堆栈内存溢出
  简体   繁体   English

Azure Kubernetes服务:即使在CD管道中添加了ImagePullSecret,图像拉出错误(身份验证)

[英]Azure Kubernetes Service: Image Pull Error (Authentication) even though ImagePullSecret was added in CD pipeline

 原文  2019-05-23 01:53:52       azure/ kubernetes/ azure-devops/ azure-aks/ azure-kubernetes

问题描述

In my Azure DevOps I added a Docker Registry Service Connection via the "Other" option (username and password). 在我的Azure DevOps我通过“其他”选项(用户名和密码)添加了Docker Registry Service Connection

This service connection works in my CI Pipeline when push images via docker compose . 通过docker compose推送映像时,此服务连接在我的CI Pipeline

But in my CD Pipeline (Release) pipeline, when I add the Docker Registry Service Connection in the Secrets section of my Deploy to Kubernetes Task . 但是在我的CD Pipeline (发布)管道中,当我在Deploy to Kubernetes Task的Secrets部分中添加Docker Registry Service Connection时。

In Azure DevOps the Deploy to Kubernetes Task was processed successfully. Azure DevOps ,已成功处理了Deploy to Kubernetes Task But in the cluster the pods for the images from my Azure Container Registry show following error: 但是在群集中,来自我的Azure Container Registry的图像的pod出现以下错误:

Failed to pull image "xxx.azurecr.io/service.api:latest": [rpc error: code = Unknown desc = Error response from daemon: Get https://xxx.azurecr.io/v2/service.api/manifests/latest : unauthorized: authentication required, rpc error: code = Unknown desc = Error response from daemon: Get https://xxx.azurecr.io/v2/service.api/manifests/latest : unauthorized: authentication required] 无法提取图像“ xxx.azurecr.io/service.api:latest”:[rpc错误:代码=未知desc =来自守护程序的错误响应:获取https://xxx.azurecr.io/v2/service.api/manifests / latest :未经授权:需要认证,rpc错误:代码=未知desc =来自守护程序的错误响应:获取https://xxx.azurecr.io/v2/service.api/manifests/latest :未经授权:需要认证]

How do I fix this error? 如何解决此错误?

1 个解决方案

解决方案1
 2 已采纳  2019-05-23 05:43:57

you need to configure kubernetes with access to private registry (the fact that you configured Azure Devops to do that doesn't matter, it doesnt 'push' images to kubernetes, it just issues commands). 您需要配置可访问私有注册表的kubernetes(配置Azure Devops这样做并不重要,它不会将映像“推送”到kubernetes,而只是发出命令)。 You can follow this link to do that. 您可以点击此链接进行操作。

In short you need to do this: 简而言之,您需要执行以下操作: 

kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>

and then add ImagePullSecrets to your pod definition: 然后将ImagePullSecrets添加到您的窗格定义中: 

apiVersion: v1
kind: Pod
metadata:
  name: private-reg
spec:
  containers:
  - name: private-reg-container
    image: <your-private-image>
  imagePullSecrets:
  - name: regcred

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何通过 Azure 管道更新具有相同图像标签的 Azure Kubernetes 服务上的部署图像? - How to update deployment image on Azure Kubernetes Service with same image tag via an Azure pipeline? 在kubernetes helm中拉出azure容器注册表图像 - Pull azure container registry image in kubernetes helm 在azure管道上拉并运行Linux docker映像 - Pull and Run a Linux docker image on an azure pipeline 拉图像Azure容器注册表 - Kubernetes - Pull image Azure Container Registry - Kubernetes CD 中的两个 azure 函数管道部署到一个应用程序服务不起作用 - Two azure function pipeline in CD deploy to one application service not working 我的 Terraform 服务主体在 Key Vault 上收到 403 访问错误,即使我为其添加了访问策略 - My Terraform Service Principal gets a 403 access error on Key Vault even though I added an access policy for it 使用Service Fabric改善CD管道 - Improving CD Pipeline with Service fabric Azure function 与 docker 图像抛出即使存在也会引发缺少连接字符串错误 - Azure function with docker image throwing throws missing connection string error even though present azure DevOps 流水线 CI/CD - azure DevOps pipeline CI/CD Kubernetes 因未知 blob 错误而无法拉取映像 - Kubernetes fails to pull image with unknown blob error
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM