Docker

Docker #

Docker Compose #

K8S #

Pod # 

apiVersion: v1
kind: Pod
spec:
  nodeSelector:
    disktype: ssd
  hostNetwork: true
  hostIPC: true
  hostPID: true
  hostAliases:
  - ip: "10.1.2.3"
    hostnames:
    - "foo.remote"
    - "bar.remote"
  shareProcessNamespace: true
  containers:
  - name: lifecycle-demo-container
    image: nginx
    lifecycle:
      postStart:
        exec:
          command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
      preStop:
        exec:
          command: ["/usr/sbin/nginx","-s","quit"]

Deployment #

RBAC(基于角色的权限控制) #

Namespaced 对象授权 #

非Namespaced 对象授权 #

对 ServiceAccount 授权 #

Pod 使用 ServiceAccount # 

apiVersion: v1
kind: Pod
metadata:
  namespace: mynamespace
  name: sa-token-test
spec:
  containers:
  - name: nginx
    image: nginx:1.7.9
  serviceAccountName: example-sa

持久化存储 #

本地持久化存储 #

Calendar January 8, 2023