kind - Kubernetes pod 无法从私有 docker 注册表中提取图像

Question

I have a problem with a local kind kubernetes cluster I have.

I applied a regcred secret with the relevant details of my private registry and then a deployment file pointing to that registry and uses the relevant secret but it seems like the pods aren't able to pull the image. I tested it on a kubernetes cluster that is not local and the pods are running for the same deployment file and the same yaml file.

deployment.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: db-deployment
  labels:
    app: db-deployment
spec:
  replicas: 3
  template:
    metadata:
      name: db-deployment
      labels:
        app: db-deployment
    spec:
      containers:
        - name: db-deployment
          image: *** private docker registry ***
          ports:
            - containerPort: 5001
          command: ["python", "flask_main.py"]
      restartPolicy: Always
      imagePullSecrets:
        - name: regcred
  selector:
    matchLabels:
      app: db-deployment

I execed to my kind container and then run "crictl pull private docker registry /db:v1" and got the following error:

pulling image failed: rpc error: code = Unknown desc = failed to pull and unpack image "***private docker registry***/db:v1": failed to resolve reference "***private docker registry***/db:v1": failed to do request: Head https://***private docker registry***/db/manifests/v1: x509: certificate signed by unknown authority

I tried to add the relevant certificate to C:\Program Data\Docker\certs.d and reboot docker but that didn't help. What can I do from here? Thanks in advance.

Answer 1

To add an insecure docker registry, add the file C:\ProgramData\docker\config\daemon.json with the following content:

{ "insecure-registries": [ "your.private.registry.host" ] } and then you need to restart docker.