我正在努力让Kubernetes与我的私有hub.docker.com注册表映像一起使用。
我正在使用kubectl版本: Client Version: version.Info{Major:"1", Minor:"1+", GitVersion:"v1.1.0-alpha.0.1588+e44c8e6661c931", GitCommit:"e44c8e6661c931f7fd434911b0d3bca140e1df3a", GitTreeState:"clean"} Server Version: version.Info{Major:"1", Minor:"1", GitVersion:"v1.1.3", GitCommit:"6a81b50c7e97bbe0ade075de55ab4fa34f049dc2", GitTreeState:"clean"}
Client Version: version.Info{Major:"1", Minor:"1+", GitVersion:"v1.1.0-alpha.0.1588+e44c8e6661c931", GitCommit:"e44c8e6661c931f7fd434911b0d3bca140e1df3a", GitTreeState:"clean"} Server Version: version.Info{Major:"1", Minor:"1", GitVersion:"v1.1.3", GitCommit:"6a81b50c7e97bbe0ade075de55ab4fa34f049dc2", GitTreeState:"clean"}
和1.7.4Mac OS X上的VagrantYosemite 10.10.5
1.7.4
Yosemite 10.10.5
我按照此处给出的说明进行操作:https : //github.com/kubernetes/kubernetes/blob/release-1.1/docs/user- guide/images.md#pre-pulling- images
简而言之,它说您应该登录到注册表,然后对结果的内容进行base64编码.docker/config.json,并在yaml文档中使用它,如下所示:
.docker/config.json
apiVersion: v1 kind: Secret metadata: name: myregistrykey data: .dockercfg: eyAiYXV0aHMiOiB7ICJodHRwczovL2luZGV4LmRvY2tlci5pby92MS8iOiB7ICJhdXRoIjogImFXNTBjbWx1YzJsak9tSTJVVTR5Z...h1YkBpbnRyaW5zaWMud29ybGQiIH0gfSB9Cg== type: kubernetes.io/dockercfg
然后将其送入kubectl。然后myregistrykey,我在pod定义中使用了生成的键(此处称为):
myregistrykey
apiVersion: v1 kind: Pod metadata: name: authorities-backend spec: containers: - name: authorities-backend image: intrinsic/authorities-backend:latest imagePullSecrets: - name: myregistrykey
然后kubectl create把它
kubectl create
但是,kubectl始终无法检索图像:
[root@kubernetes-master intrinsic]# kubectl get pods NAME READY STATUS RESTARTS AGE authorities-backend 0/1 PullImageError 0 7m
码头工人拉上Kubernetes大师工作了。
我想念什么?
在上面的pod定义中,我省略了指定注册表主机的名称,即docker.io。 对其进行修复,它变成: image: docker.io/intrinsic/authorities-backend:latest 但是,问题仍然存在。做的事kubectl get events -w让我6s 0s 2 authorities-backend Pod spec.containers{authorities- backend} Failed {kubelet 10.245.1.3} Failed to pull image "docker.io/intrinsic/authorities-backend": image pull failed for docker.io/intrinsic/authorities-backend, this may be because there are no credentials on this request. details: (Error: image intrinsic/authorities- backend:latest not found) 知道: 我知道这个秘密已经正确注册,因为我在下面找到它kubectl get secrets: NAME TYPE DATA AGE default-token-a7s5n kubernetes.io/service-account-token 2 51m myregistrykey kubernetes.io/dockercfg 1 50m
image: docker.io/intrinsic/authorities-backend:latest
kubectl get events -w
6s 0s 2 authorities-backend Pod spec.containers{authorities- backend} Failed {kubelet 10.245.1.3} Failed to pull image "docker.io/intrinsic/authorities-backend": image pull failed for docker.io/intrinsic/authorities-backend, this may be because there are no credentials on this request. details: (Error: image intrinsic/authorities- backend:latest not found)
kubectl get secrets
NAME TYPE DATA AGE default-token-a7s5n kubernetes.io/service-account-token 2 51m myregistrykey kubernetes.io/dockercfg 1 50m
还是很困惑…
候选者
该文档已过时,因为它指向.dockercfg而不是.docker/config.json。我会更新。
.dockercfg
使用新.docker/config.json格式时,您需要设置type: kubernetes.io/dockerconfigjson而不是type: kubernetes.io/.dockercfg。
type: kubernetes.io/dockerconfigjson
type: kubernetes.io/.dockercfg
对type: kubernetes.io/dockerconfigjsonv1.1.0的支持已添加,因此服务器支持,但客户端不支持(v1.1.0-alpha早于v1.1.0)。
使用时type: kubernetes.io/dockerconfigjson,它应该验证您的机密内容。
使用type: kubernetes.io/dockerconfigjson,您确实希望保留auths包装。
auths
