kubernetes blog

/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.crt# 生成client-key-datagrep 'client-key-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.key# 生成p12openssl pkcs12 -export -clcerts -inkey kubecfg.key -in kubecfg.crt -out kubecfg.p12 -name "kubernetes-client" 3. Finally, in the browser to import the above generated P12 file, re-open the browser Because the certificate cannot be passed through the

This article starts with my public number clouddeveloper, and you are welcome to join me in learning cloud computing. During the Ming Dynasty, Emperor Chengzu Zhu Di, in order to develop overseas trade and establish his prestige, sent Zheng He seven voyages, set the ancient China's largest, the most ships (more than 240 ships), the most seafarers (27,000 people), the longest time, than the European countries sailing time of half a century earlier ocean voyage feat.

ClusterCluster is a collection of compute, storage, and network resources, and Kubernetes uses these resources to run various container-based applicationsMasterMaster is the brain of cluster, whose primary responsibility is scheduling, that is, deciding where the application will run. Master runs the Linux operating system, which can be either a physical machine or a virtual machine. To achieve high availability, you can run multiple master.NodeNode's

What is a container?Kubernetes is a container management platform. It is conceivable that we need containers to manage them. But what is a container? The best answers to the official Docker documentation are: A container image is a lightweight, standalone, executable package that contains everything that can be run: Code, runtime, System tools, system libraries, settings. For Linux and Windows-based applications, containerized software can ru

1. Compiling environment Operating system: Ubuntu 16.04 LTS AMD64 git:2.7.4 docker:1.12.6 2. Compile Steps 2.1 Clone Source Code # git clone https://github.com/kubernetes/kubernetes.git # git checkout release-1.7 2.2 To modify the source code is to solve the Gcr.io domestic problems, has been tested, even if ready to gcr.io related mirrors, such as not modify the source code will still be due to network problems caused the compilation failed edit

Container Registry and used rancher Registry. You can directly copy the address in Amazon Container Registry, user name AWS (note case sensitive) and password (Base64 encoded string).You can get credentials this way:650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/8C/ED/wKioL1h-1LjQkH__AAAEZZXq8BI615.png "title=" Code 3.png "alt=" Wkiol1h-1ljqkh__aaaezzxq8bi615.png "/>Then create the Docker image:650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M01/8C/ED/wKioL1h-1Mqxur38AAAEJQ

requirements of those primary nodes.If you are building a new kubernetes cluster from scratch, this may be an unrelated issue, after all, determining the number of primary nodes needed is a normal phase in the cluster planning process. However, if you are going to expand an existing kubernetes cluster, you need to consider the requirements of the master node more, because the size of the master node is set

---------- ---------- ---------- ---------- ----------Apache Fedora/apache/name=Apache waiting [[email protected]~]# kubecfg list pods ID Image (s) Host Labels Status---------- ---------- ---------- ---------- ----------Apache Fedora/apache10.193.6.36/Name=apache WaitingThe Apache service automatically deploys to Docker on the machine yy2,yy2 automatically downloads the image and then launches the Apache service. Well, after

can see now that dashboard is already running on the centos-minion-2 node and we are viewing it in the browser address barHttps://192.168.128.160/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard/#/workload?namespace=_all650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" background:url ("/e/u261/lang/zh-cn/ Images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "spacer.gif"/>The dashboard has

--log_dir=/var/log/kube --address=0.0.0.0--port=10250--register-node=true--api_servers=mastr:8080# ss-tlnp|grepkubeletLISTEN0 128127.0.0.1:10248 *:* users: (("Kubelet", 6277,14)) listen 0128 :::4194 :::* useRS: (("Kubelet", 6277,11) listen0128 :::10250 :::* users: (("Kubelet", 6277,18)) LISTEN 0128 :::10255 :::* users: (("Kubelet", 6277,15))Master#kubectlgetnodes # #查看node清单NAME LABELS STATUS AGE127.0.0.1kubernetes.io/hostname=127.0.0.1 notready23dlocalhost.localdomainkubernetes.io/hostname=

This is a creation in Article, where the information may have evolved or changed. This period of time in the project group want to introduce Kubernetes, as a second-generation container scheduling engine, so recently in the system learning kubernetes. Organized a number of learning notes, experience, put on the blog, one to record their own learning through, and

cluster, Google recommends: Create service accounts using IAM in the cloud console and follow the least privilege principle before associating them with each node. When the cluster is started and running, disable the Kubernetes Web UI because it is controlled by a highly privileged account. Disable legacy authorization, which is an Attribute-Based Access Control (ABAC, Attribute-Based Access Control ). In Kub