Docker 从私有注册表提取k3s映像
关于如何使k3s(在我的pi上运行)能够从我的家庭网络(我的网络上的服务器笔记本电脑)的私有注册表中提取docker映像,我一直在看不同的参考资料。如果有人能把我的头指向正确的方向?这是我的方法:Docker 从私有注册表提取k3s映像,docker,kubernetes,docker-registry,k3s,Docker,Kubernetes,Docker Registry,K3s,关于如何使k3s(在我的pi上运行)能够从我的家庭网络(我的网络上的服务器笔记本电脑)的私有注册表中提取docker映像,我一直在看不同的参考资料。如果有人能把我的头指向正确的方向?这是我的方法: 在我的服务器上创建了docker注册表(并可通过端口10000访问): 这是可行的,并且能够从“服务器pc”向其推拉图像。我还没有添加认证TLS等 (通过VS代码上的docker插件查看图像) 在我的笔记本电脑服务器上添加了入站防火墙规则,并测试了可以从我的pi“查看”注册表(因此这也有效): 但是
{
"Insecure-registries": [ "<host IP>:10000" ]
}
{
“不安全的注册表”:[“:10000”]
}
但似乎这需要在节点端完成,而节点没有安装docker cli
。。。这太愚蠢了,我不知道为什么需要将域名和端口指定为您引用的注册表的“名称”,但无论如何,这解决了我的问题(供参考):
$cat/etc/rancher/k3s/registries.yaml
镜像:
":10000":
终点:
-“http://:10000”
和重新启动k3s:
系统控制重启k3s
然后在部署中,将映像路径中的引用为:
apiVersion: apps/v1
kind: Deployment
metadata:
name: tcpserialpassthrough
spec:
selector:
matchLabels:
app: tcpserialpassthrough
replicas: 1
template:
metadata:
labels:
app: tcpserialpassthrough
spec:
containers:
- name: tcpserialpassthrough
image: <host IP>:10000/tcpserialpassthrough:vers1.3-arm
resources:
limits:
memory: "128Mi"
cpu: "500m"
ports:
- containerPort: 8001
hostPort: 8001
protocol: TCP
command: ["dotnet", "/app/TcpConnector.dll"]
imagePullSecrets:
- name: mydockercredentials
apiVersion:apps/v1
种类:部署
元数据:
名称:tcpserialpassthrough
规格:
选择器:
火柴标签:
应用程序:tcpserialpassthrough
副本:1份
模板:
元数据:
标签:
应用程序:tcpserialpassthrough
规格:
容器:
-名称:tcpserialpassthrough
图像::10000/tcpserialpassthrough:vers1.3-arm
资源:
限制:
内存:“128Mi”
cpu:“500米”
端口:
-集装箱港口:8001
主机端口:8001
协议:TCP
命令:[“dotnet”,“/app/TcpConnector.dll”]
你的秘密:
-名称:mydockercredentials
参考保存为机密的注册表基本身份验证详细信息:
$kubectl创建秘密docker注册表MyDocker注册表--docker服务器主机IP:10000--docker用户名--docker密码
您可以通过
$kubectl获得活动-w
您不需要docker cli来编辑
daemon.json
只需docker daemon(引擎)。感谢您浏览@Shmuel。可能是个愚蠢的问题,但你能详细说明一下吗?(1) 那么,必须在k3s节点上创建daemon.json,而只安装k3s吗?不太了解k3s/k8s中的docker功能。只阅读一些简单的基础知识,比如在某些时候使用“containerd”。(2) 因为路径/etc/docker/。。甚至不存在于piI上我不熟悉k3s,可能它根本没有运行docker,但其他一些容器运行时环境这一个可以在无根实现上工作吗?从技术上来说,应该是这样的,尽管这不是我测试的重点(在那里我必须能够在文件/etc/rancher/k3s/registries.yaml中创建注册表指针)。老实说,不知道,对不起…(只能向您指出我所遵循的文档)谢谢Paul,我会查看它
$ cat /etc/rancher/k3s/registries.yaml
mirrors:
pwlaptopregistry:
endpoint:
- "http://<host IP here>:10000"
apiVersion: apps/v1
kind: Deployment
metadata:
name: tcpserialpassthrough
spec:
selector:
matchLabels:
app: tcpserialpassthrough
replicas: 1
template:
metadata:
labels:
app: tcpserialpassthrough
spec:
containers:
- name: tcpserialpassthrough
image: pwlaptopregistry/tcpserialpassthrough:vers1.3-arm
resources:
limits:
memory: "128Mi"
cpu: "500m"
ports:
- containerPort: 8001
hostPort: 8001
protocol: TCP
command: ["dotnet", "/app/TcpConnector.dll"]
kubectl get events -w
LAST SEEN TYPE REASON OBJECT MESSAGE
8m24s Normal SuccessfulCreate replicaset/tcpserialpassthrough-88fb974d9 Created pod: tcpserialpassthrough-88fb974d9-b88fc
8m23s Warning FailedScheduling pod/tcpserialpassthrough-88fb974d9-b88fc 0/1 nodes are available: 1 node(s) didn't have free ports for the requested pod ports.
8m23s Warning FailedScheduling pod/tcpserialpassthrough-88fb974d9-b88fc 0/1 nodes are available: 1 node(s) didn't have free ports for the requested pod ports.
8m21s Normal Scheduled pod/tcpserialpassthrough-88fb974d9-b88fc Successfully assigned default/tcpserialpassthrough-88fb974d9-b88fc to raspberrypi
6m52s Normal Pulling pod/tcpserialpassthrough-88fb974d9-b88fc Pulling image "pwlaptopregistry/tcpserialpassthrough:vers1.3-arm"
6m50s Warning Failed pod/tcpserialpassthrough-88fb974d9-b88fc Error: ErrImagePull
6m50s Warning Failed pod/tcpserialpassthrough-88fb974d9-b88fc Failed to pull image "pwlaptopregistry/tcpserialpassthrough:vers1.3-arm": rpc error: code = Unknown desc = failed to pull and unpack image "docker.io/pwlaptopregistry/tcpserialpassthrough:vers1.3-arm": failed to resolve reference "docker.io/pwlaptopregistry/tcpserialpassthrough:vers1.3-arm": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
6m3s Normal BackOff pod/tcpserialpassthrough-88fb974d9-b88fc Back-off pulling image "pwlaptopregistry/tcpserialpassthrough:vers1.3-arm"
3m15s Warning Failed pod/tcpserialpassthrough-88fb974d9-b88fc Error: ImagePullBackOff
{
"Insecure-registries": [ "<host IP>:10000" ]
}
$cat /etc/rancher/k3s/registries.yaml
mirrors:
"<host IP>:10000":
endpoint:
- "http://<host IP>:10000"
apiVersion: apps/v1
kind: Deployment
metadata:
name: tcpserialpassthrough
spec:
selector:
matchLabels:
app: tcpserialpassthrough
replicas: 1
template:
metadata:
labels:
app: tcpserialpassthrough
spec:
containers:
- name: tcpserialpassthrough
image: <host IP>:10000/tcpserialpassthrough:vers1.3-arm
resources:
limits:
memory: "128Mi"
cpu: "500m"
ports:
- containerPort: 8001
hostPort: 8001
protocol: TCP
command: ["dotnet", "/app/TcpConnector.dll"]
imagePullSecrets:
- name: mydockercredentials