위키
포럼
도구
바뀐글
랜덤

K8s docker dind rootless

개요[ | ]

k8s docker dind rootless
yaml
Copy
apiVersion: apps/v1
kind: Deployment
metadata:
  name: docker
  namespace: docker
spec:
  strategy:
    type: Recreate
  replicas: 1
  selector:
    matchLabels:
      app: docker
  template:
    metadata:
      labels:
        app: docker
    spec:
      terminationGracePeriodSeconds: 0
      initContainers:
      - name: init-chown
        image: busybox
        command: ["sh", "-c", "chown -R 1000:1000 /home/rootless/.local/share/docker"]
        volumeMounts:
        - name: vol-docker
          mountPath: /home/rootless/.local/share/docker
      containers:
      - name: docker
        image: docker:27.1.0-dind-rootless
        env:
        - name: DOCKER_TLS_CERTDIR
          value: ""
        - name: DOCKER_HOST
          value: "127.0.0.1:2375"
        securityContext:
          privileged: true
        resources:
          limits:
            memory: "1Gi"
            cpu: "500m"
          requests:
            memory: "500Mi"
            cpu: "250m"
        volumeMounts:
        - name: vol-docker
          mountPath: /home/rootless/.local/share/docker
      volumes:
      - name: vol-docker
        persistentVolumeClaim:
          claimName: docker
yaml
Copy
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: docker
  namespace: docker
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 40Gi
yaml
Copy
apiVersion: v1
kind: Service
metadata:
  name: docker
  namespace: docker
spec:
  selector:
    app: docker
  ports:
    - port: 2375
원본 주소 "https://zetawiki.com/w/index.php?title=K8s_docker_dind_rootless&oldid=912534"