问题描述
我使用 containerd
而不是 Docker 设置 kubernetes V1.20.1。现在我无法从我的私有注册表 (Harbor) 中提取 Docker 镜像。
我已经像这样更改了 /etc/containerd/config.toml:
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://registry-1.docker.io"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."registry.foo.com"]
endpoint = ["https://registry.foo.com"]
[plugins."io.containerd.grpc.v1.cri".registry.configs]
[plugins."io.containerd.grpc.v1.cri".registry.configs."registry.foo.com"]
[plugins."io.containerd.grpc.v1.cri".registry.configs."registry.foo.com".auth]
username = "admin"
password = "Harbor12345"
但这没有用。拉取失败并显示以下消息:
Failed to pull image "registry.foo.com/library/myimage:latest": rpc error: code = UnkNown
desc = Failed to pull and unpack image "registry.foo.com/library/myimage:latest": Failed to
resolve reference "registry.foo.com/library/myimage:latest": unexpected status code
[manifests latest]: 401 Unauthorized
我的 Harbor 注册表可通过带有 Let's Encrypt 证书的 HTTPS 访问。所以 https 应该不是这里的问题。
即使我尝试创建 docker-secret 这也不起作用:
kubectl create secret docker-registry registry.foo.com --docker-server=https://registry.foo.com --docker-username=admin --docker-password=Harbor12345 --docker-email=info@foo.com
谁能给我举个例子,如何在 Kubernetes 中使用 containerd 配置私有注册中心?
解决方法
在 pod/部署规范中设置
: @Embeddable
class EmployeeId implements Serializable{
@Column(name = "employee_id)
String employeeId;
@Column(name = "employeeName")
String employeeName;
@Column(name = "age")
Integer age;
@Column(name = "effective_date")
Date effectiveDate;
}
@Embeddable
class EmployeeId implements Serializable{
@Column(name = "employee_id)
String employeeId;
@Column(name = "employeeName")
String employeeName;
@Column(name = "age")
Integer age;
@Column(name = "effective_date")
Date effectiveDate;
}
更多信息:https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/