Live2D

K8S从私有仓库拉取镜像

pod结合secret下载私有镜像

1、保证节点机器可以登录仓库
docker login --username admin --password Harbor12345 harbor.hack.me

2、结合sercet资源针对密钥文件进行加密
kubectl create secret generic regcred --from-file=/root/.docker/config.json --type=kubernetes.io/dockerconfigjson

3、编写pod资源结合imagePullSecrets字段调用sercet进行下载
`
[root@k8smaster01 storage]# cat my-private-reg-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: private-reg
spec:
nodeName: k8smaster01.com
containers:

  • name: private-reg-container
    image: harbor.hack.me/repo/alpine@sha256:c10f729849a3b03cbf222e2220245dd44c39a06d444aa32cc30a35c4c1aba59d
    command: ["sleep","360"]
    imagePullSecrets:
  • name: regcred
    `

总结:
- 确保调度节点可以访问私有仓库
- 确保定都节点存在对于secret资源

posted @ 2025-01-21 22:17  乔尼娜蓖炀  阅读(81)  评论(0)    收藏  举报
Live2D