检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sPSPHostNamespace metadata: name: psp-host-namespace spec: match: kinds:
定义的字段作为环境变量的值 valueFrom: resourceFieldRef: containerName: container1 resource
apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sPSPHostFilesystem metadata: name: psp-host-filesystem spec: match: kinds:
定义的字段作为环境变量的值 valueFrom: resourceFieldRef: containerName: container1 resource
apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sPSPForbiddenSysctls metadata: name: psp-forbidden-sysctls spec: match: kinds:
apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sPSPProcMount metadata: name: psp-proc-mount spec: match: kinds: - apiGroups
apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sPSPFSGroup metadata: name: psp-fsgroup spec: match: kinds: - apiGroups:
apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sPSPCapabilities metadata: name: capabilities-demo spec: match: kinds: -
- name: container-1 image: <your_image_address> # 请替换为您的镜像地址 imagePullPolicy: IfNotPresent env
apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sPSPFlexVolumes metadata: name: psp-flexvolume-drivers spec: match: kinds:
region String 区域 country String 国家 city String 城市 projectID String 项目id projectName String 项目名 zone String 地区 taints Array of Taint objects 污点
Token可通过调用获取用户Token接口获取,调用本服务API需要project级别的Token,即调用获取用户Token接口时,请求body中auth.scope的取值需要选择domain,如下所示。
apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sPSPSELinuxV2 metadata: name: psp-selinux-v2 spec: match: kinds: - apiGroups
具体如表6所示: 表6 log-agent事件说明 事件名称 说明 InitLTSFailed 初始化LTS日志组日志流失败 WatchAKSKFailed 监听AKSK失败 WatchAKSKSuccessful 监听AKSK成功 RequestLTSFailed 请求LTS接口失败
region String 区域 country String 国家 city String 城市 projectID String 项目id projectName String 项目名 zone String 地区 taints Array of Taint objects 污点
15021 protocol: TCP - containerPort: 8080 protocol: TCP - containerPort: 8443
都为默认值25%,那实际升级过程中,maxSurge允许最多3个Pod存在(向上取整,2*1.25=2.5,取整为3),而maxUnavailable则不允许有Pod Unavailable(向上取整,2*0.75=1.5,取整为2),也就是说在升级过程中,一直会有2个Pod处于运行状态
AS编号 CILIUM_BGP_PEER_ASN: 65010 # cilium 负载均衡网段 LOAD_BALANCER_CIDR: # cilium 容器网络模式 CILIUM_NETWORK_MODE: overlay # 时区 TIMEZONE: Asia/Shanghai
apiVersion: constraints.gatekeeper.sh/v1beta1 kind: K8sPSPAllowedUsers metadata: name: psp-pods-allowed-user-ranges spec: match: kinds
Images(38) migration finished, 0 images tasks failed, 0 tasks generate failed 结果查看。
长按/截图保存,微信识别二维码
或者关注公众号“华为云”
