kubectl ImagePullBackOff 由于秘密
[英]kubectl ImagePullBackOff due to secret
问题描述
I'm creating kubevirt in minikube, initially kubevirt-operator.yaml fails with ImagePullBackOff.
我在 minikube 中创建 kubevirt,最初 kubevirt-operator.yaml 因 ImagePullBackOff 而失败。 After I added secret in the yaml在我在 yaml 中添加秘密之后
imagePullSecrets:
- name: regcred
containers:
all my virt-operator* started to run.我所有的 virt-operator* 开始运行。 virt-api* pods still shows ImagePullBackOff. virt-api* pods 仍然显示 ImagePullBackOff。 The error comes out as错误出现为
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 27m default-scheduler Successfully assigned kubevirt/virt-api-787487d9cd-t68qf to minikube
Normal Pulling 25m (x4 over 27m) kubelet Pulling image "us-ashburn-1.ocir.io/xxx/virt-api:v0.54.0"
Warning Failed 25m (x4 over 27m) kubelet Failed to pull image "us-ashburn-1.ocir.io/xxx/virt-api:v0.54.0": rpc error: code = Unknown desc = Error response from daemon: pull access denied for us-ashburn-1.ocir.io/xxx/virt-api, repository does not exist or may require 'docker login': denied: Anonymous users are only allowed read access on public repos
Warning Failed 25m (x4 over 27m) kubelet Error: ErrImagePull
Warning Failed 25m (x6 over 27m) kubelet Error: ImagePullBackOff
Normal BackOff 2m26s (x106 over 27m) kubelet Back-off pulling image "us-ashburn-1.ocir.io/xxx/virt-api:v0.54.0"
Manually I'm able to pull the same image with docker login.手动我可以使用 docker login 提取相同的图像。 Any help much appreciated.非常感谢任何帮助。 Thanks谢谢
3 个解决方案
解决方案1
0 2022-07-21 11:35:04
This docker image looks like it is in a private registry(and from oracle).这个 docker 镜像看起来像是在一个私有注册表中(并且来自 oracle)。 And I assume the regcred is not correct.而且我认为regcred是不正确的。 Can you login there with docker login?您可以使用 docker login 登录吗? if so you can create regcred secret like this如果是这样,您可以像这样创建regcred秘密
$ kubectl create secret docker-registry regcred --docker-server=<region-key>.ocir.io --docker-username='<tenancy-namespace>/<oci-username>' --docker-password='<oci-auth-token>' --docker-email='<email-address>'
Also check this oracle tutorial: https://www.oracle.com/webfolder/technetwork/tutorials/obe/oci/oke-and-registry/index.html另请查看此 Oracle 教程: https ://www.oracle.com/webfolder/technetwork/tutorials/obe/oci/oke-and-registry/index.html
解决方案2
0 2022-07-21 12:41:10
Here you can find the steps to implement secret values to the cluster .在这里,您可以找到将秘密值实施到集群的步骤。
If you are using a private registry, check that your secret exists and the secret is correct.如果您使用的是私有注册表,请检查您的密钥是否存在并且该密钥是否正确。 Your secret should also be in the same namespace.您的秘密也应该在同一个命名空间中。
Your Minikube is a VM not your localhost.你的 Minikube 是一个虚拟机,而不是你的本地主机。 You try this你试试这个
- Open Terminal打开终端
- eval $(minikube docker-env)评估 $(minikube docker-env)
- docker build .码头工人建造。
- kubectl create -f deployment.yaml kubectl create -f 部署.yaml
just valid this terminal.只是有效的这个终端。 if closed terminal again open terminal and write eval $(minikube docker-env)如果关闭终端再次打开终端并写入 eval $(minikube docker-env)
eval $(minikube docker-env) this code build image in Minikube eval $(minikube docker-env) 此代码在 Minikube 中构建映像
Also, try to login docker on all nodes by using docker login .另外,尝试使用docker login在所有节点上登录 docker。
There is also a lengthy blog post describing how to debug image pull back-off in depth here还有一篇冗长的博客文章描述了如何在此处深入调试图像拉回
解决方案3
-1 2022-07-21 09:07:22
Hey if you look here .嘿,如果你看这里。 I think you can find some helpful documentation.我认为您可以找到一些有用的文档。
What they are doing is, they are upload the dockerconfig file which has login credentials as a secret and then referring to that in the deployment.他们正在做的是,他们上传 dockerconfig 文件,该文件将登录凭据作为秘密,然后在部署中引用该文件。
You could try to follow these steps and do something similar.您可以尝试按照这些步骤并做类似的事情。 Let me know if it works让我知道它是否有效
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.