KUBERNETES04_下载策略、私有仓库下载、env、command、生命周期容器钩子、资源限制(一)

①. 下载策略imagePullPolicy


  • ①. Always:总是去下载:(默认)
    先看网上有没有,有了就下载,(本机也有,docker就相当于不用下载了)


  • ②. Never:总不去下载,一定保证当前Pod所在的机器有这个镜像;直接看本机


  • ③. IfNotPresent:如果本机没有就去下载;先看本机,再看远程


[root@k8s-master k8syaml]# kubectl explain pod.spec.containers.imagePullPolicy
KIND:     Pod
VERSION:  v1

FIELD:    imagePullPolicy <string>

DESCRIPTION:
     Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always
     if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated.
     More info:
     https://kubernetes.io/docs/concepts/containers/images#updating-images


kind: Pod
apiVersion: v1
metadata:
  name: my-nginx-labels
  namespace: hello # 在hello命名空间下创建pod
  labels:
     name: tangzhi
spec:  # 指定规格信息
  containers:  # 指定要启动一个什么样的容器
  - image: nginx   #指定镜像
    name: my-nginx  #容器的名字
    imagePullPolicy: Always


②. 私有仓库下载


  • ①. 在Pod上指定ImagePullSecrets


[root@k8s-master k8syaml]# kubectl explain pod.spec.imagePullSecrets
KIND:     Pod
VERSION:  v1

RESOURCE: imagePullSecrets <[]Object>

DESCRIPTION:
     ImagePullSecrets is an optional list of references to secrets in the same
     namespace to use for pulling any of the images used by this PodSpec. If
     specified, these secrets will be passed to individual puller
     implementations for them to use. For example, in the case of docker, only
     DockerConfig type secrets are honored. More info:
     https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

     LocalObjectReference contains enough information to let you locate the
     referenced object inside the same namespace.

FIELDS:
   name <string>
     Name of the referent. More info:
     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names


②. 创建一个secret


kubectl create secret docker-registry my-aliyun -n hello \
  --docker-server=registry.cn-hangzhou.aliyuncs.com \  #私人仓库的地址、ip也可以填写
  --docker-username=forsumlove \ # 账号
  --docker-password=lfy11223344 # 密码


③. 具体的yaml文件如下③. 具体的yaml文件如下


apiVersion: v1
kind: Pod
metadata:
  name: my-container-test1
  namespace: hello
  labels:
     name: "tangzhi"
     age: 25
spec:
  imagePullSecrets:
    - name: my-aliyun
  containers:
    - image: registry.cn-hangzhou.aliyuncs.com/lfy/java-devops-demo:v1.0
      name: my-container-01
      imagePullPolicy: Always
    - image: nginx
      name: my-mynginx-01


上一篇:云原生生态周报 Vol. 13 | Forrester 发布企业级容器平台报告


下一篇:利用资源编排创建100台ECS实例并指定自动释放时间