Azure ImagePullBackOff:无法将我的私有Docker映像拉入Kubernetes群集
我试图在Kubernetes清单中包含我自己的私有Docker图像,但我得到一个ImagePullBackOff错误 我不确定我是否: -为我的秘密使用了错误的数据 -在某处缺少命令 -在某些特定的名称或标签等中使用了错误的数据 该映像托管在Azure容器注册表中。ACR 这是我得到的错误。。。接下来是我所做的尝试,并让它工作的步骤Azure ImagePullBackOff:无法将我的私有Docker映像拉入Kubernetes群集,azure,docker,kubernetes,Azure,Docker,Kubernetes,我试图在Kubernetes清单中包含我自己的私有Docker图像,但我得到一个ImagePullBackOff错误 我不确定我是否: -为我的秘密使用了错误的数据 -在某处缺少命令 -在某些特定的名称或标签等中使用了错误的数据 该映像托管在Azure容器注册表中。ACR 这是我得到的错误。。。接下来是我所做的尝试,并让它工作的步骤 Tests-MBP:k8s test$ clear && kubectl describe pod acounts-api-7fcc5d9bb-82
Tests-MBP:k8s test$ clear && kubectl describe pod acounts-api-7fcc5d9bb-826ht
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 69s default-scheduler Successfully assigned acounts-api-7fcc5d9bb-826ht to docker-for-desktop
Normal SuccessfulMountVolume 69s kubelet, docker-for-desktop MountVolume.SetUp succeeded for volume "default-token-ffrhq"
Normal BackOff 30s (x2 over 64s) kubelet, docker-for-desktop Back-off pulling image "hornet/accounts.api"
Warning Failed 30s (x2 over 64s) kubelet, docker-for-desktop Error: ImagePullBackOff
Normal Pulling 16s (x3 over 68s) kubelet, docker-for-desktop pulling image "hornet/accounts.api"
Warning Failed 11s (x3 over 64s) kubelet, docker-for-desktop Failed to pull image "hornet/accounts.api": rpc error: code = Unknown desc = Error response from daemon: pull access denied for hornet/accounts.api, repository does not exist or may require 'docker login'
Warning Failed 11s (x3 over 64s) kubelet, docker-for-desktop Error: ErrImagePull
Tests-MBP:k8s test$
我创造了一个秘密:
使用此命令:
Tests-MacBook-Pro:k8s test$ kubectl create secret docker-registry hornet-acr-auth --docker-server <snip>.azurecr.io --docker-username 9858ae98-<snip> --docker-password 10abe15a-<snip> --docker-email a@b.com
secret/hornet-acr-auth created
最后。。这就是我试图在.yaml清单中创建部署的方式
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: acounts-api
spec:
selector:
matchLabels:
app: acounts-api
replicas: 1
template:
metadata:
labels:
app: acounts-api
spec:
imagePullSecrets:
- name: hornet-acr-auth
containers:
- name: acounts-api
image: hornet/accounts.api
imagePullPolicy: Always
ports:
- containerPort: 80
name: http
- containerPort: 5301
name: data-ingest
env:
- name: "RavenDb__ServerUrl"
value: "http://ravendb-data-lb:5200"
---
是的,我已经确认存储库存在于ACR中。Image hornet/accounts.api实际上看起来像来自Docker Hub的图像,这不是你的情况,对吗
我猜你的图像名称应该是.azurecr.io/accounts.api,或者可能是.azurecr.io/hornet/accounts.api?图像hornet/accounts.api实际上看起来像是来自Docker Hub的图像,不是吗
我猜您的图像名称应该是.azurecr.io/accounts.api,或者可能是.azurecr.io/hornet/accounts.api?请确保图像名称和标签。它应该是registryServer/image:tag。请仔细保管您提供的文件。这不是丢失的标签。正如公认的答案所说。。映像的FQDN。不仅仅是图像名称,在注册表中。请确保图像名称和标签。它应该是registryServer/image:tag。请仔细保管您提供的文件。这不是丢失的标签。正如公认的答案所说。。映像的FQDN。不仅仅是图像名称,在注册表中。
Tests-MacBook-Pro:k8s test$ ./azure-credentials.sh
Retrying role assignment creation: 1/36
Service principal ID: 9858ae98-<snip>
Service principal password: 10abe15a-<snip>
#!/bin/bash
ACR_NAME=<snip> // this is the name of the ACR (e.g. foo) .. NOT foo.azurecr.io
SERVICE_PRINCIPAL_NAME=acr-service-principal
...
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: acounts-api
spec:
selector:
matchLabels:
app: acounts-api
replicas: 1
template:
metadata:
labels:
app: acounts-api
spec:
imagePullSecrets:
- name: hornet-acr-auth
containers:
- name: acounts-api
image: hornet/accounts.api
imagePullPolicy: Always
ports:
- containerPort: 80
name: http
- containerPort: 5301
name: data-ingest
env:
- name: "RavenDb__ServerUrl"
value: "http://ravendb-data-lb:5200"
---