stackoom
  简体   繁体   中英

Kubernetes pull images from private registry fails --> unknown field "imagePullPolicy"

 原文  2019-03-18 10:17:13       docker/ kubernetes/ docker-registry/ harbor

Question

I'm trying to pull an image from my priavte harbor registry. In Kubernetes I created a secret first as explained in this documentation:

https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/

Then I tried to implement that into my deployment.yaml:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-k8s-test9
  namespace: k8s-test9
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx-k8s-test9
    spec:
      containers:
      - name: nginx-k8s-test9
        image: my-registry.com/nginx-test/nginx:1.14.2
      imagePullSecrets:
      - name: harborcred
        imagePullPolicy: Always
        volumeMounts:
          - name: webcontent
            mountPath: usr/share/nginx/html
        ports:
        - containerPort: 80
      volumes:
        - name: webcontent
          configMap:
            name: webcontent
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: webcontent
  namespace: k8s-test9
  annotations:
    volume.alpha.kubernetes.io/storage-class: default
spec:
  accessModes: [ReadWriteOnce]
  resources:
    requests:
      storage: 5Gi

When I try to create the deployment I get the following error message:

error: error validating "deployment.yaml": error validating data: [ValidationError(Deployment.spec.template.spec.imagePullSecrets[0]): unknown field "imagePullPolicy" in io.k8s.api.core.v1.LocalObjectReference, ValidationError(Deployment.spec.template.spec.imagePullSecrets[0]): unknown field "ports" in io.k8s.api.core.v1.LocalObjectReference, ValidationError(Deployment.spec.template.spec.imagePullSecrets[0]): unknown field "volumeMounts" in io.k8s.api.core.v1.LocalObjectReference]; if you choose to ignore these errors, turn validation off with --validate=false

I guess it's a yaml issue somehow but I don't know where it should be.

3 answers

solution1
 4  2019-03-21 12:55:18

And here is the solution:

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-k8s-test9
  namespace: k8s-test9
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx-k8s-test9
    spec:
      containers:
      - name: nginx-k8s-test9
        image: my-registry.com/nginx-test/nginx:1.14.2
        volumeMounts:
          - name: webcontent
            mountPath: usr/share/nginx/html
        ports:
        - containerPort: 80
      volumes:
        - name: webcontent
          configMap:
            name: webcontent
      imagePullSecrets:
      - name: harborcred-test
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: webcontent
  namespace: k8s-test9
  annotations:
    volume.alpha.kubernetes.io/storage-class: default
spec:
  accessModes: [ReadWriteOnce]
  resources:
    requests:
      storage: 5Gi

The imagePullSecrets section was not at the right place.

solution2
 1  2019-03-18 10:55:13

can you chnage your config like this any give a try

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: webcontent
  namespace: k8s-test9
  annotations:
    volume.alpha.kubernetes.io/storage-class: default
spec:
  accessModes: [ReadWriteOnce]
  resources:
    requests:
      storage: 5Gi
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx-k8s-test9
  namespace: k8s-test9
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx-k8s-test9
    spec:
      containers:
      - name: nginx-k8s-test9
        image: my-registry.com/nginx-test/nginx:1.14.2
      imagePullSecrets:
      - name: harborcred
        imagePullPolicy: Always
        volumeMounts:
          - name: webcontent
            mountPath: usr/share/nginx/html
        ports:
        - containerPort: 80
      volumes:
        - name: webcontent
          configMap:
            name: webcontent

with kubectl apply -f deployment.yaml if it's not work try

kubectl apply -f deployment.yaml --validate=false

solution3
 1  2020-03-15 20:05:55

I resolved this via creating & providing secret in pipeline and not editing the .yaml file

we had requirement was not to save secret in .yaml file as it was fetched from repo

step 1: create pipeline add a task
Deploy to Kubernetes >> choose Action: Create Secret - can find step how to create secrets

step 2: Then in any Task where you are pulling the .yaml file can use the secret by providing the secret name in ImagePullSecrets of Deploy to Kubernetesimagepullsecret 的截图

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Kubernetes pull image from private insecure registry fails Docker from windows is unable to pull images from my private registry once Kubernetes is enabled Pulling images from private registry in Kubernetes Rancher can pull images from private registry Kubernetes doesn't pull from private Docker Registry How to pull docker image from a insecure private registry with latest Kubernetes kubernetes can't pull image from private docker registry kubernetes is unable pull image from docker private registry Kubernetes: Pull images from internal registry with on-premise deployment Pulling an Image from Private Registry in Kubernetes cronjob fails
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM