首页
导航
统计
留言
更多
壁纸
直播
关于
推荐
星的魔法
星的导航页
谷歌一下
镜像国内下载站
大模型国内下载站
docker镜像国内下载站
腾讯视频
Search
1
Ubuntu安装 kubeadm 部署k8s 1.30
219 阅读
2
kubeadm 部署k8s 1.30
134 阅读
3
rockylinux 9.3详细安装drbd
131 阅读
4
rockylinux 9.3详细安装drbd+keepalived
122 阅读
5
ceshi
82 阅读
默认分类
日记
linux
docker
k8s
ELK
Jenkins
Grafana
Harbor
Prometheus
Cepf
k8s安装
Gitlab
traefik
sonarqube
OpenTelemetry
MinIOn
Containerd进阶使用
ArgoCD
golang
Git
Python
Web开发
HTML和CSS
JavaScript
对象模型
公司
登录
/
注册
Search
标签搜索
k8s
linux
docker
drbd+keepalivde
ansible
dcoker
webhook
星
累计撰写
117
篇文章
累计收到
940
条评论
首页
栏目
默认分类
日记
linux
docker
k8s
ELK
Jenkins
Grafana
Harbor
Prometheus
Cepf
k8s安装
Gitlab
traefik
sonarqube
OpenTelemetry
MinIOn
Containerd进阶使用
ArgoCD
golang
Git
Python
Web开发
HTML和CSS
JavaScript
对象模型
公司
页面
导航
统计
留言
壁纸
直播
关于
推荐
星的魔法
星的导航页
谷歌一下
镜像国内下载站
大模型国内下载站
docker镜像国内下载站
腾讯视频
搜索到
115
篇与
的结果
2025-08-13
redis集群部署
一、关闭防火墙sudo systemctl stop firewalld sudo systemctl disable firewalld二、修改配置文件[root@rabbit2 redis]# cat docker-compose.yaml version: '3.3' services: redis6001: image: redis:6.2.6 container_name: redis6001 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6001/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6001/data:/data ports: - "6001:6001" - "16001:16001" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6002: image: redis:6.2.6 container_name: redis6002 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6002/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6002/data:/data ports: - "6002:6002" - "16002:16002" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6003: image: redis:6.2.6 container_name: redis6003 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6003/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6003/data:/data ports: - "6003:6003" - "16003:16003" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6004: image: redis:6.2.6 container_name: redis6004 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6004/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6004/data:/data ports: - "6004:6004" - "16004:16004" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6005: image: redis:6.2.6 container_name: redis6005 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6005/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6005/data:/data ports: - "6005:6005" - "16005:16005" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6006: image: redis:6.2.6 container_name: redis6006 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6006/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6006/data:/data ports: - "6006:6006" - "16006:16006" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' networks: app_net: external: true [root@rabbit2 redis]# cat redis-cluster.tmpl # redis端口 port ${PORT} #redis 访问密码 requirepass 7hGtW#eCx5#Pu#FXRf#gFHSo #redis 访问Master节点密码 masterauth 7hGtW#eCx5#Pu#FXRf#gFHSo # 关闭保护模式 protected-mode no # 开启集群 cluster-enabled yes # 集群节点配置 cluster-config-file nodes.conf # 超时 cluster-node-timeout 5000 # 集群节点IP host模式为宿主机IP cluster-announce-ip 192.168.30.25 # 集群节点端口,bus-port比port大1000 cluster-announce-port ${PORT} cluster-announce-bus-port 1${PORT} # 开启 appendonly 备份模式 appendonly yes # 每秒钟备份 appendfsync everysec # 对aof文件进行压缩时,是否执行同步操作 no-appendfsync-on-rewrite no # 当目前aof文件大小超过上一次重写时的aof文件大小的100%时会再次进行重写 auto-aof-rewrite-percentage 100 # 重写前AOF文件的大小最小值 默认 64mb auto-aof-rewrite-min-size 64mb # 日志配置 # debug:会打印生成大量信息,适用于开发/测试阶段 # verbose:包含很多不太有用的信息,但是不像debug级别那么混乱 # notice:适度冗长,适用于生产环境 # warning:仅记录非常重要、关键的警告消息 loglevel notice # 日志文件路径 logfile "/data/redis.log" [root@rabbit2 redis]# cat redis-cluster-config.sh for port in `seq $1 $2`; do \ mkdir -p ./${port}/conf \ && PORT=${port} envsubst < ./redis-cluster.tmpl > ./${port}/conf/redis.conf \ && mkdir -p ./${port}/data; \ done 三、加入集群[root@rabbit2 redis]# bash ./redis-cluster-config.sh 6001 6006 [root@rabbit2 redis]# ls 6001 6002 6003 6004 6005 6006 docker-compose.yaml redis-cluster-config.sh redis-cluster.tmpl [root@rabbit2 redis]# chmod -R +777 ./6001 [root@rabbit2 redis]# chmod -R +777 ./6002 [root@rabbit2 redis]# chmod -R +777 ./6003 [root@rabbit2 redis]# chmod -R +777 ./6004 [root@rabbit2 redis]# chmod -R +777 ./6005 [root@rabbit2 redis]# chmod -R +777 ./6006 [root@rabbit2 redis]# ls 6001 6002 6003 6004 6005 6006 docker-compose.yaml redis-cluster-config.sh redis-cluster.tmpl [root@rabbit2 redis]# vi redis-cluster.tmpl [root@rabbit2 redis]# port ${PORT} -bash: port: command not found [root@rabbit2 redis]# vi docker-compose.yaml [root@rabbit2 redis]# vi redis-cluster.tmpl [root@rabbit2 redis]# docker-compose down [root@rabbit2 redis]# docker-compose up -d [+] Running 6/7 ⠋ Network redis_default Created 1.1s ✔ Container redis6001 Started 0.8s ✔ Container redis6003 Started 1.0s ✔ Container redis6002 Started 1.0s ✔ Container redis6005 Started 0.5s ✔ Container redis6004 Started 0.9s ✔ Container redis6006 Started 0.8s [root@rabbit2 redis]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5b8722bbcb37 redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6004->6004/tcp, [::]:6004->6004/tcp, 0.0.0.0:16004->16004/tcp, [::]:16004->16004/tcp, 6379/tcp redis6004 e1e91fded2ad redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6005->6005/tcp, [::]:6005->6005/tcp, 0.0.0.0:16005->16005/tcp, [::]:16005->16005/tcp, 6379/tcp redis6005 f9010b959cd1 redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6001->6001/tcp, [::]:6001->6001/tcp, 0.0.0.0:16001->16001/tcp, [::]:16001->16001/tcp, 6379/tcp redis6001 258f08b79453 redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6003->6003/tcp, [::]:6003->6003/tcp, 0.0.0.0:16003->16003/tcp, [::]:16003->16003/tcp, 6379/tcp redis6003 04d79831176e redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6006->6006/tcp, [::]:6006->6006/tcp, 0.0.0.0:16006->16006/tcp, [::]:16006->16006/tcp, 6379/tcp redis6006 ef30d93d3223 redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6002->6002/tcp, [::]:6002->6002/tcp, 0.0.0.0:16002->16002/tcp, [::]:16002->16002/tcp, 6379/tcp redis6002 f1bdda1a4069 redis:6.2.6 "docker-entrypoint.s…" 12 minutes ago Up 12 minutes 6379/tcp relaxed_mayer b4dab98879a6 rabbitmq:3.9.0-management "docker-entrypoint.s…" About an hour ago Up 59 minutes rabbitmq [root@rabbit2 redis]# docker run -it --rm --network host redis:6.2.6 \ redis-cli -a '7hGtW#eCx5#Pu#FXRf#gFHSo' --cluster create \ 192.168.30.25:6001 192.168.30.25:6002 192.168.30.25:6003 \ 192.168.30.25:6004 192.168.30.25:6005 192.168.30.25:6006 \ --cluster-replicas 1 Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe. >>> Performing hash slots allocation on 6 nodes... Master[0] -> Slots 0 - 5460 Master[1] -> Slots 5461 - 10922 Master[2] -> Slots 10923 - 16383 Adding replica 192.168.30.25:6005 to 192.168.30.25:6001 Adding replica 192.168.30.25:6006 to 192.168.30.25:6002 Adding replica 192.168.30.25:6004 to 192.168.30.25:6003 >>> Trying to optimize slaves allocation for anti-affinity [WARNING] Some slaves are in the same host as their master M: 50654b9d91a28d7ed8e9327cbd218b40d05e0135 192.168.30.25:6001 slots:[0-5460] (5461 slots) master M: ee12edf412044f81ce55b93b686505c300e121f7 192.168.30.25:6002 slots:[5461-10922] (5462 slots) master M: 1fe3b80e312eea1fec18c41712295f5d623debd7 192.168.30.25:6003 slots:[10923-16383] (5461 slots) master S: 95301b0852b5239991119c10dd06b1bf0d96268f 192.168.30.25:6004 replicates ee12edf412044f81ce55b93b686505c300e121f7 S: d0d9ebbddd63acc4675634f67358ee0e214598dc 192.168.30.25:6005 replicates 1fe3b80e312eea1fec18c41712295f5d623debd7 S: 8a62664439a5be16439d3b293f5a9ca2b7be09a7 192.168.30.25:6006 replicates 50654b9d91a28d7ed8e9327cbd218b40d05e0135 Can I set the above configuration? (type 'yes' to accept): yes >>> Nodes configuration updated >>> Assign a different config epoch to each node >>> Sending CLUSTER MEET messages to join the cluster Waiting for the cluster to join . >>> Performing Cluster Check (using node 192.168.30.25:6001) M: 50654b9d91a28d7ed8e9327cbd218b40d05e0135 192.168.30.25:6001 slots:[0-5460] (5461 slots) master 1 additional replica(s) S: 8a62664439a5be16439d3b293f5a9ca2b7be09a7 192.168.30.25:6006 slots: (0 slots) slave replicates 50654b9d91a28d7ed8e9327cbd218b40d05e0135 M: ee12edf412044f81ce55b93b686505c300e121f7 192.168.30.25:6002 slots:[5461-10922] (5462 slots) master 1 additional replica(s) M: 1fe3b80e312eea1fec18c41712295f5d623debd7 192.168.30.25:6003 slots:[10923-16383] (5461 slots) master 1 additional replica(s) S: d0d9ebbddd63acc4675634f67358ee0e214598dc 192.168.30.25:6005 slots: (0 slots) slave replicates 1fe3b80e312eea1fec18c41712295f5d623debd7 S: 95301b0852b5239991119c10dd06b1bf0d96268f 192.168.30.25:6004 slots: (0 slots) slave replicates ee12edf412044f81ce55b93b686505c300e121f7 [OK] All nodes agree about slots configuration. >>> Check for open slots... >>> Check slots coverage... [OK] All 16384 slots covered. [root@rabbit2 redis]# [root@rabbit2 redis]# [root@rabbit2 redis]# docker run -it --rm redis:6.2.6 redis-cli -a '7hGtW#eCx5#Pu#FXRf#gFHSo' -h 192.168.30.25 -p 6001 cluster info Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe. cluster_state:ok cluster_slots_assigned:16384 cluster_slots_ok:16384 cluster_slots_pfail:0 cluster_slots_fail:0 cluster_known_nodes:6 cluster_size:3 cluster_current_epoch:6 cluster_my_epoch:1 cluster_stats_messages_ping_sent:539 cluster_stats_messages_pong_sent:531 cluster_stats_messages_sent:1070 cluster_stats_messages_ping_received:526 cluster_stats_messages_pong_received:539 cluster_stats_messages_meet_received:5 cluster_stats_messages_received:1070
2025年08月13日
7 阅读
0 评论
0 点赞
2025-08-12
rabbitmq安装
一、配置docker加速cat > /etc/docker/daemon.json <<EOF { "registry-mirrors": ["https://15.164.211.114:6443"], "insecure-registries": ["15.164.211.114:6443"], "exec-opts": ["native.cgroupdriver=systemd"] } EOF# 重启Docker服务 systemctl daemon-reload && systemctl restart docker二、准备配置文件和集群规划hostnamectl set-hostname 主机名[root@rabbit1 mq]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.30.24 rabbit1 192.168.30.25 rabbit2 192.168.30.26 rabbit3#关闭防火墙 sudo systemctl stop firewalld sudo systemctl disable firewalld#主节点 [root@rabbit1 mq]# cat docker-compose.yml version: '3.3' services: rabbitmq: image: rabbitmq:3.9.0-management container_name: rabbitmq restart: always privileged: true network_mode: "host" hostname: rabbit1 environment: RABBITMQ_NODENAME: "rabbit@rabbit1" volumes: - ./data:/var/lib/rabbitmq - ./logs:/var/log/rabbitmq - ./config/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf - ./config/definitions.json:/etc/rabbitmq/definitions.json - ./config/.erlang.cookie:/var/lib/rabbitmq/.erlang.cookie - ./custom_plugins:/plugins/custom [root@rabbit1 mq]# cat ./config/rabbitmq.conf # Config for rabbit1 listeners.tcp.default = 5672 management.tcp.port = 15672 management.tcp.ip = 0.0.0.0 loopback_users.guest = false log.file.level = info [root@rabbit1 mq]# cat ./config/definitions.json { "users": [{ "name": "admin", "password": "7UKMq2UWj4PmTWd6zjMX", "tags": "administrator" }], "vhosts": [{ "name": "/" }], "permissions": [{ "user": "admin", "vhost": "/", "configure": ".*", "write": ".*", "read": ".*" }] } echo "MY_RABBITMQ_CLUSTER_SECRET" | tr -d '\n' > /root/mq/config/.erlang.cookie chmod 600 /root/mq/config/.erlang.cookie#准备好插件 [root@rabbit1 mq]# ls config custom_plugins data docker-compose.yml logs rabbitmq.tar [root@rabbit1 mq]# ls custom_plugins/ rabbitmq_delayed_message_exchange-3.9.0.ez三、启动#停止 docker-compose down #启动 后面加-d后台启动 docker-compose up #清理缓存慎重 docker system prune -f#启动后要把logs文件夹给权限 chmod -R +777 ./logs/#插件安装 [root@rabbit3 mq]# docker exec -it rabbitmq bash root@rabbit3:/# cp /plugins/custom/rabbitmq_delayed_message_exchange-3.9.0.ez /opt/rabbitmq/plugins/ root@rabbit3:/# rabbitmq-plugins enable rabbitmq_delayed_message_exchange Enabling plugins on node rabbit@rabbit3: rabbitmq_delayed_message_exchange The following plugins have been configured: rabbitmq_delayed_message_exchange rabbitmq_management rabbitmq_management_agent rabbitmq_prometheus rabbitmq_web_dispatch Applying plugin configuration to rabbit@rabbit3... The following plugins have been enabled: rabbitmq_delayed_message_exchange started 1 plugins.四、加入集群从节点加入集群需要改配置文件,然后执行下面加入命令 [root@rabbit3 mq]# cat docker-compose.yml version: '3.3' services: rabbitmq: image: rabbitmq:3.9.0-management container_name: rabbitmq restart: always privileged: true network_mode: "host" hostname: rabbit3 #这里 environment: RABBITMQ_NODENAME: "rabbit@rabbit3" #这里 volumes: - ./data:/var/lib/rabbitmq - ./logs:/var/log/rabbitmq - ./config/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf - ./config/definitions.json:/etc/rabbitmq/definitions.json - ./config/.erlang.cookie:/var/lib/rabbitmq/.erlang.cookie #- ./plugins:/plugins - ./custom_plugins:/plugins/custom[root@rabbit3 mq]# docker exec rabbitmq rabbitmqctl import_definitions /etc/rabbitmq/definitions.json Importing definitions in JSON from a file at "/etc/rabbitmq/definitions.json" ... Successfully started definition import. This process is asynchronous and can take some time. [root@rabbit3 mq]# docker restart rabbitmq rabbitmq [root@rabbit3 mq]# docker exec -it rabbitmq bash root@rabbit3:/# rabbitmqctl stop_app Stopping rabbit application on node rabbit@rabbit3 ... root@rabbit3:/# rabbitmqctl join_cluster rabbit@rabbit1 Clustering node rabbit@rabbit3 with rabbit@rabbit1 root@rabbit3:/# rabbitmqctl start_app Starting node rabbit@rabbit3 ... root@rabbit3:/#
2025年08月12日
4 阅读
0 评论
0 点赞
2025-08-11
runner注册
一、gitlab runner类型shared:运行整个平台项目的作业(gitlab) group:运行特定group下的所有项目的作业(group) specific:运行指定的项目作业(project)二、创建不同类型的runner 2.1shared类型依次点击主页——>管理中心——>CI/CD——>Runner——>新建实例runner#按命令提示输入之后 回车 然后 按自己安装runner的模式 shell还是docker root@k8s-02:~# gitlab-runner register --url http://192.168.30.181 --token glrt-KXvcjZNVMVtCustGF-O3Z286MQp0OjEKdToxCw.01.121vlf8dr Runtime platform arch=amd64 os=linux pid=23285 revision=cc489270 version=18.2.1 Running in system-mode. Enter the GitLab instance URL (for example, https://gitlab.com/): [http://192.168.30.181]: Verifying runner... is valid correlation_id=01K2CM5N1H5TAGE79WMJ9CMDQN runner=KXvcjZNVM Enter a name for the runner. This is stored only in the local config.toml file: [k8s-02]: Enter an executor: docker-windows, docker-autoscaler, instance, shell, ssh, parallels, docker, docker+machine, kubernetes, custom, virtualbox: ERROR: Invalid executor specified Enter an executor: kubernetes, custom, virtualbox, docker-windows, docker-autoscaler, instance, shell, ssh, parallels, docker, docker+machine: ERROR: Invalid executor specified Enter an executor: custom, virtualbox, docker-windows, docker-autoscaler, instance, shell, ssh, parallels, docker, docker+machine, kubernetes: ERROR: Invalid executor specified Enter an executor: custom, virtualbox, docker-windows, docker-autoscaler, instance, shell, ssh, parallels, docker, docker+machine, kubernetes: ERROR: Invalid executor specified Enter an executor: instance, shell, ssh, parallels, docker, docker+machine, kubernetes, custom, virtualbox, docker-windows, docker-autoscaler: ERROR: Invalid executor specified Enter an executor: parallels, docker, docker+machine, kubernetes, custom, virtualbox, docker-windows, docker-autoscaler, instance, shell, ssh: shell Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded! Configuration (with the authentication token) was saved in "/etc/gitlab-runner/config.toml" 2.2group类型依次点击主页——>群组——>指定组——>设置——>构建——>runner——>新建群组runner
2025年08月11日
4 阅读
0 评论
0 点赞
2025-08-08
Rocky Linux 9.3 安装k8s-docker安装
一、固定IP地址#配置 sudo nmcli connection modify ens160 \ ipv4.method manual \ ipv4.addresses 192.168.30.20/24 \ ipv4.gateway 192.168.30.2 \ ipv4.dns "8.8.8.8,8.8.4.4" #更新配置 sudo nmcli connection down ens160 && sudo nmcli connection up ens160二、配置yum源 2.1备份现有仓库配置文件#sudo mkdir /etc/yum.repos.d/backup #sudo mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/backup/ 直接执行下面的2.2修改仓库配置文件# 使用阿里云推荐的配置方法 sudo sed -e 's!^mirrorlist=!#mirrorlist=!g' \ -e 's!^#baseurl=http://dl.rockylinux.org/$contentdir!baseurl=https://mirrors.aliyun.com/rockylinux!g' \ -i /etc/yum.repos.d/Rocky-*.repo2.3清理并重建缓存sudo dnf clean all sudo dnf makecache2.4测试更新sudo dnf update -y三、准备工作 3.1修改主机名hostnamectl set-hostname k8s-01 hostnamectl set-hostname k8s-02 hostnamectl set-hostname k8s-033.2关闭一些服务# 1、关闭selinux sed -i 's#enforcing#disabled#g' /etc/selinux/config setenforce 0 # 2、禁用防火墙,网络管理,邮箱 systemctl disable --now firewalld NetworkManager postfix # 3、关闭swap分区 swapoff -a # 注释swap分区 cp /etc/fstab /etc/fstab_bak sed -i '/swap/d' /etc/fstab3.3sshd服务优化(可以不做)# 1、加速访问 sed -ri 's@^#UseDNS yes@UseDNS no@g' /etc/ssh/sshd_config sed -ri 's#^GSSAPIAuthentication yes#GSSAPIAuthentication no#g' /etc/ssh/sshd_config grep ^UseDNS /etc/ssh/sshd_config grep ^GSSAPIAuthentication /etc/ssh/sshd_config systemctl restart sshd # 2、密钥登录(主机点做):为了让后续一些远程拷贝操作更方便 ssh-keygen ssh-copy-id -i root@k8s-01 ssh-copy-id -i root@k8s-02 ssh-copy-id -i root@k8s-03 #连接测试 [root@m01 ~]# ssh 172.16.1.7 Last login: Tue Nov 24 09:02:26 2020 from 10.0.0.1 [root@web01 ~]#3.4增大文件标识符数量(退出当前会话立即生效)cat > /etc/security/limits.d/k8s.conf <<EOF * soft nofile 65535 * hard nofile 131070 EOF ulimit -Sn ulimit -Hn3.5所有节点配置模块自动加载,此步骤不做的话(kubeadm init时会直接失败)modprobe br_netfilter modprobe ip_conntrack cat >>/etc/rc.sysinit<<EOF #!/bin/bash for file in /etc/sysconfig/modules/*.modules ; do [ -x $file ] && $file done EOF echo "modprobe br_netfilter" >/etc/sysconfig/modules/br_netfilter.modules echo "modprobe ip_conntrack" >/etc/sysconfig/modules/ip_conntrack.modules chmod 755 /etc/sysconfig/modules/br_netfilter.modules chmod 755 /etc/sysconfig/modules/ip_conntrack.modules lsmod | grep br_netfilter3.6同步集群时间# =====================》chrony服务端:服务端我们可以自己搭建,也可以直接用公网上的时间服务器,所以是否部署服务端看你自己 # 1、安装 dnf -y install chrony # 2、修改配置文件 mv /etc/chrony.conf /etc/chrony.conf.bak cat > /etc/chrony.conf << EOF server ntp1.aliyun.com iburst minpoll 4 maxpoll 10 server ntp2.aliyun.com iburst minpoll 4 maxpoll 10 server ntp3.aliyun.com iburst minpoll 4 maxpoll 10 server ntp4.aliyun.com iburst minpoll 4 maxpoll 10 server ntp5.aliyun.com iburst minpoll 4 maxpoll 10 server ntp6.aliyun.com iburst minpoll 4 maxpoll 10 server ntp7.aliyun.com iburst minpoll 4 maxpoll 10 driftfile /var/lib/chrony/drift makestep 10 3 rtcsync allow 0.0.0.0/0 local stratum 10 keyfile /etc/chrony.keys logdir /var/log/chrony stratumweight 0.05 noclientlog logchange 0.5 EOF # 4、启动chronyd服务 systemctl restart chronyd.service # 最好重启,这样无论原来是否启动都可以重新加载配置 systemctl enable chronyd.service systemctl status chronyd.service # =====================》chrony客户端:在需要与外部同步时间的机器上安装,启动后会自动与你指定的服务端同步时间 # 下述步骤一次性粘贴到每个客户端执行即可 # 1、安装chrony dnf -y install chrony # 2、需改客户端配置文件 mv /etc/chrony.conf /etc/chrony.conf.bak cat > /etc/chrony.conf << EOF server 192.168.30.20 iburst driftfile /var/lib/chrony/drift makestep 10 3 rtcsync local stratum 10 keyfile /etc/chrony.key logdir /var/log/chrony stratumweight 0.05 noclientlog logchange 0.5 EOF # 3、启动chronyd systemctl restart chronyd.service systemctl enable chronyd.service systemctl status chronyd.service # 4、验证 chronyc sources -v3.7安装常用软件dnf -y install expect wget jq psmisc vim net-tools telnet yum-utils device-mapper-persistent-data lvm2 git ntpdate chrony bind-utils rsync unzip git3.8查看内核版本要4.4+[root@localhost ~]# grubby --default-kernel /boot/vmlinuz-5.14.0-570.30.1.el9_6.x86_643.8节点安装IPVS# 1、安装ipvsadm等相关工具 dnf -y install ipvsadm ipset sysstat conntrack libseccomp # 2、配置加载 cat > /etc/sysconfig/modules/ipvs.modules <<"EOF" #!/bin/bash ipvs_modules="ip_vs ip_vs_lc ip_vs_wlc ip_vs_rr ip_vs_wrr ip_vs_lblc ip_vs_lblcr ip_vs_dh ip_vs_sh ip_vs_fo ip_vs_nq ip_vs_sed ip_vs_ftp nf_conntrack" for kernel_module in ${ipvs_modules}; do /sbin/modinfo -F filename ${kernel_module} > /dev/null 2>&1 if [ $? -eq 0 ]; then /sbin/modprobe ${kernel_module} fi done EOF chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep ip_vs3.9机器修改内核参数cat > /etc/sysctl.d/k8s.conf << EOF net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 fs.may_detach_mounts = 1 vm.overcommit_memory=1 vm.panic_on_oom=0 fs.inotify.max_user_watches=89100 fs.file-max=52706963 fs.nr_open=52706963 net.ipv4.tcp_keepalive_time = 600 net.ipv4.tcp.keepaliv.probes = 3 net.ipv4.tcp_keepalive_intvl = 15 net.ipv4.tcp.max_tw_buckets = 36000 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp.max_orphans = 327680 net.ipv4.tcp_orphan_retries = 3 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 16384 net.ipv4.ip_conntrack_max = 65536 net.ipv4.tcp_max_syn_backlog = 16384 net.ipv4.top_timestamps = 0 net.core.somaxconn = 16384 EOF # 立即生效 sysctl --system四、安装containerd(所有k8s节点都要做) 自Kubernetes1.24以后,K8S就不再原生支持docker了我们都知道containerd来自于docker,后被docker捐献给了云原生计算基金会(我们安装docker当然会一并安装上containerd)安装方法:centos的libseccomp的版本为2.3.1,不满足containerd的需求,需要下载2.4以上的版本即可,我这里部署2.5.1版本。 rpm -e libseccomp-2.5.1-1.el8.x86_64 --nodeps rpm -ivh libseccomp-2.5.1-1.e18.x8664.rpm #官网已经gg了,不更新了,请用阿里云 # wget http://rpmfind.net/linux/centos/8-stream/Base0s/x86 64/0s/Packages/libseccomp-2.5.1-1.el8.x86_64.rpm wget https://mirrors.aliyun.com/centos/8/BaseOS/x86_64/os/Packages/libseccomp-2.5.1-1.el8.x86_64.rpm cd /root/rpms sudo yum localinstall libseccomp-2.5.1-1.el8.x86_64.rpm -y #rocky 默认版本就是2.5.2 无需执行上面的命令 直接执行下面的命令查看版本 [root@k8s-01 ~]# rpm -qa | grep libseccomp libseccomp-2.5.2-2.el9.x86_64 安装方式一:(基于阿里云的源)推荐用这种方式,安装的是4sudo dnf config-manager --set-enabled powertools # Rocky Linux 8/9需启用PowerTools仓库 sudo dnf install -y yum-utils device-mapper-persistent-data lvm2 #1、卸载之前的 dnf remove docker docker-ce containerd docker-common docker-selinux docker-engine -y #2、准备repo sudo tee /etc/yum.repos.d/docker-ce.repo <<-'EOF' [docker-ce-stable] name=Docker CE Stable - AliOS baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/$releasever/$basearch/stable enabled=1 gpgcheck=1 gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg EOF # 3、安装 sudo dnf install -y containerd.io sudo dnf install containerd* -y配置# 1、配置 mkdir -pv /etc/containerd containerd config default > /etc/containerd/config.toml #为containerd生成配置文件 #2、替换默认pause镜像地址:这一步非常非常非常非常重要 grep sandbox_image /etc/containerd/config.toml sed -i 's/registry.k8s.io/registry.cn-hangzhou.aliyuncs.com\/google_containers/' /etc/containerd/config.toml grep sandbox_image /etc/containerd/config.toml #请务必确认新地址是可用的: sandbox_image="registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6" #3、配置systemd作为容器的cgroup driver grep SystemdCgroup /etc/containerd/config.toml sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/' /etc/containerd/config.toml grep SystemdCgroup /etc/containerd/config.toml # 4、配置加速器(必须配置,否则后续安装cni网络插件时无法从docker.io里下载镜像) #参考:https://github.com/containerd/containerd/blob/main/docs/cri/config.md#registry-configuration #添加 config_path="/etc/containerd/certs.d" sed -i 's/config_path\ =.*/config_path = \"\/etc\/containerd\/certs.d\"/g' /etc/containerd/config.tomlmkdir -p /etc/containerd/certs.d/docker.io cat>/etc/containerd/certs.d/docker.io/hosts.toml << EOF server ="https://docker.io" [host."https ://dockerproxy.com"] capabilities = ["pull","resolve"] [host."https://docker.m.daocloud.io"] capabilities = ["pull","resolve"] [host."https://docker.chenby.cn"] capabilities = ["pull","resolve"] [host."https://registry.docker-cn.com"] capabilities = ["pull","resolve" ] [host."http://hub-mirror.c.163.com"] capabilities = ["pull","resolve" ] EOF#5、配置containerd开机自启动 #5.1 启动containerd服务并配置开机自启动 systemctl daemon-reload && systemctl restart containerd systemctl enable --now containerd #5.2 查看containerd状态 systemctl status containerd #5.3查看containerd的版本 ctr version五、安装k8s 5.1准备k8s源# 创建repo文件 cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF sudo dnf makecache #参考:https://developer.aliyun.com/mirror/kubernetes/setenforce dnf install -y kubelet-1.27* kubeadm-1.27* kubectl-1.27* systemctl enable kubelet && systemctl start kubelet && systemctl status kubelet 安装锁定版本的插件 sudo dnf install -y dnf-plugin-versionlock 锁定版本不让后续更新sudo dnf versionlock add kubelet-1.27* kubeadm-1.27* kubectl-1.27* containerd.io [root@k8s-01 ~]# sudo dnf versionlock list Last metadata expiration check: 0:35:21 ago on Fri Aug 8 10:40:25 2025. kubelet-0:1.27.6-0.* kubeadm-0:1.27.6-0.* kubectl-0:1.27.6-0.* containerd.io-0:1.7.27-3.1.el9.* #sudo dnf update就会排除锁定的应用5.2加载内核# 加载 br_netfilter 模块 sudo modprobe br_netfilter # 启用内核参数 cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOF # 应用配置 sudo sysctl --system #临时关闭防火墙 sudo systemctl stop firewalld #永久关闭防火墙 sudo systemctl disable firewalld sudo modprobe br_netfilter cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOF sudo sysctl --system sudo systemctl stop firewalld sudo systemctl disable firewalld 5.3主节点操作(node节点不执行)初始化master节点(仅在master节点上执行) #可以kubeadm config images list查看 [root@k8s-master-01 ~]# kubeadm config images list registry.k8s.io/kube-apiserver:v1.30.0 registry.k8s.io/kube-controller-manager:v1.30.0 registry.k8s.io/kube-scheduler:v1.30.0 registry.k8s.io/kube-proxy:v1.30.0 registry.k8s.io/coredns/coredns:v1.11.1 registry.k8s.io/pause:3.9 registry.k8s.io/etcd:3.5.12-0kubeadm config print init-defaults > kubeadm.yamlvi kubeadm.yaml apiVersion: kubeadm.k8s.io/v1beta3 bootstrapTokens: - groups: - system:bootstrappers:kubeadm:default-node-token token: abcdef.0123456789abcdef ttl: 24h0m0s apiVersion: kubeadm.k8s.io/v1beta3 bootstrapTokens: - groups: - system:bootstrappers:kubeadm:default-node-token token: abcdef.0123456789abcdef ttl: 24h0m0s usages: - signing - authentication kind: InitConfiguration localAPIEndpoint: advertiseAddress: 192.168.110.97 #这里要改为控制节点 bindPort: 6443 nodeRegistration: criSocket: unix:///var/run/containerd/containerd.sock imagePullPolicy: IfNotPresent name: k8s-master-01 #这里要修改 taints: null --- apiServer: timeoutForControlPlane: 4m0s apiVersion: kubeadm.k8s.io/v1beta3 certificatesDir: /etc/kubernetes/pki clusterName: kubernetes controllerManager: {} dns: {} etcd: local: dataDir: /var/lib/etcd imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers #要去阿里云创建仓库 kind: ClusterConfiguration kubernetesVersion: 1.30.3 networking: dnsDomain: cluster.local serviceSubnet: 10.96.0.0/12 podSubnet: 10.244.0.0/16 #添加这行 scheduler: {} #在最后插入以下内容 --- apiVersion: kubeproxy.config.k8s.io/v1alpha1 kind: KubeProxyConfiguration mode: ipvs --- apiVersion: kubelet.config.k8s.io/v1beta1 kind: KubeletConfiguration cgroupDriver: systemd部署K8Skubeadm init --config=kubeadm.yaml --ignore-preflight-errors=SystemVerification --ignore-preflight-errors=Swap部署网络插件下载网络插件wget https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml[root@k8s-01 ~]# cat kube-flannel.yml apiVersion: v1 kind: Namespace metadata: labels: k8s-app: flannel pod-security.kubernetes.io/enforce: privileged name: kube-flannel --- apiVersion: v1 kind: ServiceAccount metadata: labels: k8s-app: flannel name: flannel namespace: kube-flannel --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: k8s-app: flannel name: flannel rules: - apiGroups: - "" resources: - pods verbs: - get - apiGroups: - "" resources: - nodes verbs: - get - list - watch - apiGroups: - "" resources: - nodes/status verbs: - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: k8s-app: flannel name: flannel roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: flannel subjects: - kind: ServiceAccount name: flannel namespace: kube-flannel --- apiVersion: v1 data: cni-conf.json: | { "name": "cbr0", "cniVersion": "0.3.1", "plugins": [ { "type": "flannel", "delegate": { "hairpinMode": true, "isDefaultGateway": true } }, { "type": "portmap", "capabilities": { "portMappings": true } } ] } net-conf.json: | { "Network": "10.244.0.0/16", "EnableNFTables": false, "Backend": { "Type": "vxlan" } } kind: ConfigMap metadata: labels: app: flannel k8s-app: flannel tier: node name: kube-flannel-cfg namespace: kube-flannel --- apiVersion: apps/v1 kind: DaemonSet metadata: labels: app: flannel k8s-app: flannel tier: node name: kube-flannel-ds namespace: kube-flannel spec: selector: matchLabels: app: flannel k8s-app: flannel template: metadata: labels: app: flannel k8s-app: flannel tier: node spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/os operator: In values: - linux containers: - args: - --ip-masq - --kube-subnet-mgr command: - /opt/bin/flanneld env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: EVENT_QUEUE_DEPTH value: "5000" image: registry.cn-guangzhou.aliyuncs.com/xingcangku/cccc:0.25.5 name: kube-flannel resources: requests: cpu: 100m memory: 50Mi securityContext: capabilities: add: - NET_ADMIN - NET_RAW privileged: false volumeMounts: - mountPath: /run/flannel name: run - mountPath: /etc/kube-flannel/ name: flannel-cfg - mountPath: /run/xtables.lock name: xtables-lock hostNetwork: true initContainers: - args: - -f - /flannel - /opt/cni/bin/flannel command: - cp image: registry.cn-guangzhou.aliyuncs.com/xingcangku/ddd:1.5.1 name: install-cni-plugin volumeMounts: - mountPath: /opt/cni/bin name: cni-plugin - args: - -f - /etc/kube-flannel/cni-conf.json - /etc/cni/net.d/10-flannel.conflist command: - cp image: registry.cn-guangzhou.aliyuncs.com/xingcangku/cccc:0.25.5 name: install-cni volumeMounts: - mountPath: /etc/cni/net.d name: cni - mountPath: /etc/kube-flannel/ name: flannel-cfg priorityClassName: system-node-critical serviceAccountName: flannel tolerations: - effect: NoSchedule operator: Exists volumes: - hostPath: path: /run/flannel name: run - hostPath: path: /opt/cni/bin name: cni-plugin - hostPath: path: /etc/cni/net.d name: cni - configMap: name: kube-flannel-cfg name: flannel-cfg - hostPath: path: /run/xtables.lock type: FileOrCreate name: xtables-lock[root@k8s-01 ~]# grep -i image kube-flannel.yml image: registry.cn-guangzhou.aliyuncs.com/xingcangku/cccc:0.25.5 image: registry.cn-guangzhou.aliyuncs.com/xingcangku/ddd:1.5.1 image: registry.cn-guangzhou.aliyuncs.com/xingcangku/cccc:0.25.5 #在node节点执行下面命令修改ip地址 mkdir -p $HOME/.kube scp root@192.168.30.135:/etc/kubernetes/admin.conf $HOME/.kube/config chown $(id -u):$(id -g) $HOME/.kube/configdocker安装1.卸载旧版本(如有) sudo dnf remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine 2.安装依赖包 sudo dnf install -y dnf-plugins-core 3.添加 Docker 官方仓库 sudo dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 或者安装阿里云的 sudo dnf config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 4.安装 Docker 引擎 sudo dnf install -y docker-ce docker-ce-cli containerd.io 5.启动并设置开机自启 sudo systemctl start docker sudo systemctl enable docker安装docker-compose1、要先给chmod +x 执行权限 2、/usr/local/bin/docker-compose 自己传docker-compose 过去 [root@k8s-03 harbor]# sudo ./install.sh [Step 0]: checking if docker is installed ... Note: docker version: 20.10.24 [Step 1]: checking docker-compose is installed ... Note: docker-compose version: 2.24.5 [Step 2]: preparing environment ... [Step 3]: preparing harbor configs ... prepare base dir is set to /root/harbor Clearing the configuration file: /config/portal/nginx.conf Clearing the configuration file: /config/log/logrotate.conf Clearing the configuration file: /config/log/rsyslog_docker.conf Clearing the configuration file: /config/nginx/nginx.conf Clearing the configuration file: /config/core/env Clearing the configuration file: /config/core/app.conf Clearing the configuration file: /config/registry/passwd Clearing the configuration file: /config/registry/config.yml Clearing the configuration file: /config/registryctl/env Clearing the configuration file: /config/registryctl/config.yml Clearing the configuration file: /config/db/env Clearing the configuration file: /config/jobservice/env Clearing the configuration file: /config/jobservice/config.yml Generated configuration file: /config/portal/nginx.conf Generated configuration file: /config/log/logrotate.conf Generated configuration file: /config/log/rsyslog_docker.conf Generated configuration file: /config/nginx/nginx.conf Generated configuration file: /config/core/env Generated configuration file: /config/core/app.conf Generated configuration file: /config/registry/config.yml Generated configuration file: /config/registryctl/env Generated configuration file: /config/registryctl/config.yml Generated configuration file: /config/db/env Generated configuration file: /config/jobservice/env Generated configuration file: /config/jobservice/config.yml loaded secret from file: /data/secret/keys/secretkey Generated configuration file: /compose_location/docker-compose.yml Clean up the input dir [Step 4]: starting Harbor ... [+] Running 9/10 ⠸ Network harbor_harbor Created 2.3s ✔ Container harbor-log Started 0.4s ✔ Container harbor-db Started 1.3s ✔ Container harbor-portal Started 1.3s ✔ Container redis Started 1.2s ✔ Container registry Started 1.2s ✔ Container registryctl Started 1.3s ✔ Container harbor-core Started 1.6s ✔ Container nginx Started 2.1s ✔ Container harbor-jobservice Started 2.2s ✔ ----Harbor has been installed and started successfully.---- [root@k8s-03 harbor]# dockeer ps -bash: dockeer: command not found [root@k8s-03 harbor]# docker p docker: 'p' is not a docker command. See 'docker --help' [root@k8s-03 harbor]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 49d3c2bd157f goharbor/nginx-photon:v2.5.0 "nginx -g 'daemon of…" 11 seconds ago Up 8 seconds (health: starting) 0.0.0.0:80->8080/tcp, :::80->8080/tcp, 0.0.0.0:443->8443/tcp, :::443->8443/tcp nginx 60a868e50223 goharbor/harbor-jobservice:v2.5.0 "/harbor/entrypoint.…" 11 seconds ago Up 8 seconds (health: starting) harbor-jobservice abf5e1d382b1 goharbor/harbor-core:v2.5.0 "/harbor/entrypoint.…" 11 seconds ago Up 8 seconds (health: starting) harbor-core 9f5415aa4086 goharbor/harbor-portal:v2.5.0 "nginx -g 'daemon of…" 11 seconds ago Up 9 seconds (health: starting) harbor-portal f4c2c38abe04 goharbor/harbor-db:v2.5.0 "/docker-entrypoint.…" 11 seconds ago Up 9 seconds (health: starting) harbor-db 74b6a076b5b2 goharbor/harbor-registryctl:v2.5.0 "/home/harbor/start.…" 11 seconds ago Up 8 seconds (health: starting) registryctl 8c3bead9c56e goharbor/redis-photon:v2.5.0 "redis-server /etc/r…" 11 seconds ago Up 9 seconds (health: starting) redis d09c4161d411 goharbor/registry-photon:v2.5.0 "/home/harbor/entryp…" 11 seconds ago Up 9 seconds (health: starting) registry 90f8c13f0490 goharbor/harbor-log:v2.5.0 "/bin/sh -c /usr/loc…" 11 seconds ago Up 9 seconds (health: starting) 127.0.0.1:1514->10514/tcp harbor-log [root@k8s-03 harbor]# sudo wget "https://github.com/docker/compose/releases/download/v2.24.5/docker-compose-$(uname -s)-$(uname -m)" -O /usr/local/bin/docker-compose --2025-08-11 16:12:21-- https://github.com/docker/compose/releases/download/v2.24.5/docker-compose-Linux-x86_64 Resolving github.com (github.com)... 20.200.245.247 Connecting to github.com (github.com)|20.200.245.247|:443... connected. HTTP request sent, awaiting response... 302 Found Location: https://release-assets.githubusercontent.com/github-production-release-asset/15045751/aef9c31b-3422-45af-b239-516f7a79cca1?sp=r&sv=2018-11-09&sr=b&spr=https&se=2025-08-11T08%3A49%3A34Z&rscd=attachment%3B+filename%3Ddocker-compose-linux-x86_64&rsct=application%2Foctet-stream&skoid=96c2d410-5711-43a1-aedd-ab1947aa7ab0&sktid=398a6654-997b-47e9-b12b-9515b896b4de&skt=2025-08-11T07%3A49%3A31Z&ske=2025-08-11T08%3A49%3A34Z&sks=b&skv=2018-11-09&sig=k%2BvfmI39lbdCBNCQDwuQiB5UfH%2F8S9PNPOgAFydaPJs%3D&jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmVsZWFzZS1hc3NldHMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwia2V5Ijoia2V5MSIsImV4cCI6MTc1NDkwMDI0MiwibmJmIjoxNzU0ODk5OTQyLCJwYXRoIjoicmVsZWFzZWFzc2V0cHJvZHVjdGlvbi5ibG9iLmNvcmUud2luZG93cy5uZXQifQ.x2Izppyvpu0u8fDdEvN9JVDiEOk70qV6l1OyQSg1woI&response-content-disposition=attachment%3B%20filename%3Ddocker-compose-linux-x86_64&response-content-type=application%2Foctet-stream [following] --2025-08-11 16:12:22-- https://release-assets.githubusercontent.com/github-production-release-asset/15045751/aef9c31b-3422-45af-b239-516f7a79cca1?sp=r&sv=2018-11-09&sr=b&spr=https&se=2025-08-11T08%3A49%3A34Z&rscd=attachment%3B+filename%3Ddocker-compose-linux-x86_64&rsct=application%2Foctet-stream&skoid=96c2d410-5711-43a1-aedd-ab1947aa7ab0&sktid=398a6654-997b-47e9-b12b-9515b896b4de&skt=2025-08-11T07%3A49%3A31Z&ske=2025-08-11T08%3A49%3A34Z&sks=b&skv=2018-11-09&sig=k%2BvfmI39lbdCBNCQDwuQiB5UfH%2F8S9PNPOgAFydaPJs%3D&jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmVsZWFzZS1hc3NldHMuZ2l0aHVidXNlcmNvbnRlbnQuY29tIiwia2V5Ijoia2V5MSIsImV4cCI6MTc1NDkwMDI0MiwibmJmIjoxNzU0ODk5OTQyLCJwYXRoIjoicmVsZWFzZWFzc2V0cHJvZHVjdGlvbi5ibG9iLmNvcmUud2luZG93cy5uZXQifQ.x2Izppyvpu0u8fDdEvN9JVDiEOk70qV6l1OyQSg1woI&response-content-disposition=attachment%3B%20filename%3Ddocker-compose-linux-x86_64&response-content-type=application%2Foctet-stream Resolving release-assets.githubusercontent.com (release-assets.githubusercontent.com)... 185.199.110.133, 185.199.111.133, 185.199.109.133, ... Connecting to release-assets.githubusercontent.com (release-assets.githubusercontent.com)|185.199.110.133|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 61389086 (59M) [application/octet-stream] Saving to: ‘/usr/local/bin/docker-compose’ /usr/local/bin/docker-compose 100%[=================================================================================================================================================================>] 58.54M 164KB/s in 2m 49s 2025-08-11 16:15:11 (355 KB/s) - ‘/usr/local/bin/docker-compose’ saved [61389086/61389086] [root@k8s-03 harbor]# sudo chmod +x /usr/local/bin/docker-compose [root@k8s-03 harbor]# sudo rm -f /usr/bin/docker-compose [root@k8s-03 harbor]# sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose [root@k8s-03 harbor]# echo $PATH /root/.local/bin:/root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/.local/bin [root@k8s-03 harbor]# docker-compose version -bash: /root/.local/bin/docker-compose: No such file or directory [root@k8s-03 harbor]# export PATH=/usr/local/bin:/usr/bin:/root/.local/bin:$PATH [root@k8s-03 harbor]# echo 'export PATH=/usr/local/bin:$PATH' | sudo tee -a /root/.bashrc export PATH=/usr/local/bin:$PATH [root@k8s-03 harbor]# source /root/.bashrc [root@k8s-03 harbor]# docker-compose version Docker Compose version v2.24.5 [root@k8s-03 harbor]# 获取证书[root@k8s-03 harbor]# sudo ./t.sh Certificate request self-signature ok subject=C=CN, ST=Beijing, L=Beijing, O=example, OU=Personal, CN=harbor.telewave.tech [root@k8s-03 harbor]# ls LICENSE common common.sh data docker-compose.yml harbor.v2.5.0.tar harbor.yml harbor.yml.bak harbor.yml.tmpl install.sh prepare t.sh [root@k8s-03 harbor]# pwd /root/harbor [root@k8s-03 harbor]# ls /work/harbor/cert/ ca.crt ca.key ca.srl harbor.telewave.tech.cert harbor.telewave.tech.crt harbor.telewave.tech.csr harbor.telewave.tech.key v3.ext
2025年08月08日
9 阅读
0 评论
0 点赞
2025-08-07
gitlab runner安装
安装的gitlab runner版本与gitlab版本保持一致。一、参考文档https://docs.gitlab.com/runner/install/index.html二、查看gitlab版本root@k8s-02:~# gitlab-rake gitlab:env:info System information System: Ubuntu 22.04 Current User: git Using RVM: no Ruby Version: 3.2.5 Gem Version: 3.6.9 Bundler Version:2.6.5 Rake Version: 13.0.6 Redis Version: 7.2.9 Sidekiq Version:7.3.9 Go Version: unknown GitLab information Version: 18.2.1 Revision: baccadafcda Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: PostgreSQL DB Version: 16.8 URL: http://192.168.30.181 HTTP Clone URL: http://192.168.30.181/some-group/some-project.git SSH Clone URL: git@192.168.30.181:some-group/some-project.git Using LDAP: no Using Omniauth: yes Omniauth Providers: GitLab Shell Version: 14.43.0 Repository storages: - default: unix:/var/opt/gitlab/gitaly/gitaly.socket GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell Gitaly - default Address: unix:/var/opt/gitlab/gitaly/gitaly.socket - default Version: 18.2.1 - default Git Version: 2.50.1.gl1 三、yum安装https://docs.gitlab.com/runner/install/linux-repository.html #centos curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.rpm.sh" | sudo bash #ubuntu curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh" | sudo bash #要安装特定版本的 GitLab Runner: #centos yum list gitlab-runner --showduplicates | sort -r sudo yum install gitlab-runner-17.2.0-1 #ubuntu apt-cache madison gitlab-runner sudo apt install gitlab-runner=17.7.1-1 gitlab-runner-helper-images=17.7.1-1 root@k8s-02:~# gitlab-rake gitlab:env:info System information System: Ubuntu 22.04 Current User: git Using RVM: no Ruby Version: 3.2.5 Gem Version: 3.6.9 Bundler Version:2.6.5 Rake Version: 13.0.6 Redis Version: 7.2.9 Sidekiq Version:7.3.9 Go Version: unknown GitLab information Version: 18.2.1 Revision: baccadafcda Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: PostgreSQL DB Version: 16.8 URL: http://192.168.30.181 HTTP Clone URL: http://192.168.30.181/some-group/some-project.git SSH Clone URL: git@192.168.30.181:some-group/some-project.git Using LDAP: no Using Omniauth: yes Omniauth Providers: GitLab Shell Version: 14.43.0 Repository storages: - default: unix:/var/opt/gitlab/gitaly/gitaly.socket GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell Gitaly - default Address: unix:/var/opt/gitlab/gitaly/gitaly.socket - default Version: 18.2.1 - default Git Version: 2.50.1.gl1 root@k8s-02:~# systemctl status gitlab gitlab-runner.service gitlab-runsvdir.service gitlab.slice root@k8s-02:~# systemctl status gitlab gitlab-runner.service gitlab-runsvdir.service gitlab.slice root@k8s-02:~# systemctl status gitlab-runner.service ● gitlab-runner.service - GitLab Runner Loaded: loaded (/etc/systemd/system/gitlab-runner.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2025-08-11 12:31:20 UTC; 32min ago Main PID: 1044 (gitlab-runner) Tasks: 10 (limit: 23452) Memory: 82.6M CPU: 3.032s CGroup: /system.slice/gitlab-runner.service └─1044 /usr/bin/gitlab-runner run --config /etc/gitlab-runner/config.toml --working-directory /home/gitlab-runner --ser> Aug 11 12:31:20 k8s-02 systemd[1]: Started GitLab Runner. Aug 11 12:31:24 k8s-02 gitlab-runner[1044]: Runtime platform arch=amd64 os=linux pid=1044 revisio> Aug 11 12:31:24 k8s-02 gitlab-runner[1044]: Starting multi-runner from /etc/gitlab-runner/config.toml... builds=0 max_builds=0 Aug 11 12:31:24 k8s-02 gitlab-runner[1044]: Running in system-mode. Aug 11 12:31:24 k8s-02 gitlab-runner[1044]: Aug 11 12:31:24 k8s-02 gitlab-runner[1044]: Usage logger disabled builds=0 max_builds=1 Aug 11 12:31:24 k8s-02 gitlab-runner[1044]: Configuration loaded builds=0 max_builds=1 Aug 11 12:31:24 k8s-02 gitlab-runner[1044]: listen_address not defined, metrics & debug endpoints disabled builds=0 max_builds=1 Aug 11 12:31:24 k8s-02 gitlab-runner[1044]: [session_server].listen_address not defined, session endpoints disabled builds=0 max_bu> Aug 11 12:31:24 k8s-02 gitlab-runner[1044]: Initializing executor providers builds=0 max_builds=1 root@k8s-02:~# ^C root@k8s-02:~# gitlab-runner -v Version: 18.2.1 Git revision: cc489270 Git branch: 18-2-stable GO version: go1.24.4 X:cacheprog Built: 2025-07-28T12:43:39Z OS/Arch: linux/amd64 如果您尝试安装的特定版本gitlab-runner而不安装相同版本的 gitlab-runner-helper-images,则可能会遇到以下错误: sudo apt install gitlab-runner=17.7.1-1 ... The following packages have unmet dependencies: gitlab-runner : Depends: gitlab-runner-helper-images (= 17.7.1-1) but 17.8.3-1 is to be installed E: Unable to correct problems, you have held broken packages.四、rpm包安装查找合适版本的软件包并下载 https://mirrors.tuna.tsinghua.edu.cn/gitlab-runner/yum/el7-x86_64/ [root@tiaoban gitlab-runner]# wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-runner/yum/el7-x86_64/gitlab-runner-16.10.0-1.x86_64.rpm [root@tiaoban gitlab-runner]# rpm -ivh gitlab-runner-16.10.0-1.x86_64.rpm五、docker安装[root@client2 docker]# mkdir gitlab-runner [root@client2 docker]# ls gitlab-runner [root@client2 docker]# docker run --name gitlab-runner -itd -v /opt/docker/gitlab-runner:/etc/gitlab-runner --restart always gitlab/gitlab-runner:v16.10.0
2025年08月07日
4 阅读
0 评论
0 点赞
1
...
3
4
5
...
23