kubernetes - 如何引用 kubernetes docker-registry

问题描述

我已经通过 helm 在 Kubernetes 上安装了 docker-registry。

我可以通过 docker push 来docker push 0.0.0.0:5000/<my-container>:v1使用端口转发。

现在如何从 deployment.yaml 引用注册表中的图像？

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: <my-container>-deployment-v1
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: <my-container>-deployment
        version: v1
    spec:
      containers:
      - name: <my-container>
        image: 0.0.0.0:5000/<my-container>:v1 # <<< ????
        imagePullPolicy: Always
        ports:
        - containerPort: 80
      imagePullSecrets:
        - name: private-docker-registry-secret

这确实列出了我的容器：

curl -X GET http://0.0.0.0:5000/v2/_catalog

部署时我不断收到ImagePullBackOff。

我使用内部服务名称和集群 IP 地址绑定，仍然无法正常工作。

然后尝试使用秘密：

{
  "kind": "Secret",
  "apiVersion": "v1",
  "metadata": {
    "name": "running-buffoon-docker-registry-secret",
    "namespace": "default",
    "selfLink": "/api/v1/namespaces/default/secrets/running-buffoon-docker-registry-secret",
    "uid": "127c93c1-53df-11e9-8ede-a63ad724d5b9",
    "resourceVersion": "216488",
    "creationTimestamp": "2019-03-31T18:01:56Z",
    "labels": {
      "app": "docker-registry",
      "chart": "docker-registry-1.7.0",
      "heritage": "Tiller",
      "release": "running-buffoon"
    }
  },
  "data": {
    "haSharedSecret": "xxx"
  },
  "type": "Opaque"
}

并将秘密添加到deployment.yaml：

  imagePullSecrets:
    - name: running-buffoon-docker-registry-secret

然后我得到：

image "x.x.x.x/:<my-container>v1": rpc error: code = Unknown desc = Error response from daemon: Get https://x.x.x.x/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

标签： kubernetescert-manager