Kubernetes 如何更改Mac(docker desktop)上的默认节点端口范围?
如何更改Mac(docker desktop)上的默认节点端口范围 我想更改Mac上的默认节点端口范围。可能吗?我很高兴找到这篇文章:Kubernetes 如何更改Mac(docker desktop)上的默认节点端口范围?,kubernetes,Kubernetes,如何更改Mac(docker desktop)上的默认节点端口范围 我想更改Mac上的默认节点端口范围。可能吗?我很高兴找到这篇文章:http://www.thinkcode.se/blog/2019/02/20/kubernetes-service-node-port-range。由于在我的环境中找不到/etc/kubernetes/manifests/kube apiserver.yaml,我试图通过运行sudo kubectl edit pod kube apiserver docker
http://www.thinkcode.se/blog/2019/02/20/kubernetes-service-node-port-range
。由于在我的环境中找不到/etc/kubernetes/manifests/kube apiserver.yaml
,我试图通过运行sudo kubectl edit pod kube apiserver docker desktop--namespace=kube system
并添加参数--服务节点端口范围=443-22000
来实现我想要做的事情。但当我试图保存它时,出现了以下错误:
# pods "kube-apiserver-docker-desktop" was not valid:
# * spec: Forbidden: pod updates may not change fields other than `spec.containers[*].image`, `spec.initContainers[*].image`, `spec.activeDeadlineSeconds` or `spec.tolerations` (only additions to existing tolerations)
(即使我不接触端口443,我也会收到相同的错误。)有人可以分享他/她的想法或经验吗?谢谢
附加:
skwok-mbp:kubernetes skwok$ kubectl get deployment -A
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
docker compose 1/1 1 1 15d
docker compose-api 1/1 1 1 15d
ingress-nginx nginx-ingress-controller 1/1 1 1 37m
kube-system coredns 2/2 2 2 15d
skwok-mbp:kubernetes skwok$ kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
default fortune-configmap-volume 2/2 Running 4 14d
default kubia-2qzmm 1/1 Running 2 15d
docker compose-6c67d745f6-qqmpb 1/1 Running 2 15d
docker compose-api-57ff65b8c7-g8884 1/1 Running 4 15d
ingress-nginx nginx-ingress-controller-756f65dd87-sq6lt 1/1 Running 0 37m
kube-system coredns-fb8b8dccf-jn8cm 1/1 Running 6 15d
kube-system coredns-fb8b8dccf-t6qhs 1/1 Running 6 15d
kube-system etcd-docker-desktop 1/1 Running 2 15d
kube-system kube-apiserver-docker-desktop 1/1 Running 2 15d
kube-system kube-controller-manager-docker-desktop 1/1 Running 29 15d
kube-system kube-proxy-6nzqx 1/1 Running 2 15d
kube-system kube-scheduler-docker-desktop 1/1 Running 30 15d
更新:文档中的显示了在Minikube启动期间调整apiserver参数的方法:
minikube start --extra-config=apiserver.service-node-port-range=1-65535
--额外配置:一组描述可能传递给不同组件的配置的键=值
对。键应以“.”分隔,点前的第一部分是应用配置的组件。有效组件包括:kubelet
,apiserver
,控制器管理器
,etcd
,代理
,调度程序
可以在中找到可用选项的列表
更改Mac桌面Docker的
kube apiserver
参数的另一种方法:
$ screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty
#(you can also use privileged container for the same purpose)
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
#or
docker run --rm -it --privileged --pid=host walkerlee/nsenter -t 1 -m -u -i -n sh
# as suggested here: https://forums.docker.com/t/is-it-possible-to-ssh-to-the-xhyve-machine/17426/5
# in case of minikube use the following command:
$ minikube ssh
spec:
containers:
- command:
- kube-apiserver
- --advertise-address=192.168.65.3
...
- --service-node-port-range=443-22000 # <-- add this line
...
创建简单部署并使用服务公开它:
$ kubectl run nginx1 --image=nginx --replicas=2
$ kubectl expose deployment nginx1 --port 80 --type=NodePort
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 14d
nginx1 NodePort 10.99.173.234 <none> 80:14966/TCP 5s
这只是为了使用端口443吗?使用443上的
类型:loadBalancer
设置服务。Docker for Mac将为您设置。非常感谢您的这篇精彩文章,VAS。这是超级有用和专业!我在这里试过,但没用。apiserver重新启动后,任何带有NodePort的服务都会立即停止工作,拒绝连接:/n请发布一个单独的问题,描述产品版本,结束您所做的确切更改,以便进行调查。
$ kubectl get pod kube-apiserver-docker-desktop -o yaml -n kube-system | less
$ kubectl run nginx1 --image=nginx --replicas=2
$ kubectl expose deployment nginx1 --port 80 --type=NodePort
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 14d
nginx1 NodePort 10.99.173.234 <none> 80:14966/TCP 5s
...
ports:
- containerPort: 80
hostPort: 80
protocol: TCP
- containerPort: 443
hostPort: 443
protocol: TCP
...
securityContext:
capabilities:
add:
- NET_BIND_SERVICE
drop:
- ALL