[英]Azure Kubernetes Service: Image Pull Error (Authentication) even though ImagePullSecret was added in CD pipeline
In my Azure DevOps
I added a Docker Registry Service Connection
via the "Other" option (username and password). 在我的
Azure DevOps
我通过“其他”选项(用户名和密码)添加了Docker Registry Service Connection
。
This service connection works in my CI Pipeline
when push images via docker compose
. 通过
docker compose
推送映像时,此服务连接在我的CI Pipeline
。
But in my CD Pipeline
(Release) pipeline, when I add the Docker Registry Service Connection
in the Secrets section of my Deploy to Kubernetes Task
. 但是在我的
CD Pipeline
(发布)管道中,当我在Deploy to Kubernetes Task
的Secrets部分中添加Docker Registry Service Connection
时。
In Azure DevOps
the Deploy to Kubernetes Task
was processed successfully. 在
Azure DevOps
,已成功处理了Deploy to Kubernetes Task
。 But in the cluster the pods for the images from my Azure Container Registry
show following error: 但是在群集中,来自我的
Azure Container Registry
的图像的pod出现以下错误:
Failed to pull image "xxx.azurecr.io/service.api:latest": [rpc error: code = Unknown desc = Error response from daemon: Get https://xxx.azurecr.io/v2/service.api/manifests/latest : unauthorized: authentication required, rpc error: code = Unknown desc = Error response from daemon: Get https://xxx.azurecr.io/v2/service.api/manifests/latest : unauthorized: authentication required]
无法提取图像“ xxx.azurecr.io/service.api:latest”:[rpc错误:代码=未知desc =来自守护程序的错误响应:获取https://xxx.azurecr.io/v2/service.api/manifests / latest :未经授权:需要认证,rpc错误:代码=未知desc =来自守护程序的错误响应:获取https://xxx.azurecr.io/v2/service.api/manifests/latest :未经授权:需要认证]
How do I fix this error? 如何解决此错误?
you need to configure kubernetes with access to private registry (the fact that you configured Azure Devops to do that doesn't matter, it doesnt 'push' images to kubernetes, it just issues commands). 您需要配置可访问私有注册表的kubernetes(配置Azure Devops这样做并不重要,它不会将映像“推送”到kubernetes,而只是发出命令)。 You can follow this link to do that.
您可以点击此链接进行操作。
In short you need to do this: 简而言之,您需要执行以下操作:
kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>
and then add ImagePullSecrets to your pod definition: 然后将ImagePullSecrets添加到您的窗格定义中:
apiVersion: v1
kind: Pod
metadata:
name: private-reg
spec:
containers:
- name: private-reg-container
image: <your-private-image>
imagePullSecrets:
- name: regcred
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.