Kubernetes cannot pull image from private docker i

2019-06-16 02:23发布

站内问答 / Kubernetes
1900 6 5

I have problem with kubernetes (minikube) and pull images from local image repository on docker. Docker repository was created:

docker run --entrypoint htpasswd registry:2 -Bbn zordon examplePassword > /mnt/LINUX/auth/htpasswd

docker run -d \
  -p 5000:5000 \
  --restart=always \
  --name registry \
  -v /mnt/LINUX/dockerreg:/var/lib/registry \
  -v /mnt/LINUX/auth:/auth \
  -e "REGISTRY_AUTH=htpasswd" \
  -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
  -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
  registry:2

Then I want to create simple pod with image which was succesfully uploaded to local repository:

curl localhost:5000/v2/_catalog
{"repositories":["car/configuration"]}

I have also create secret on minikube cluster with:

kubectl create secret docker-registry docregkey --docker-server=localhost:5000 --docker-username=zordon --docker-password=examplePassword --docker-email=test@dock.mail

and define simple Pod:

    apiVersion: v1
kind: Pod
metadata:
  name: private-reg
spec:
  containers:
  - name: private-reg-container
    image: car/configuration:latest
    imagePullPolicy: Always
  restartPolicy: Always
  imagePullSecrets:
  - name: docregkey

unfortunatelly I getting still:

Failed to pull image "car/configuration:latest": rpc error: code = Unknown desc = Error response from daemon: pull access denied for car/configuration, repository does not exist or may require 'docker login'

How i can fix this problem ?

6条回答
够拽才男人
2楼-- · 2019-06-16 02:30

I wanted a one line solution to execute in my terminal. Everything else I tried was overly complex to auth ecr with minikube.

This is my command for aws ecr login that I run each day because the token expires. The examples below are for Debian 9 with AWS ECR.

shell

kubectl create secret docker-registry aws-ecr-credentials \
--docker-server=$ECR_REGISTRY \
--docker-username=AWS \
--docker-password=$(aws ecr get-login | awk '{print $6}') \
--docker-email=$IAM_EMAIL \
--namespace=$KUBE_NAMESPACE

template.yml

spec:
  imagePullSecrets:
    - name: aws-ecr-credentials
查看更多
0人赞 添加讨论(0) 举报
叼着烟拽天下
3楼-- · 2019-06-16 02:37

The Problem is with the image name you are mentioning in the POD yaml file. 

image: car/configuration:latest

This will try to pull from the global registry rather than local registry.Change the image name to include the repository too.

image: localhost:5000/car/configuration:latest

And make sure that you have included insecure registry in your docker daemon configuration if your registry is not secured.

查看更多
0人赞 添加讨论(0) 举报
Emotional °昔
4楼-- · 2019-06-16 02:38

The problem is with image pull policy - you have set thist to Always (default setting) and it meand that docker deamon tries alway to pull image from outer docker registry - and you want to use local one instead

try tu add --image-pull-policy=Never when creating deployment

good tutorial of using locally created image is here (it helped me):

https://kubernetes.io/docs/tutorials/hello-minikube/#create-a-docker-container-image

查看更多
0人赞 添加讨论(0) 举报
啃猪蹄的小仙女
5楼-- · 2019-06-16 02:41

Private registry in Minikube

kubectl create -f kube-registry.yaml

(Grab kube-registry.yaml from this gist on github.)

and you need port-forward minikube to localhost (Just image build time)

kubectl port-forward --namespace kube-system \
$(kubectl get po -n kube-system | grep kube-registry-v0 | \
awk '{print $1;}') 5000:5000

After this, from the host curl localhost:5000 should return a valid response from the docker registry running on minikube

Repo : http://localhost:5000/v2/_catalog

Pull image : localhost:5000/image_name:image_tag

Reference: https://blog.hasura.io/sharing-a-local-registry-for-minikube-37c7240d0615

查看更多
0人赞 添加讨论(0) 举报
该账号已被封号
6楼-- · 2019-06-16 02:46

Because Minikube is VM not a your localhost. You try this code eval $(minikube docker-env) https://kubernetes.io/docs/getting-started-guides/minikube/

  1. Open Terminal
  2. eval $(minikube docker-env)
  3. docker build .
  4. kubectl create -f deployment.yaml

just valid this terminal. if closed terminal again open terminal and write eval $(minikube docker-env)

eval $(minikube docker-env) this code build image in Minikube

查看更多
0人赞 添加讨论(0) 举报
神经病院院长
7楼-- · 2019-06-16 02:46

When you run Kubernetes in Docker for Desktop your applications will share the same image registry across Docker and Kubernetes. List od all images:

docker images --all

Choose of them and run it with changed atribute --image-pull-policy=Never. For example:

kubectl run ContainerName --image=myimage/server --port=8080 --image-pull-policy=Never

By default, the kubelet will try to pull each image from the specified registry. However, if the imagePullPolicy property of the container is set to IfNotPresent or Never, then a local image is used (preferentially or exclusively, respectively). Link

It's mean, that Kubernetes pull image from local registry, not remote cloud.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)