Kubernetes - 從私服中拉取鏡像
docker 私有倉庫地址配置
修改docker的daemon.json
vim /etc/docker/daemon.json
加入如下節點
"insecure-registries":["私服ip:端口"],
完整配置如下
{
"registry-mirrors": ["http://f1361db2.m.daocloud.io"],
"insecure-registries":["172.10.10.10:5000"],
}
配置完成後重啓docker
systemctl daemon-reload
systemctl restart docker
登錄Docker
docker login --username=鏡像倉庫帳號 172.10.10.10:5000
輸入密碼完成登錄
查看 ~/.docker/config.json
cat ~/.docker/config.json
創建一個Secret來保存你的驗證口令
創建一個名爲dockercfg-192的secret
kubectl create secret docker-registry dockercfg-192 --docker-server=172.10.10.10:5000 --docker-username=username --docker-password=password [email protected]
–docker-server 私有倉庫
–docker-username 倉庫 用戶名
–docker-password 倉庫 密碼
–docker-email 倉庫 郵箱
查看創建的dockercfg-192
kubectl get secret |grep dockercfg-192
創建一個Deployment來自私庫的鏡像
創建資源文件k8s-nginx.yml
vim k8s-nginx.yml
內容如下
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nginx
spec:
replicas: 1
template:
metadata:
labels:
name: nginx
spec:
containers:
- name: nginx
image: registry.cn-shenzhen.aliyuncs.com/alanlee2020/demo-nginx:1.0.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
# imagePullSecrets 告訴 Kubernets 應該從名爲 dockercfg-192 的 Secret 裏獲取驗證口令
imagePullSecrets:
- name: dockercfg-192
---
apiVersion: v1
kind: Service
metadata:
name: nginx-http
spec:
ports:
- port: 80
targetPort: 80
nodePort: 30001
protocol: TCP
type: NodePort
selector:
name: nginx
部署service
kubectl apply -f k8s-nginx.yml
查看部署
kubectl get pods -o wide