這是因爲給 Ubuntu 安裝軟件的時候需要做驗證,當然了,這個並不是必須的,也就是你的容器裏也可以裝沒有經過認證可能不安全的源中安裝需要的軟件,雖然不建議,但是有時候爲了快速調試,比如在公司內部的源裏安裝軟件,可以試一下。
如果遇到 NO_PUBKEY 的問題,如下:
root@spark-sparkoperator-58f598c98b-x7vjn:/etc/apt/trusted.gpg.d# apt-get update
Get:1 http://mirrors.tencent.com/ubuntu bionic InRelease [242 kB]
Err:1 http://mirrors.tencent.com/ubuntu bionic InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3B4FE6ACC0B21F32
Reading package lists... Done
W: GPG error: http://mirrors.tencent.com/ubuntu bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3B4FE6ACC0B21F32
E: The repository 'http://mirrors.tencent.com/ubuntu bionic InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
root@spark-sparkoperator-58f598c98b-x7vjn:/etc/apt/trusted.gpg.d# apt-get install iputils-ping
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package iputils-ping
上面是我發現鏡像裏沒有 ping 工具,所以需要裝一個,但是遇到了 NO_PUBKEY 的問題,於是通過下面的命令可以成功安裝,原理當然就是,沒有做驗證了。
apt -o Acquire::AllowInsecureRepositories=true -o Acquire::AllowDowngradeToInsecureRepositories=true update
apt -o Acquire::AllowInsecureRepositories=true -o Acquire::AllowDowngradeToInsecureRepositories=true install iputils-ping
搞清楚原理,其實這類問題是很容易解決的,類似的如 Centos,也是一個道理。