[英]kind - Kubernetes pods can't pull image from private docker registry
I have a problem with a local kind kubernetes cluster I have.我有一个本地类型的 kubernetes 集群有问题。
I applied a regcred secret with the relevant details of my private registry and then a deployment file pointing to that registry and uses the relevant secret but it seems like the pods aren't able to pull the image.我使用了我的私有注册表的相关详细信息,然后应用了一个指向该注册表的部署文件并使用了相关的秘密,但似乎 pod 无法提取图像。 I tested it on a kubernetes cluster that is not local and the pods are running for the same deployment file and the same yaml file.
我在非本地的 kubernetes 集群上对其进行了测试,并且 Pod 正在为相同的部署文件和相同的 yaml 文件运行。
deployment.yaml:部署.yaml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: db-deployment
labels:
app: db-deployment
spec:
replicas: 3
template:
metadata:
name: db-deployment
labels:
app: db-deployment
spec:
containers:
- name: db-deployment
image: *** private docker registry ***
ports:
- containerPort: 5001
command: ["python", "flask_main.py"]
restartPolicy: Always
imagePullSecrets:
- name: regcred
selector:
matchLabels:
app: db-deployment
I execed to my kind container and then run "crictl pull private docker registry /db:v1" and got the following error:我执行到我的同类容器,然后运行“crictl pull private docker registry /db:v1”并得到以下错误:
pulling image failed: rpc error: code = Unknown desc = failed to pull and unpack image "***private docker registry***/db:v1": failed to resolve reference "***private docker registry***/db:v1": failed to do request: Head https://***private docker registry***/db/manifests/v1: x509: certificate signed by unknown authority
I tried to add the relevant certificate to C:\Program Data\Docker\certs.d and reboot docker but that didn't help.我尝试将相关证书添加到 C:\Program Data\Docker\certs.d 并重新启动 docker 但这没有帮助。 What can I do from here?
我能从这里做什么? Thanks in advance.
提前致谢。
To add an insecure docker registry, add the file C:\ProgramData\docker\config\daemon.json with the following content:要添加不安全的 docker 注册表,请添加具有以下内容的文件 C:\ProgramData\docker\config\daemon.json:
{ "insecure-registries": [ "your.private.registry.host" ] } and then you need to restart docker. { "insecure-registries": [ "your.private.registry.host" ] } 然后你需要重启 docker。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.