drain node02 --ignore-daemonsets --force
使用service暴露应用端口yaml示例:注:1、作用:通过ClusterIP访问应用2、通过app名匹配对应容器3、port和targetport不要搞反了vi nginx_svc.yamlapiVersion: v1kind: Servicemetadata: name: nginx-svcspec: selector: &nb
mysql
nginx
k8s
Dockerfile install miniconda: RUN apt-get updateRUN apt-get install -y wget gcc g++RUN apt-get install -y gnupgRUN wget https://repo.anaconda.com/miniconda/Miniconda-3.6.0-Linux-x86_64.sh \ &&am
harbor仓库复制同步 注:2台harbor,一主一从(也可以多从) 从配置: 配置docker接受主harbor不安全证书 # vi /etc/docker/daemon.json { "insecure-registries":["xxx.ming.com"]} # /etc/init.d/docker reload (不用重启docker) 打开从harbor页面—系统管理 仓库管理—
Ubuntu 20.04搭建harbor # vi /etc/apt/sources.list deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable:wq# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
docker容器跨主机互通:主机1:# apt-get install bridge-utils# brctl addbr br0# ifconfig br0 10.0.1.50 netmask 255.255.255.0# brctl addif br0 eno1后2步需要到ilo上操作(因为此时网络已经不通了,没法ssh连接)# ip addr del 10.0.1.50 dev eno1
Ubuntu16调整docker数据路径:注:docker默认数据路径为/var/lib/docker,占用的系统盘空间,我们需要改为/space/docker,迁到数据盘下。先按正常安装dockersystemctlstopdockerrsync-av--progress/var/lib/docker/space/vi/etc/systemd/system/multi-user.target.w
dockerfile调整sh为bash:RUNecho"dashdash/shbooleanfalse"|debconf-set-selectionsRUNDEBIAN_FRONTEND=noninteractivedpkg-reconfiguredash
Copyright © 2005-2025 51CTO.COM 版权所有 京ICP证060544号
