堆栈内存溢出
  简体   繁体   English

Kubernetes 无法从 Docker 集线器上的私有存储库中提取图像

[英]Kubernetes cannot pull an image from private repository on Docker Hub

 原文  2020-12-09 21:20:08       docker/ kubernetes/ kubernetes-pod

问题描述

By some reason Kubernetes cannot pull an image from my private account on Docker Hub.由于某种原因,Kubernetes 无法从我在 Docker Hub 上的私人帐户中提取图像。 I tried all possible ways of creating a secret (from config.json, by providing credentials directly on command line) but still no success.我尝试了所有可能的方法来创建一个秘密(从 config.json,通过直接在命令行上提供凭据),但仍然没有成功。

Last time I did docker login and executed the following command to create the secret:上次我做docker login并执行以下命令来创建密钥:

kubectl create secret docker-registry dockerhub-credentials --from-file=.dockerconfigjson=/home/myuser/.docker/config.json

Also tried the following command (which is same but I thought there might be a bug in kubectl that doesn't recognize parameters correctly:还尝试了以下命令(这是相同的,但我认为kubectl中可能存在无法正确识别参数的错误:

kubectl create secret generic dockerhub-credentials --from-file=.dockerconfigjson=/home/myuser/.docker/config.json --type=kubernetes.io/dockerconfigjson

After the deployment I can see the following in the pod's YAML file:部署后,我可以在 pod 的 YAML 文件中看到以下内容:

spec:
  volumes:
    ...
  containers:
    - name: container-name
      image: 'username/projects:web_api_123'
      ports:
        - containerPort: 80
          protocol: TCP
      ...
      imagePullPolicy: IfNotPresent
  ...
  imagePullSecrets:
    - name: dockerhub-credentials

An image name is correct (I verified) and a secret with Docker Hub credentials was correctly assigned to my POD.映像名称正确(我已验证)并且带有 Docker 集线器凭据的机密已正确分配给我的 POD。 I even patched default service account.我什至修补了默认服务帐户。 But it still doesn't work.但它仍然不起作用。

1 个解决方案

解决方案1
 0 已采纳  2020-12-10 06:42:55

OK, the problem lies in namespaces: all my deployments, pods, services, etc. live inside a separate namespace BUT command that creates a secret does in 'default' namespace.好的,问题出在命名空间中:我所有的部署、pod、服务等都存在于一个单独的命名空间中,但是创建秘密的命令在“默认”命名空间中。

By some reason, I thought that these secrets in 'default' namespace are visible from another namespace, which is not the case.出于某种原因,我认为“默认”命名空间中的这些秘密在另一个命名空间中是可见的,但事实并非如此。 So, if you want to create a docker config secret, you will have to do it using YAML:因此,如果要创建 docker 配置密钥,则必须使用 YAML 进行:

kind: Secret
apiVersion: v1
metadata:
  name: dockerhub-credentials
  namespace: your-namespace
data:
  .dockerconfigjson: base64-encoded-/.docker/config.json
type: kubernetes.io/dockerconfigjson

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ElasticBeanstalk - 无法从私有 Docker Hub 存储库中提取 docker 镜像 - ElasticBeanstalk - cannot pull docker image from private Docker Hub repo 如果没有https,Kubernetes不会从私有存储库中提取docker镜像 - Kubernetes does not pull docker image from private repository without https Docker-for-desktop kubernetes 从私有仓库拉取镜像 - Docker-for-desktop kubernetes pull image from private repository Kubernetes 无法从公共 docker 图像存储库中提取图像 - Kubernetes cannot pull image from public docker image repository 从 kubernetes 拉取 docker hub 镜像 - pull docker hub image from kubernetes 如何从docker hub上的私有docker存储库中提取? - How to pull from private docker repository on docker hub? Kubernetes 无法从 docker hub 存储库中提取图像 - Kubernetes can't pull images from docker hub repository 如何从 Vagrant 上的 Kubernetes 访问私有 Docker Hub 存储库 - How to access private Docker Hub repository from Kubernetes on Vagrant 无法从Docker集线器中提取我的私有映像 - Unable to pull my private image from docker hub 如何将私有组织映像从Docker Hub部署到kubernetes - How to deploy private organization image from docker hub to kubernetes
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM