当前位置：首页 > news >正文

上传文件后网站建设中如何做网站清风制作

news 2025/11/4 17:01:18

上传文件后网站建设中,如何做网站清风制作,营销案例分享,廊坊seo关键字排名华子目录 Kubernetes部署说明环境准备工作主机准备harbor搭建k8s集群中的主机名和ip设定k8s集群中设置hosts解析k8s中的所有节点关闭防火墙和selinuxk8s集群中禁用swap分区k8s集群中安装docker-cek8s集群中下载harbor证书k8s集群中配置harbor镜像加速器 k8s节点登录harbor测试 … 华子目录 Kubernetes部署说明环境准备工作主机准备harbor搭建k8s集群中的主机名和ip设定k8s集群中设置hosts解析k8s中的所有节点关闭防火墙和selinuxk8s集群中禁用swap分区k8s集群中安装docker-cek8s集群中下载harbor证书k8s集群中配置harbor镜像加速器 k8s节点登录harbor测试 Kubernetes部署说明 K8S中文官网https://kubernetes.io/zh-cn 主机名ip角色harbor.huazi.org172.25.254.250harbor仓库k8s-master.org172.25.254.100masterk8s集群控制节点k8s-node1.org172.25.254.10workerk8s集群工作节点k8s-node2.org172.25.254.20workerk8s集群工作节点要求除了harbor服务器的所有k8s节点所有节点禁用selinux和防火墙所有节点同步时间和解析所有节点安装docker-ce所有节点禁用swap注意注释掉/etc/fstab文件中的定义因为k8s集群中容器对内存要求非常高如果不禁用swap一些容器就会存到swap中这样可能会使你的容器暂停或者运行缓慢环境准备工作主机准备 harbor搭建 harbor的搭建我们可以参考这篇博客https://blog.csdn.net/huaz_md/article/details/142671140?spm1001.2014.3001.5501 这里博主只写出几个关键的操作制作https的证书和key [rootharbor ~]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/huazi.org.key -addext subjectAltName DNS:harbor.huazi.org -x509 -days 365 -out certs/huazi.org.crt ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:shanxi Locality Name (eg, city) [Default City]:xian Organization Name (eg, company) [Default Company Ltd]:docker Organizational Unit Name (eg, section) []:registry Common Name (eg, your name or your servers hostname) []:harbor.huazi.org Email Address []:adminhuazi.org修改harbor的配置文件 [rootharbor harbor]# cp harbor.yml.tmpl harbor.yml [rootharbor harbor]# vim harbor.yml启动harbor [rootharbor harbor]# ./install.sh --with-chartmuseum关闭防火墙和selinux [rootharbor ~]# systemctl is-active firewalld.service inactive [rootharbor ~]# getenforce Disabledk8s集群中的主机名和ip设定 k8s-master [rootk8s-master ~]# hostname -I 172.25.254.100[rootk8s-master ~]# hostnamectl hostname k8s-master.org [rootk8s-master ~]# hostname k8s-master.orgk8s-node1 [rootk8s-node1 ~]# hostname -I 172.25.254.10[rootk8s-node1 ~]# hostnamectl hostname k8s-node1.org [rootk8s-node1 ~]# hostname k8s-node1.orgk8s-node2 [rootk8s-node2 ~]# hostname -I 172.25.254.20[rootk8s-node2 ~]# hostnamectl hostname k8s-node2.org [rootk8s-node2 ~]# hostname k8s-node2.orgk8s集群中设置hosts解析 k8s-master [rootk8s-master ~]# vim /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.25.254.100 k8s-master.org 172.25.254.10 k8s-node1.org 172.25.254.20 k8s-node2.org 172.25.254.250 harbor.huazi.orgk8s-node1这里我们使用scp命令 [rootk8s-master ~]# scp /etc/hosts root172.25.254.10:/etc/hosts The authenticity of host 172.25.254.10 (172.25.254.10) cant be established. ED25519 key fingerprint is SHA256:oRI0QHrpuaAH8E6hepK2f2FymklDq9LifjGxkU86pMg. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 172.25.254.10 (ED25519) to the list of known hosts. root172.25.254.10s password: hosts 100% 286 253.6KB/s 00:00[rootk8s-node1 ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.25.254.100 k8s-master.org 172.25.254.10 k8s-node1.org 172.25.254.20 k8s-node2.org 172.25.254.250 harbor.huazi.orgk8s-node2这里我们使用scp命令 [rootk8s-master ~]# scp /etc/hosts root172.25.254.20:/etc/hosts The authenticity of host 172.25.254.20 (172.25.254.20) cant be established. ED25519 key fingerprint is SHA256:oRI0QHrpuaAH8E6hepK2f2FymklDq9LifjGxkU86pMg. This host key is known by the following other names/addresses:~/.ssh/known_hosts:1: 172.25.254.10 Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 172.25.254.20 (ED25519) to the list of known hosts. root172.25.254.20s password: hosts 100% 286 431.8KB/s 00:00[rootk8s-node2 ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.25.254.100 k8s-master.org 172.25.254.10 k8s-node1.org 172.25.254.20 k8s-node2.org 172.25.254.250 harbor.huazi.orgping测试 [rootk8s-master ~]# ping harbor.huazi.org PING harbor.huazi.org (172.25.254.250) 56(84) 比特的数据。 64 比特来自 harbor.huazi.org (172.25.254.250): icmp_seq1 ttl64 时间0.629 毫秒 64 比特来自 harbor.huazi.org (172.25.254.250): icmp_seq2 ttl64 时间0.288 毫秒 ^C --- harbor.huazi.org ping 统计 --- 已发送 2 个包已接收 2 个包, 0% packet loss, time 1061ms rtt min/avg/max/mdev 0.288/0.458/0.629/0.170 ms [rootk8s-master ~]# ping k8s-node1.org PING k8s-node1.org (172.25.254.10) 56(84) 比特的数据。 64 比特来自 k8s-node1.org (172.25.254.10): icmp_seq1 ttl64 时间0.422 毫秒 64 比特来自 k8s-node1.org (172.25.254.10): icmp_seq2 ttl64 时间0.339 毫秒 ^C --- k8s-node1.org ping 统计 --- 已发送 2 个包已接收 2 个包, 0% packet loss, time 1038ms rtt min/avg/max/mdev 0.339/0.380/0.422/0.041 ms [rootk8s-master ~]# ping k8s-node2.org PING k8s-node2.org (172.25.254.20) 56(84) 比特的数据。 64 比特来自 k8s-node2.org (172.25.254.20): icmp_seq1 ttl64 时间0.660 毫秒 64 比特来自 k8s-node2.org (172.25.254.20): icmp_seq2 ttl64 时间0.256 毫秒 64 比特来自 k8s-node2.org (172.25.254.20): icmp_seq3 ttl64 时间0.666 毫秒 ^C --- k8s-node2.org ping 统计 --- 已发送 3 个包已接收 3 个包, 0% packet loss, time 2078ms rtt min/avg/max/mdev 0.256/0.527/0.666/0.191 msk8s中的所有节点关闭防火墙和selinux k8s-master [rootk8s-master ~]# systemctl is-active firewalld.service inactive [rootk8s-master ~]# getenforce Disabledk8s-node1 [rootk8s-node1 ~]# systemctl is-active firewalld.service inactive [rootk8s-node1 ~]# getenforce Disabledk8s-node2 [rootk8s-node2 ~]# systemctl is-active firewalld.service inactive [rootk8s-node2 ~]# getenforce Disabledk8s集群中禁用swap分区 k8s-master [rootk8s-master ~]# vim /etc/fstab[rootk8s-master ~]# swapon -s Filename Type Size Used Priority /dev/nvme0n1p2 partition 2097148 0 -2 [rootk8s-master ~]# swapoff -a [rootk8s-master ~]# swapon -s #发现swap分区已经没了 [rootk8s-master ~]#k8s-node1 [rootk8s-node1 ~]# vim /etc/fstab[rootk8s-node1 ~]# systemctl mask swap.target Created symlink /etc/systemd/system/swap.target → /dev/null. [rootk8s-node1 ~]# swapoff -a [rootk8s-node1 ~]# swapon -sk8s-node2 [rootk8s-node2 ~]# vim /etc/fstab[rootk8s-node2 ~]# systemctl mask swap.target Created symlink /etc/systemd/system/swap.target → /dev/null. [rootk8s-node2 ~]# swapoff -a [rootk8s-node2 ~]# swapon -sk8s集群中安装docker-ce [rootk8s-master yum.repos.d]# vim redhat.repo [docker] namedocker-ce baseurlhttps://mirrors.aliyun.com/docker-ce/linux/rhel/9/x86_64/stable/ gpgcheck0[rootk8s-master yum.repos.d]# scp /etc/yum.repos.d/redhat.repo root172.25.254.10:/etc/yum.repos.d/ root172.25.254.10s password: redhat.repo 100% 108 130.7KB/s 00:00[rootk8s-master yum.repos.d]# scp /etc/yum.repos.d/redhat.repo root172.25.254.20:/etc/yum.repos.d/ root172.25.254.20s password: redhat.repo 100% 108 180.7KB/s 00:00k8s-master [rootk8s-master ~]# yum install docker-ce -y[rootk8s-master ~]# systemctl enable --now dockerk8s-node1 [rootk8s-node1 ~]# yum install docker-ce -y[rootk8s-node1 ~]# systemctl enable --now dockerk8s-node2 [rootk8s-node2 ~]# yum install docker-ce -y[rootk8s-node2 ~]# systemctl enable --now docker当我们在执行docker info后出现了如下WARNING如何处理呢 [rootk8s-master ~]# docker info ...... ...... ...... WARNING: bridge-nf-call-iptables is disabled WARNING: bridge-nf-call-ip6tables is disabled[rootk8s-master ~]# echo br_netfilter /etc/modules-load.d/docker_mod.conf[rootk8s-master ~]# modprobe br_netfilter[rootk8s-master ~]# vim /etc/sysctl.d/docker.conf net.bridge.bridge-nf-call-iptables 1 net.bridge.bridge-nf-call-ip6tables 1 net.ipv4.ip_forward 1[rootk8s-master ~]# sysctl --system[rootk8s-master ~]# systemctl restart docker[rootk8s-node1 ~]# echo br_netfilter /etc/modules-load.d/docker_mod.conf[rootk8s-node1 ~]# modprobe br_netfilter[rootk8s-node1 ~]# vim /etc/sysctl.d/docker.conf net.bridge.bridge-nf-call-iptables 1 net.bridge.bridge-nf-call-ip6tables 1 net.ipv4.ip_forward 1[rootk8s-node1 ~]# sysctl --system[rootk8s-node1 ~]# systemctl restart docker[rootk8s-node2 ~]# echo br_netfilter /etc/modules-load.d/docker_mod.conf[rootk8s-node2 ~]# modprobe br_netfilter[rootk8s-node2 ~]# vim /etc/sysctl.d/docker.conf net.bridge.bridge-nf-call-iptables 1 net.bridge.bridge-nf-call-ip6tables 1 net.ipv4.ip_forward 1[rootk8s-node2 ~]# sysctl --system[rootk8s-node2 ~]# systemctl restart docker再次docker info时就没有WARNING了 k8s集群中下载harbor证书 k8s-master [rootk8s-master ~]# mkdir -p /etc/docker/certs.d/harbor.huazi.org/[rootk8s-master ~]# scp rootharbor.huazi.org:/root/certs/huazi.org.crt /etc/docker/certs.d/harbor.huazi.org/ca.crt The authenticity of host harbor.huazi.org (172.25.254.250) cant be established. ED25519 key fingerprint is SHA256:wkrDVNwOtwB4XhstKSlHBEeO8JE3gp9NDIKRe6aMu0. This host key is known by the following other names/addresses:~/.ssh/known_hosts:5: 172.25.254.250 Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added harbor.huazi.org (ED25519) to the list of known hosts. rootharbor.huazi.orgs password: huazi.org.crt 100% 2175 1.9MB/s 00:00[rootk8s-master ~]# ll /etc/docker/certs.d/harbor.huazi.org/ca.crt -rw-r--r-- 1 root root 2163 10月 2 05:19 /etc/docker/certs.d/harbor.huazi.org/ca.crt[rootk8s-master ~]# systemctl restart dockerk8s-node1 [rootk8s-node1 ~]# mkdir -p /etc/docker/certs.d/harbor.huazi.org/[rootk8s-node1 ~]# scp rootharbor.huazi.org:/root/certs/huazi.org.crt /etc/docker/certs.d/harbor.huazi.org/ca.crt rootharbor.huazi.orgs password: huazi.org.crt 100% 2175 2.4MB/s 00:00[rootk8s-node1 ~]# ll /etc/docker/certs.d/harbor.huazi.org/ca.crt -rw-r--r-- 1 root root 2175 10月 2 05:55 /etc/docker/certs.d/harbor.huazi.org/ca.crt[rootk8s-node1 ~]# systemctl restart dockerk8s-node2 [rootk8s-node2 ~]# mkdir -p /etc/docker/certs.d/harbor.huazi.org/[rootk8s-node2 ~]# scp rootharbor.huazi.org:/root/certs/huazi.org.crt /etc/docker/certs.d/harbor.huazi.org/ca.crt rootharbor.huazi.orgs password: huazi.org.crt 100% 2175 2.5MB/s 00:00[rootk8s-node2 ~]# ll /etc/docker/certs.d/harbor.huazi.org/ca.crt -rw-r--r-- 1 root root 2175 10月 2 05:57 /etc/docker/certs.d/harbor.huazi.org/ca.crt[rootk8s-node2 ~]# systemctl restart dockerk8s集群中配置harbor镜像加速器 k8s-master [rootk8s-master ~]# cd /etc/docker/ [rootk8s-master docker]# ls certs.d [rootk8s-master docker]# vim daemon.json {registry-mirrors: [https://harbor.huazi.org] } [rootk8s-master docker]# systemctl restart docker[rootk8s-master ~]# docker info ...... ...... ......Registry Mirrors:https://harbor.huazi.org/k8s-node1 [rootk8s-node1 ~]# cd /etc/docker/ [rootk8s-node1 docker]# ls certs.d [rootk8s-node1 docker]# vim daemon.json {registry-mirrors: [https://harbor.huazi.org] } [rootk8s-node1 docker]# cd [rootk8s-node1 ~]# systemctl restart docker[rootk8s-node1 ~]# docker info ...... ...... ......Registry Mirrors:https://harbor.huazi.org/k8s-node2 [rootk8s-node2 ~]# cd /etc/docker/ [rootk8s-node2 docker]# ls certs.d [rootk8s-node2 docker]# vim daemon.json {registry-mirrors: [https://harbor.huazi.org] } [rootk8s-node2 docker]# cd [rootk8s-node2 ~]# systemctl restart docker[rootk8s-node2 ~]# docker info ...... ...... ......Registry Mirrors:https://harbor.huazi.org/k8s节点登录harbor测试 k8s-master [rootk8s-master ~]# docker login harbor.huazi.org Username: admin Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credential-storesLogin Succeededk8s-node1 [rootk8s-node1 ~]# docker login harbor.huazi.org Username: admin Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credential-storesLogin Succeededk8s-node2 [rootk8s-node2 ~]# docker login harbor.huazi.org Username: admin Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credential-storesLogin Succeeded至此kubernetes环境搭建成功
文章转载自：
http://www.morning.qkgwz.cn.gov.cn.qkgwz.cn
http://www.morning.ruifund.com.gov.cn.ruifund.com
http://www.morning.zqdhr.cn.gov.cn.zqdhr.cn
http://www.morning.lwzpp.cn.gov.cn.lwzpp.cn
http://www.morning.lmtbl.cn.gov.cn.lmtbl.cn
http://www.morning.gl-group.cn.gov.cn.gl-group.cn
http://www.morning.lcbnb.cn.gov.cn.lcbnb.cn
http://www.morning.xlmgq.cn.gov.cn.xlmgq.cn
http://www.morning.jgncd.cn.gov.cn.jgncd.cn
http://www.morning.pwfwk.cn.gov.cn.pwfwk.cn
http://www.morning.cttti.com.gov.cn.cttti.com
http://www.morning.bgygx.cn.gov.cn.bgygx.cn
http://www.morning.tlrxp.cn.gov.cn.tlrxp.cn
http://www.morning.qbjrl.cn.gov.cn.qbjrl.cn
http://www.morning.weiwt.com.gov.cn.weiwt.com
http://www.morning.yqtry.cn.gov.cn.yqtry.cn
http://www.morning.khtyz.cn.gov.cn.khtyz.cn
http://www.morning.hjbrd.cn.gov.cn.hjbrd.cn
http://www.morning.dmzzt.cn.gov.cn.dmzzt.cn
http://www.morning.ltffk.cn.gov.cn.ltffk.cn
http://www.morning.pznhn.cn.gov.cn.pznhn.cn
http://www.morning.pxdgy.cn.gov.cn.pxdgy.cn
http://www.morning.bkwd.cn.gov.cn.bkwd.cn
http://www.morning.jbshh.cn.gov.cn.jbshh.cn
http://www.morning.nzkkh.cn.gov.cn.nzkkh.cn
http://www.morning.rjmg.cn.gov.cn.rjmg.cn
http://www.morning.czlzn.cn.gov.cn.czlzn.cn
http://www.morning.baohum.com.gov.cn.baohum.com
http://www.morning.ppgdp.cn.gov.cn.ppgdp.cn
http://www.morning.zqcgt.cn.gov.cn.zqcgt.cn
http://www.morning.rqckh.cn.gov.cn.rqckh.cn
http://www.morning.bktly.cn.gov.cn.bktly.cn
http://www.morning.mtsck.cn.gov.cn.mtsck.cn
http://www.morning.clbsd.cn.gov.cn.clbsd.cn
http://www.morning.msmtf.cn.gov.cn.msmtf.cn
http://www.morning.tqxtx.cn.gov.cn.tqxtx.cn
http://www.morning.lsgsn.cn.gov.cn.lsgsn.cn
http://www.morning.gkmwx.cn.gov.cn.gkmwx.cn
http://www.morning.nzdks.cn.gov.cn.nzdks.cn
http://www.morning.jzklb.cn.gov.cn.jzklb.cn
http://www.morning.gjfym.cn.gov.cn.gjfym.cn
http://www.morning.wdlyt.cn.gov.cn.wdlyt.cn
http://www.morning.zxdhp.cn.gov.cn.zxdhp.cn
http://www.morning.xmnlc.cn.gov.cn.xmnlc.cn
http://www.morning.krhkb.cn.gov.cn.krhkb.cn
http://www.morning.dqwykj.com.gov.cn.dqwykj.com
http://www.morning.tlfmr.cn.gov.cn.tlfmr.cn
http://www.morning.pjbhk.cn.gov.cn.pjbhk.cn
http://www.morning.rgrys.cn.gov.cn.rgrys.cn
http://www.morning.knrgb.cn.gov.cn.knrgb.cn
http://www.morning.bhbxd.cn.gov.cn.bhbxd.cn
http://www.morning.mnlk.cn.gov.cn.mnlk.cn
http://www.morning.qnwyf.cn.gov.cn.qnwyf.cn
http://www.morning.zqbrd.cn.gov.cn.zqbrd.cn
http://www.morning.xgchm.cn.gov.cn.xgchm.cn
http://www.morning.cthrb.cn.gov.cn.cthrb.cn
http://www.morning.bgpb.cn.gov.cn.bgpb.cn
http://www.morning.qtzk.cn.gov.cn.qtzk.cn
http://www.morning.mnbcj.cn.gov.cn.mnbcj.cn
http://www.morning.nytpt.cn.gov.cn.nytpt.cn
http://www.morning.bpmfl.cn.gov.cn.bpmfl.cn
http://www.morning.wnbqy.cn.gov.cn.wnbqy.cn
http://www.morning.qhqgk.cn.gov.cn.qhqgk.cn
http://www.morning.lyldhg.cn.gov.cn.lyldhg.cn
http://www.morning.kdbbm.cn.gov.cn.kdbbm.cn
http://www.morning.llxns.cn.gov.cn.llxns.cn
http://www.morning.dgknl.cn.gov.cn.dgknl.cn
http://www.morning.glkhx.cn.gov.cn.glkhx.cn
http://www.morning.hwcln.cn.gov.cn.hwcln.cn
http://www.morning.fphbz.cn.gov.cn.fphbz.cn
http://www.morning.kgfsz.cn.gov.cn.kgfsz.cn
http://www.morning.ynwdk.cn.gov.cn.ynwdk.cn
http://www.morning.tgxrm.cn.gov.cn.tgxrm.cn
http://www.morning.nftzn.cn.gov.cn.nftzn.cn
http://www.morning.wxrbl.cn.gov.cn.wxrbl.cn
http://www.morning.xymkm.cn.gov.cn.xymkm.cn
http://www.morning.lqypx.cn.gov.cn.lqypx.cn
http://www.morning.cjmmn.cn.gov.cn.cjmmn.cn
http://www.morning.ytbr.cn.gov.cn.ytbr.cn
http://www.morning.jbfzx.cn.gov.cn.jbfzx.cn

查看全文

http://www.tj-hxxt.cn/news/277101.html