Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/docker/9.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
使用docker compose为Rancher 2.x的cert manager创建发卡机构_Docker_Kubernetes_Lets Encrypt_Rancher_Kubernetes Helm - Fatal编程技术网
Fatal编程技术网
  • docker/
  • 使用docker compose为Rancher 2.x的cert manager创建发卡机构

使用docker compose为Rancher 2.x的cert manager创建发卡机构

docker kubernetes

使用docker compose为Rancher 2.x的cert manager创建发卡机构,docker,kubernetes,lets-encrypt,rancher,kubernetes-helm,Docker,Kubernetes,Lets Encrypt,Rancher,Kubernetes Helm,我正在测试Rancher 2作为Kubernetes接口。Rancher 2与docker compose一起发布,使用图像Rancher/Rancher:latest 集群、节点和吊舱的一切都正常。然后我尝试用证书保护一些负载平衡器。若要执行此操作,我将从目录/头盔安装cert manager 我试着按照这个视频教程()来学习,它解释了如何创建颁发者和证书,以及如何将其链接到负载平衡器 我为发行人创建一个文件: apiVersion: certmanager.k8s.io/v1alpha1

我正在测试Rancher 2作为Kubernetes接口。Rancher 2与docker compose一起发布,使用图像Rancher/Rancher:latest

集群、节点和吊舱的一切都正常。然后我尝试用证书保护一些负载平衡器。若要执行此操作,我将从目录/头盔安装cert manager

我试着按照这个视频教程()来学习,它解释了如何创建颁发者和证书,以及如何将其链接到负载平衡器

我为发行人创建一个文件:

apiVersion: certmanager.k8s.io/v1alpha1
kind: ClusterIssuer
metadata:
  name: letsencrypt
spec:
  acme:
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    email: root@example.com
    privateKeySecretRef:
      name: letsencrypt-private-key
    http01: {}

kubectl create -f etc/cert-manager/cluster-issuer.yaml
error: unable to recognize "etc/cert-manager/cluster-issuer.yaml": no matches for certmanager.k8s.io/, Kind=ClusterIssuer
现在是创建发行人的时候了

sudo docker-compose exec rancher bash
我已连接到Rancher容器<已安装code>kubectl和
helm

我尝试创建发行人:

apiVersion: certmanager.k8s.io/v1alpha1
kind: ClusterIssuer
metadata:
  name: letsencrypt
spec:
  acme:
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    email: root@example.com
    privateKeySecretRef:
      name: letsencrypt-private-key
    http01: {}

kubectl create -f etc/cert-manager/cluster-issuer.yaml
error: unable to recognize "etc/cert-manager/cluster-issuer.yaml": no matches for certmanager.k8s.io/, Kind=ClusterIssuer
其他信息:

当我执行
舵手列表时

Error: could not find a ready tiller pod
我拿豆荚去找蒂勒:

kubectl get pods
NAME                             READY     STATUS    RESTARTS   AGE
tiller-deploy-6ffc49c5df-zbjg8   0/1       Pending   0          39m
我描述这个豆荚:

kubectl describe pod tiller-deploy-6ffc49c5df-zbjg8
Name:           tiller-deploy-6ffc49c5df-zbjg8
Namespace:      default
Node:           <none>
Labels:         app=helm
                name=tiller
                pod-template-hash=2997057189
Annotations:    kubernetes.io/created-by={"kind":"SerializedReference","apiVersion":"v1","reference":{"kind":"ReplicaSet","namespace":"default","name":"tiller-deploy-6ffc49c5df","uid":"46f74523-7f8f-11e8-9d04-0242ac1...
Status:         Pending
IP:
Created By:     ReplicaSet/tiller-deploy-6ffc49c5df
Controlled By:  ReplicaSet/tiller-deploy-6ffc49c5df
Containers:
  tiller:
    Image:      gcr.io/kubernetes-helm/tiller:v2.8.0-rancher3
    Ports:      44134/TCP, 44135/TCP
    Liveness:   http-get http://:44135/liveness delay=1s timeout=1s period=10s #success=1 #failure=3
    Readiness:  http-get http://:44135/readiness delay=1s timeout=1s period=10s #success=1 #failure=3
    Environment:
      TILLER_NAMESPACE:    default
      TILLER_HISTORY_MAX:  0
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from tiller-token-hbfgz (ro)
Conditions:
  Type           Status
  PodScheduled   False
Volumes:
  tiller-token-hbfgz:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  tiller-token-hbfgz
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.alpha.kubernetes.io/notReady:NoExecute for 300s
                 node.alpha.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type     Reason            Age                 From               Message
  ----     ------            ----                ----               -------
  Warning  FailedScheduling  4m (x125 over 39m)  default-scheduler  no nodes available to schedule pods

kubectl描述pod tiller-deploy-6ffc49c5df-zbjg8
名称:tiller-deploy-6ffc49c5df-zbjg8
名称空间:默认值
节点:
标签:app=helm
名称=舵柄
pod模板哈希=2997057189
注释:kubernetes.io/创建人={“种类”:“序列化引用”,“apiVersion”:“v1”,“引用”:{“种类”:“复制集”,“命名空间”:“默认”,“名称”:“tiller-deploy-6ffc49c5df”,“uid”:“46f74523-7f8f-11e8-9d04-0242ac1…”。。。
状态:待定
知识产权:
创建人:ReplicaSet/tiller-deploy-6ffc49c5df
控制人:ReplicaSet/tiller-deploy-6ffc49c5df
容器:
舵柄:
图片:gcr.io/kubernetes-helm/tiller:v2.8.0-rancher3
端口:44134/TCP、44135/TCP
活跃度:http get http://:44135/活跃度延迟=1s超时=1s周期=10s#成功=1#失败=3
准备就绪:http get http://:44135/准备就绪延迟=1s超时=1s周期=10s 35;成功=1#失败=3
环境:
TILLER_名称空间:默认值
舵柄历史最大值:0
挂载:
/var/run/secrets/kubernetes.io/serviceaccount来自tiller token hbfgz(ro)
条件:
类型状态
播客计划错误
卷数:
舵柄标记hbfgz:
类型:Secret(由Secret填充的卷)
SecretName:tiller token hbfgz
可选:false
QoS等级:最佳努力
节点选择器:
容差:node.alpha.kubernetes.io/notReady:NoExecute持续300秒
node.alpha.kubernetes.io/不可访问:不执行300秒
活动:
从消息中键入原因年龄
----     ------            ----                ----               -------
警告失败调度4m(x125大于39m)默认调度程序没有可用于调度POD的节点
这个问题有点特殊:rancher/kubernetes/docker compose……如果有人有一些想法,欢迎您;)

提前感谢!

我刚找到一条信息来解除这种情况

多亏了

第一步是加载集群的配置。我正在处理默认集群。所以

  • 我在docker容器中执行bash
  • 我加载配置文件
    /root/.kube/config
  • 更新配置
  • 继续…发卡机构已正确创建
    • 如果它能帮助某人;)

    你可以在网上找到答案。