k8s 使用secret 拉取私有仓库的镜像创建实例
1.私有仓库搭建成功后可以使用docker login,docker pull,但是却无法创建实例2.创建secret命令:
kubectl create secret docker-registry domain.key --docker-server=domain:5000 --docker-username= --docker-password= --docker-email=test@163.com --namespace=test
也可以通过yaml文件创建:
apiVersion: v1
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
username: emhlbnl1
password: eWFvZGlkaWFv
docker login #登录你的私有仓库
cat ~/.docker/config.json | base64 # 登录成功后打印base64加密后的登录秘钥
https://images2017.cnblogs.com/blog/1085843/201710/1085843-20171017153235927-96460763.png
将得到的两行字符串拼接成一行
apiVersion: v1
kind: Secret
metadata:
name: docker.coocla.org.key
type: kubernetes.io/dockercfg
data:
.dockercfg: ewoJImF1dGhzIjogewoJCSJkb2NrZXIuY29vY2xhLm9yZyI6IHsKCQkJImF1dGgiOiAiWkdWMk9tUnZZMnRsY2c9PSIsCgkJCSJlbWFpbCI6ICIiCgkJfQoJfQp9
{ "apiVersion": "v1",
"kind": "Secret",
"metadata": {
"name": "shcom.key",
"namespace": std.extVar("namespace")
},
"data": {
".dockerconfigjson": "[]",
},
"type": "kubernetes.io/dockerconfigjson"
}
以上三种形式自己对号入座,写适合自己的yaml
3. deployment.yaml
{ "apiVersion": "extensions/v1beta1",
"kind": "Deployment",
"metadata": {
"name": std.extVar("stack_deploy_name"),
"namespace": std.extVar("namespace")
},
"spec": {
"replicas": std.extVar("init_replica"),
"template": {
"metadata": {
"labels": {
"app": std.extVar("service_name"), "token": std.extVar("stack_labels_md5")
}
},
"spec": {
"containers": [
{
"name": std.extVar("stack_name"),
"image": std.extVar("container_image"),
"ports": [
{"containerPort": std.extVar("container_port")}
]
}
],
"imagePullSecrets": [
{
"name": std.extVar("repository_secret")
}
]
}
}
}
}
页:
[1]