济宁市网站建设_网站建设公司_VPS_seo优化

首页 / 建站日记 / 济宁市网站建设_网站建设公司_VPS_seo优化
济宁市网站建设_网站建设公司_VPS_seo优化
2025/12/27 0:47:25 网站建设 项目流程

二进制文件方式部署k8s(3)

Containerd安装

Containerd被大量用于k8s作为其容器运行时,它是一个行业标准的容器运行时,也是一个轻量级、高性能的守护进程,负责管理容器的完整生命周期

下载

在master1节点执行

cd/tmp

CNI网络插件

wgethttps://github.com/containernetworking/plugins/releases/download/v1.1.1/cni-plugins-linux-amd64-v1.1.1.tgz

k8s容器运行时包(containerd+cri插件+cni配置)

wgethttps://github.com/containerd/containerd/releases/download/v1.6.8/cri-containerd-cni-1.6.8-linux-amd64.tar.gz

cri调试工具

wgethttps://github.com/kubernetes-sigs/cri-tools/releases/download/v1.24.2/crictl-v1.24.2-linux-amd64.tar.gz

复制到其他节点

在master1执行

cd/tmpNODES='master2 master3 worker1 worker2';\forNODEin$NODES;\do\forFILEincni-plugins-linux-amd64-v1.1.1.tgz cri-containerd-cni-1.6.8-linux-amd64.tar.gz crictl-v1.24.2-linux-amd64.tar.gz;\do\scp${FILE}$NODE:/tmp/;\done\done

创建cni插件目录

所有节点执行

mkdir-p /etc/cni/net.d /opt/cni/bin

解压cni二进制包

所有节点执行

tarxf cni-plugins-linux-amd64-v*.tgz -C /opt/cni/bin/

解压Containerd

所有节点执行

tar-xzf cri-containerd-cni-*-linux-amd64.tar.gz -C /

创建服务启动文件

在所有节点运行

cat>/etc/systemd/system/containerd.service<<EOF [Unit] Description=containerd container runtime Documentation=https://containerd.io After=network.target local-fs.target [Service] ExecStartPre=-/sbin/modprobe overlay ExecStart=/usr/local/bin/containerd Type=notify Delegate=yes KillMode=process Restart=always RestartSec=5 LimitNPROC=infinity LimitCORE=infinity LimitNOFILE=infinity TasksMax=infinity OOMScoreAdjust=-999 [Install] WantedBy=multi-user.target EOF

配置Containerd所需的模块

所有节点执行

cat<<EOF|sudotee/etc/modules-load.d/containerd.confoverlay br_netfilter EOF

加载模块

systemctl restart systemd-modules-load.service

配置Containerd的配置文件

所有节点执行

mkdir -p /etc/containerd vim /etc/containerd/config.toml disabled_plugins = [] imports = [] oom_score = 0 plugin_dir = "" required_plugins = [] root = "/var/lib/containerd" state = "/run/containerd" temp = "" version = 2 [cgroup] path = "" [debug] address = "" format = "" gid = 0 level = "" uid = 0 [grpc] address = "/run/containerd/containerd.sock" gid = 0 max_recv_message_size = 16777216 max_send_message_size = 16777216 tcp_address = "" tcp_tls_ca = "" tcp_tls_cert = "" tcp_tls_key = "" uid = 0 [metrics] address = "" grpc_histogram = false [plugins] [plugins."io.containerd.gc.v1.scheduler"] deletion_threshold = 0 mutation_threshold = 100 pause_threshold = 0.02 schedule_delay = "0s" startup_delay = "100ms" [plugins."io.containerd.grpc.v1.cri"] device_ownership_from_security_context = false disable_apparmor = false disable_cgroup = false disable_hugetlb_controller = true disable_proc_mount = false disable_tcp_service = true enable_selinux = false enable_tls_streaming = false enable_unprivileged_icmp = false enable_unprivileged_ports = false ignore_image_defined_volumes = false max_concurrent_downloads = 3 max_container_log_line_size = 16384 netns_mounts_under_state_dir = false restrict_oom_score_adj = false sandbox_image = "registry.cn-hangzhou.aliyuncs.com/chenby/pause:3.6" selinux_category_range = 1024 stats_collect_period = 10 stream_idle_timeout = "4h0m0s" stream_server_address = "127.0.0.1" stream_server_port = "0" systemd_cgroup = false tolerate_missing_hugetlb_controller = true unset_seccomp_profile = "" [plugins."io.containerd.grpc.v1.cri".cni] bin_dir = "/opt/cni/bin" conf_dir = "/etc/cni/net.d" conf_template = "" ip_pref = "" max_conf_num = 1 [plugins."io.containerd.grpc.v1.cri".containerd] default_runtime_name = "runc" disable_snapshot_annotations = true discard_unpacked_layers = false ignore_rdt_not_enabled_errors = false no_pivot = false snapshotter = "overlayfs" [plugins."io.containerd.grpc.v1.cri".containerd.default_runtime] base_runtime_spec = "" cni_conf_dir = "" cni_max_conf_num = 0 container_annotations = [] pod_annotations = [] privileged_without_host_devices = false runtime_engine = "" runtime_path = "" runtime_root = "" runtime_type = "" [plugins."io.containerd.grpc.v1.cri".containerd.default_runtime.options] [plugins."io.containerd.grpc.v1.cri".containerd.runtimes] [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] base_runtime_spec = "" cni_conf_dir = "" cni_max_conf_num = 0 container_annotations = [] pod_annotations = [] privileged_without_host_devices = false runtime_engine = "" runtime_path = "" runtime_root = "" runtime_type = "io.containerd.runc.v2" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] BinaryName = "" CriuImagePath = "" CriuPath = "" CriuWorkPath = "" IoGid = 0 IoUid = 0 NoNewKeyring = false NoPivotRoot = false Root = "" ShimCgroup = "" SystemdCgroup = true [plugins."io.containerd.grpc.v1.cri".containerd.untrusted_workload_runtime] base_runtime_spec = "" cni_conf_dir = "" cni_max_conf_num = 0 container_annotations = [] pod_annotations = [] privileged_without_host_devices = false runtime_engine = "" runtime_path = "" runtime_root = "" runtime_type = "" [plugins."io.containerd.grpc.v1.cri".containerd.untrusted_workload_runtime.options] [plugins."io.containerd.grpc.v1.cri".image_decryption] key_model = "node" [plugins."io.containerd.grpc.v1.cri".registry] #config_path = "/etc/containerd/certs.d" [plugins."io.containerd.grpc.v1.cri".registry.mirrors] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"] endpoint = ["https://docker.1panel.live", "https://docker.1ms.run", "https://dytt.online", "https://lispy.org", "https://docker-0.unsee.tech", "https://docker.xiaogenban1993.com", "https://666860.xyz", "https://hub.rat.dev", "https://docker.m.daocloud.io", "https://demo.52013120.xyz", "https://proxy.vvvv.ee", "https://registry.cyou", "https://6fed7b92f67d4cdab42aed21d8981b2b.mirror.swr.myhuaweicloud.com" ] #harbor地址需要改成自己的,如果不需要harbor仓库可以将对应条目删除 [plugins."io.containerd.grpc.v1.cri".registry.mirrors."192.168.153.159:9999"] endpoint = ["http://192.168.153.159:9999"] [plugins."io.containerd.grpc.v1.cri".registry.auths] [plugins."io.containerd.grpc.v1.cri".registry.configs] [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.153.159:9999".tls] insecure_skip_verify = true [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.153.159:9999".auth] username = "admin" password = "admin123" [plugins."io.containerd.grpc.v1.cri".registry.headers] [plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming] tls_cert_file = "" tls_key_file = "" [plugins."io.containerd.internal.v1.opt"] path = "/opt/containerd" [plugins."io.containerd.internal.v1.restart"] interval = "10s" [plugins."io.containerd.internal.v1.tracing"] sampling_ratio = 1.0 service_name = "containerd" [plugins."io.containerd.metadata.v1.bolt"] content_sharing_policy = "shared" [plugins."io.containerd.monitor.v1.cgroups"] no_prometheus = false [plugins."io.containerd.runtime.v1.linux"] no_shim = false runtime = "runc" runtime_root = "" shim = "containerd-shim" shim_debug = false [plugins."io.containerd.runtime.v2.task"] platforms = ["linux/amd64"] sched_core = false [plugins."io.containerd.service.v1.diff-service"] default = ["walking"] [plugins."io.containerd.service.v1.tasks-service"] rdt_config_file = "" [plugins."io.containerd.snapshotter.v1.aufs"] root_path = "" [plugins."io.containerd.snapshotter.v1.btrfs"] root_path = "" [plugins."io.containerd.snapshotter.v1.devmapper"] async_remove = false base_image_size = "" discard_blocks = false fs_options = "" fs_type = "" pool_name = "" root_path = "" [plugins."io.containerd.snapshotter.v1.native"] root_path = "" [plugins."io.containerd.snapshotter.v1.overlayfs"] root_path = "" upperdir_label = false [plugins."io.containerd.snapshotter.v1.zfs"] root_path = "" [plugins."io.containerd.tracing.processor.v1.otlp"] endpoint = "" insecure = false protocol = "" [proxy_plugins] [stream_processors] [stream_processors."io.containerd.ocicrypt.decoder.v1.tar"] accepts = ["application/vnd.oci.image.layer.v1.tar+encrypted"] args = ["--decryption-keys-path", "/etc/containerd/ocicrypt/keys"] env = ["OCICRYPT_KEYPROVIDER_CONFIG=/etc/containerd/ocicrypt/ocicrypt_keyprovider.conf"] path = "ctd-decoder" returns = "application/vnd.oci.image.layer.v1.tar" [stream_processors."io.containerd.ocicrypt.decoder.v1.tar.gzip"] accepts = ["application/vnd.oci.image.layer.v1.tar+gzip+encrypted"] args = ["--decryption-keys-path", "/etc/containerd/ocicrypt/keys"] env = ["OCICRYPT_KEYPROVIDER_CONFIG=/etc/containerd/ocicrypt/ocicrypt_keyprovider.conf"] path = "ctd-decoder" returns = "application/vnd.oci.image.layer.v1.tar+gzip" [timeouts] "io.containerd.timeout.bolt.open" = "0s" "io.containerd.timeout.shim.cleanup" = "5s" "io.containerd.timeout.shim.load" = "5s" "io.containerd.timeout.shim.shutdown" = "3s" "io.containerd.timeout.task.state" = "2s" [ttrpc] address = "" gid = 0 uid = 0

启动服务并设置开机启动

所有节点执行

systemctl daemon-reload systemctlenable--now containerd systemctl restart containerd

配置crictl客户端连接的运行时位置

所有节点执行

解压crictl

tarxf crictl-v*-linux-amd64.tar.gz -C /usr/bin/

生成配置文件

cat>/etc/crictl.yaml<<EOF runtime-endpoint: unix:///run/containerd/containerd.sock image-endpoint: unix:///run/containerd/containerd.sock timeout: 10 debug: false EOF

测试

systemctl restart containerd
crictl info systemctl status containerd

应该会出现crictl配置信息以及containerd服务正常运行的信息

标签: 网站建设 企业官网 项目流程 UI设计 前端开发

热门文章

文章分类

标签云

网站建设 响应式设计 用户体验 SEO优化 前端开发 小程序 电商平台 性能优化

相关文章

您可能感兴趣的其他内容

5分钟快速掌握Poppler:Windows平台终极PDF处理工具箱
2025/12/27 0:47:25 网站建设

5分钟快速掌握Poppler:Windows平台终极PDF处理工具箱

5分钟快速掌握Poppler&#xff1a;Windows平台终极PDF处理工具箱 【免费下载链接】poppler-windows Download Poppler binaries packaged for Windows with dependencies 项目地址: https://gitcode.com/gh_mirrors/po/poppler-windows 还在为PDF文档处理烦恼吗&#xf…...

阅读更多 →
Tableau性能监控:大数据分析平台的运维指南
2025/12/27 0:46:51 网站建设

Tableau性能监控:大数据分析平台的运维指南

Tableau性能监控&#xff1a;大数据分析平台的运维指南 关键词&#xff1a;Tableau性能监控、大数据分析、运维优化、查询延迟、服务器负载、缓存命中率、可视化渲染 摘要&#xff1a;本文以企业级大数据分析平台的Tableau运维需求为背景&#xff0c;从“为什么需要监控”到“如…...

阅读更多 →
Windows平台Poppler工具库:轻松实现PDF处理的终极解决方案
2025/12/27 0:46:51 网站建设

Windows平台Poppler工具库:轻松实现PDF处理的终极解决方案

Windows平台Poppler工具库&#xff1a;轻松实现PDF处理的终极解决方案 【免费下载链接】poppler-windows Download Poppler binaries packaged for Windows with dependencies 项目地址: https://gitcode.com/gh_mirrors/po/poppler-windows Poppler for Windows是一款专…...

阅读更多 →

需要专业的网站建设服务?

联系我们获取免费的网站建设咨询和方案报价,让我们帮助您实现业务目标

立即咨询