0

我有一个本地类型的 kubernetes 集群有问题。

我应用了一个带有我的私有注册表相关详细信息的 regcred 机密,然后是一个指向该注册表的部署文件并使用了相关机密,但似乎 pod 无法提取图像。我在非本地的 kubernetes 集群上对其进行了测试,并且 pod 正在为相同的部署文件和相同的 yaml 文件运行。

部署.yaml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: db-deployment
  labels:
    app: db-deployment
spec:
  replicas: 3
  template:
    metadata:
      name: db-deployment
      labels:
        app: db-deployment
    spec:
      containers:
        - name: db-deployment
          image: *** private docker registry ***
          ports:
            - containerPort: 5001
          command: ["python", "flask_main.py"]
      restartPolicy: Always
      imagePullSecrets:
        - name: regcred
  selector:
    matchLabels:
      app: db-deployment

我执行到我的同类容器,然后运行“crictl pull private docker registry /db:v1”并收到以下错误:

pulling image failed: rpc error: code = Unknown desc = failed to pull and unpack image "***private docker registry***/db:v1": failed to resolve reference "***private docker registry***/db:v1": failed to do request: Head https://***private docker registry***/db/manifests/v1: x509: certificate signed by unknown authority

我尝试将相关证书添加到 C:\Program Data\Docker\certs.d 并重新启动 docker,但这没有帮助。我能从这里做什么?提前致谢。

4

1 回答 1

1

要添加不安全的 docker 注册表,请添加具有以下内容的文件 C:\ProgramData\docker\config\daemon.json:

{ "insecure-registries" : [ "your.private.registry.host" ] } 然后你需要重启 docker。

于 2020-12-13T15:30:59.607 回答