无法从私有注册表中提取 kubernetes 中的镜像

tag-icon tag-icon docker kubernetes
无法从私有注册表中提取 kubernetes 中的镜像

我已经在 docker 中设置了一个可通过域“makdom.ddns.net”访问的私有注册表,我可以在本地登录推送和拉取图像,即使从从属 kubes 节点也没有问题我可以做这件事,

但是当我编写 kubes 部署文件时,它无法从私有注册表中提取映像并失败。

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: ssh-deployment
spec:
  template:
    metadata:
      labels:
        app: helloworld
    spec:
      containers:
      - name: ssh-demo
        image: makdom.ddns.net/my-ubuntu
        imagePullPolicy: IfNotPresent
        ports:
        - name: nodejs-port
          containerPort: 22
      imagePullSecrets:
      - name: myregistrykey

秘密:

DOCKER_REGISTRY_SERVER="https://makdom.ddns.net/v1/"
DOCKER_USER="user"
DOCKER_PASSWORD="password"
DOCKER_EMAIL="[email protected]" 

kubectl create secret docker-registry myregistrykey \
  --docker-server=$DOCKER_REGISTRY_SERVER \
  --docker-username=$DOCKER_USER \
  --docker-password=$DOCKER_PASSWORD \
  --docker-email=$DOCKER_EMAIL

错误:

Events:
  Type     Reason                 Age               From                  Message
  ----     ------                 ----              ----                  -------
  Normal   Scheduled              1m                default-scheduler     Successfully assigned ssh-deployment-7b7c7bf977-m6stk to kubes-slave
  Normal   SuccessfulMountVolume  1m                kubelet, kubes-slave  MountVolume.SetUp succeeded for volume "default-token-mx7qq"
  Normal   Pulled                 1m (x3 over 1m)   kubelet, kubes-slave  Container image "makdom.ddns.net/my-ubuntu" already present on machine
  Normal   Created                1m (x3 over 1m)   kubelet, kubes-slave  Created container
  Normal   Started                1m (x3 over 1m)   kubelet, kubes-slave  Started container
  Normal   Pulling                34s (x2 over 1m)  kubelet, kubes-slave  pulling image "makdom.ddns.net/my-ubuntu"
  Warning  Failed                 34s (x2 over 1m)  kubelet, kubes-slave  Failed to pull image "makdom.ddns.net/my-ubuntu": rpc error: code = Unknown desc = Error: image my-ubuntu:latest not found
  Warning  Failed                 34s (x2 over 1m)  kubelet, kubes-slave  Error: ErrImagePull
  Warning  BackOff                19s (x6 over 1m)  kubelet, kubes-slave  Back-off restarting failed container

答案1

已知问题https://github.com/kubernetes/kubernetes/issues/57427,在 master 中解决https://github.com/kubernetes/kubernetes/pull/57463

针对 1.9.1 的修复https://github.com/kubernetes/kubernetes/pull/57472

在此之前的解决方法:

如果您已有私有注册表的 .dockerconfigjson,则可以手动指定类型和数据密钥:

kubectl create secret generic my-secret-name \
  --type=kubernetes.io/dockerconfigjson \
  --from-file .dockerconfigjson=/path/to/.dockerconfigjson

如果您还没有 .dockerconfigjson 文件,您可以kubectl create secret docker-registry手动修复生成的密钥:

  1. 添加--dry-run -o yaml > secret.yaml
  2. 将类型从 更改kubernetes.io/dockercfgkubernetes.io/dockercfgjson
  3. 将数据键从 更改.dockercfg.dockercfgjson
  4. 创建修改后的秘密kubectl create -f secret.yaml

相关内容