一、安装harbor
https://github.com/docker/compose/releases/download/v2.32.2/docker-compose-linux-x86_64
#docker-compose-linux-x86_64改docker-compose 放到/usr/local/bin/二、安装docker
sudo yum update -y
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
#添加docker仓库
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
#安装docker CE社区版
# 列出可用版本
yum list docker-ce --showduplicates | sort -r
# 安装指定版本,例如 20.10.10
sudo yum install -y docker-ce-20.10.10 docker-ce-cli-20.10.10 containerd.io
#安装最新版
sudo yum install -y docker-ce docker-ce-cli containerd.io
#启动
sudo systemctl start docker
sudo systemctl enable docker直接运行sudo ./install.sh
支持http
默认拉取、推送到镜像仓库要使用https , 由于我们这里没有https,需要用http , 所以我们要在deploy-server.com服务器上执行如下
$ echo '{"insecure-registries":["192.168.3.20:8077"] }' >> /etc/docker/daemon.json
三、秘钥
mkdir /opt/cert && cd /opt/cert#创建admin-csr.json(kubernetes)
cat > admin-csr.json << EOF
{
"CN":"admin",
"key":{
"algo":"rsa",
"size":2048
},
"names":[
{
"C":"CN",
"L":"BeiJing",
"ST":"BeiJing",
"O":"system:masters",
"OU":"System"
}
]
}
EOF#下载工具和添加执行权限
wget https://pkg.cfssl.org/R1.2/cfssl_linux-amd64
wget https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64
chmod +x cfssljson_linux-amd64
chmod +x cfssl_linux-amd64
#移动到/usr/local/bin
mv cfssljson_linux-amd64 cfssljson
mv cfssl_linux-amd64 cfssl
mv cfssljson cfssl /usr/local/bin#创建证书私钥
cfssl gencert -ca=/etc/kubernetes/pki/ca.crt -ca-key=/etc/kubernetes/pki/ca.key --profile=kubernetes admin-csr.json | cfssljson -bare admin#配置证书(kubernetes)
openssl pkcs12 -export -out ./jenkins-admin.pfx -inkey ./admin-key.pem -in ./admin.pem -passout pass:123456
[root@master01 cert]# kubectl create secret generic kubeconfig --from-file=/root/.kube/config
secret/kubeconfig created
评论 (0)