从本地 docker 不安全的 Docker 注册表中拉取镜像到 Kubernetes
[英]Pulling image from local docker insecured Docker registry to Kubernetes
问题描述
Cannot pull image from local docker insecured registry repository inside Minikube.
无法从 Minikube 内的本地 docker 不安全注册表存储库中提取图像。
I'm running Docker-toolbox v1.12.2 using Linux VM (Upstart) installed on Oracle VirtualBox 5.1.6 under Windows 7.我正在使用安装在 Windows 7 下的 Oracle VirtualBox 5.1.6 上的 Linux VM (Upstart) 运行 Docker-toolbox v1.12.2。
I've created a docker image and push (tag and then push) it into a local insecured docker-registry v2 that running on 192.168.99.100:5000/image/name.我已经创建了一个 docker 镜像并将它推送(标记然后推送)到一个本地不安全的 docker-registry v2 中,该 docker-registry v2 在 192.168.99.100:5000/image/name 上运行。
docker run -d -p 5000:5000 --restart=always --name registry registry:2
and inside the VM, on /var/lib/boot2docker/profile I've add to the EXTRA_ARGS the flag在虚拟机内部,在 /var/lib/boot2docker/profile 上,我已将标志添加到 EXTRA_ARGS
--insecure-registry 192.168.99.100:5000 . --insecure-registry 192.168.99.100:5000 。
docker push & docker pull from localhost:5000/image/name are working fine within Docker(VM).来自localhost:5000/image/name docker push和docker pull在 Docker(VM)中工作正常。
_catalog is reachable from Postman : GET http:192.168.99.100:5000/v2/_catalog and I'm able to get the images inside the registry. _catalog 可以从 Postman 访问: GET http:192.168.99.100:5000/v2/_catalog ,我可以在注册表中获取图像。
I'm starting my Minikube v0.15.0 VM with the command:我正在使用以下命令启动我的 Minikube v0.15.0 VM:
minikube start --insecure-registry=192.168.99.100:5000
I'm under company PROXY so I've added the proxy in the command line (CMD):我在公司代理下,所以我在命令行(CMD)中添加了代理:
set HTTP/HTTPS_PROXY=my.company.proxy:8080 and set NO_PROXY={minikube ip} . set HTTP/HTTPS_PROXY=my.company.proxy:8080并set NO_PROXY={minikube ip} 。
Then Kubernetes dashboard started to work for me.然后 Kubernetes 仪表板开始为我工作。
Now for the real problem, when running the command:现在是真正的问题,在运行命令时:
kubectl run image-name --image=192.168.99.100:5000/image/name --port=9999 to pull image from my local docker registry into Kubernetes its saying kubectl run image-name --image=192.168.99.100:5000/image/name --port=9999将图像从我的本地 docker 注册表中提取到 Kubernetes 中
deployment "image-name" created
But inside Kubernetes > Deployments I'm getting the following error:但在 Kubernetes > Deployments 中,我收到以下错误:
Failed to pull image "192.168.99.109:5000/image/name": image pull failed for 192.168.99.100:5000/image/name:latest, this may be because there are no credentials on this request.
Can anyone help here with that Tunnel or SSL Forbidden error , it's driving me crazy, and I've tried so many solutions to configure --insecrue-registery inside docker, inside Kubernetes or when running the dokcer-registry.任何人都可以帮助解决隧道或 SSL 禁止错误,这让我发疯,我尝试了很多解决方案来配置 --insecrue-registery 在 docker、Kubernetes 内部或在运行 dokcer-registry 时。
BTW why it's refering to v1/_ping?顺便说一句,为什么它指的是 v1/_ping? i'm using the docker registry v2.我正在使用 docker 注册表 v2。
1 个解决方案
解决方案1
1 2017-01-18 03:11:09
Seems like minikube cannot see the same network that your registry is running.似乎 minikube 无法看到您的注册表正在运行的同一网络。 Can you try running minikube ssh then run your curl for the catalog?您可以尝试运行minikube ssh然后为目录运行 curl 吗?
Also, as an alternative, you could run eval(minikube docker-env) which then will set your local docker client to use the docker server inside minikube.此外,作为替代方案,您可以运行eval(minikube docker-env) ,然后将本地 docker 客户端设置为使用 minikube 内的 docker 服务器。
So for example if you built an image tagged with myimage/foo it would build and put that image on the minikube docker host, so when you deployed the image, it wouldn't need to be pulled.因此,例如,如果您构建了一个带有myimage/foo标记的myimage/foo ,它将构建该镜像并将其放置在 minikube docker 主机上,因此当您部署该镜像时,不需要拉取它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.