Amazon web services 作为K8S吊舱部署的一部分启动/停止主机中的服务
我们基于具有公司标准服务和实用程序的定制VM映像运行K8S集群。吊舱/集装箱如何能够访问这些设备?例如,如何在主机中启动服务作为部署/取消部署的一部分,您可以将systemd套接字装入Pod的容器中。在那里,您需要以非特权用户的身份运行命令,或者需要以特权用户的身份运行容器。进行此操作的Pod规范如下所示:Amazon web services 作为K8S吊舱部署的一部分启动/停止主机中的服务,amazon-web-services,amazon-ec2,kubernetes,Amazon Web Services,Amazon Ec2,Kubernetes,我们基于具有公司标准服务和实用程序的定制VM映像运行K8S集群。吊舱/集装箱如何能够访问这些设备?例如,如何在主机中启动服务作为部署/取消部署的一部分,您可以将systemd套接字装入Pod的容器中。在那里,您需要以非特权用户的身份运行命令,或者需要以特权用户的身份运行容器。进行此操作的Pod规范如下所示: kind: Pod metadata: name: dbus-pod labels: app: dbus spec: containers: - name: dbus
kind: Pod
metadata:
name: dbus-pod
labels:
app: dbus
spec:
containers:
- name: dbus-container
image: centos:7
command: ['systemctl','status','sshd']
securityContext:
privileged: true
volumeMounts:
- name: run-dbus
mountPath: /var/run/dbus
- name: run-systemd
mountPath: /run/systemd
- name: bin-systemctl
mountPath: /usr/bin/systemctl
readOnly: true
- name: etc-systemd
mountPath: /etc/systemd/system
readOnly: true
restartPolicy: Never
volumes:
- name: run-dbus
hostPath:
path: /var/run/dbus
- name: run-systemd
hostPath:
path: /run/systemd
- name: bin-systemctl
hostPath:
path: /usr/bin/systemctl
- name: etc-systemd
hostPath:
path: /etc/systemd/system
也有类似的项目通过
/var/run/dbuskind: Pod
metadata:
name: dbus-pod
labels:
app: dbus
spec:
containers:
- name: dbus-container
image: centos:7
command: ['systemctl','status','sshd']
securityContext:
privileged: true
volumeMounts:
- name: run-dbus
mountPath: /var/run/dbus
- name: run-systemd
mountPath: /run/systemd
- name: bin-systemctl
mountPath: /usr/bin/systemctl
readOnly: true
- name: etc-systemd
mountPath: /etc/systemd/system
readOnly: true
restartPolicy: Never
volumes:
- name: run-dbus
hostPath:
path: /var/run/dbus
- name: run-systemd
hostPath:
path: /run/systemd
- name: bin-systemctl
hostPath:
path: /usr/bin/systemctl
- name: etc-systemd
hostPath:
path: /etc/systemd/system
也有类似的项目通过
/var/run/dbussystemctlsystemctl