dockercfg

dockercfg

关注
发信
关注(28)粉丝(399)

docker - Kubernetes imagePullSecrets不起作用;得到 “image not found”

我有一个在AWS上运行的现成的Kubernetes集群,已安装了kube-up脚本。我想运行私有(private)Docker Hub存储库中的一些容器。但是我一直收到“找不到”错误:

 > kubectl get pod
NAME                      READY     STATUS                                        RESTARTS   AGE
maestro-kubetest-d37hr    0/1       Error: image csats/maestro:latest not found   0          22m

我创建了一个包含.dockercfg文件的 secret 。我通过运行here发布的脚本来确认它可以正常工作:
 > kubectl get secrets docker-hub-csatsinternal -o yaml | grep dockercfg: | cut -f 2 -d : | base64 -D > ~/.dockercfg
 > docker pull csats/maestro
latest: Pulling from csats/maestro

我已经确认我没有使用the new format of .dockercfg script,我的看起来像这样:
> cat ~/.dockercfg
{"https://index.docker.io/v1/":{"auth":"REDACTED BASE64 STRING HERE","email":"[email protected]"}}

我尝试过running the Base64 encode on Debian instead of OS X,那里没有运气。 (可能会产生相同的字符串。)

这是我的复制 Controller 的YAML:
---
kind: "ReplicationController"
apiVersion: "v1"
metadata:
  name: "maestro-kubetest"
spec:
  replicas: 1
  selector:
    app: "maestro"
    ecosystem: "kubetest"
    version: "1"
  template:
    metadata:
      labels:
        app: "maestro"
        ecosystem: "kubetest"
        version: "1"
    spec:
      imagePullSecrets:
        - name: "docker-hub-csatsinternal"
      containers:
        - name: "maestro"
          image: "csats/maestro"
          imagePullPolicy: "Always"

      restartPolicy: "Always"
      dnsPolicy: "ClusterFirst"
kubectl version:
Client Version: version.Info{Major:"1", Minor:"0", GitVersion:"v1.0.3", GitCommit:"61c6ac5f350253a4dc002aee97b7db7ff01ee4ca", GitTreeState:"clean"}
Server Version: version.Info{Major:"1", Minor:"0", GitVersion:"v1.0.3", GitCommit:"61c6ac5f350253a4dc002aee97b7db7ff01ee4ca", GitTreeState:"clean"}

有任何想法吗?

最佳答案

Docker在config.json中生成一个~/.docker/文件
看起来像:

{
    "auths": {
        "index.docker.io/v1/": {
            "auth": "ZmFrZXBhc3N3b3JkMTIK",
            "email": "[email protected]"
        }
    }
}

您真正想要的是:
{"https://index.docker.io/v1/": {"auth": "XXXXXXXXXXXXXX", "email": "[email protected]"}}

注意三件事:
  • 1)没有auths包装
  • 2)前面有https://网址
  • 3)这是一行

    • 然后您对 base64 进行编码,并将其用作.dockercfg名称的数据
    apiVersion: v1
kind: Secret
metadata:
  name: registry
data:
  .dockercfg: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==
type: kubernetes.io/dockercfg

    再次注意.dockercfg行是一行(base64倾向于生成多行字符串)

    关于docker - Kubernetes imagePullSecrets不起作用;得到 “image not found”,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/32510310/

    10-16 09:54
    Powered by LMLPHP ©2024 dockercfg 0.049978